All Products
Search

This Product

    API Gateway:Configure an IP address blacklist or whitelist

    Document Center

    API Gateway:Configure an IP address blacklist or whitelist

    Last Updated:Jan 07, 2025

    Cloud-native API Gateway supports IP address blacklists and whitelists to improve security. You can configure a blacklist to deny access from specific IP addresses or configure a whitelist to allow access from specific IP addresses. Cloud-native API Gateway allows you to configure IP address blacklists or whitelists globally or at the domain name or route level. This helps implement fine-grained access control. This topic describes how to configure an IP address blacklist or an IP address whitelist for a Cloud-native API Gateway instance.

    1. Log on to the Cloud-native API Gateway console.

    2. In the left-side navigation pane, click Instance. In the top navigation bar, select a region.

    3. On the Instance page, click the name of the Cloud-native API Gateway instance that you want to manage.

    4. In the left-side navigation pane, choose Security Management > Blacklist/Whitelist.

    5. Click Create in the upper-left corner. In the Create panel, configure the parameters and click Save.

      Parameter

      Description

      Enable

      Enable or disable the IP address blacklist or whitelist.

      Name

      Enter a name for the IP address blacklist or whitelist.

      Remarks

      Enter remarks for the IP address blacklist or whitelist.

      Type

      Select a type of access control list. Valid values:

      • Whitelist (Allows Access from Specific IP Addresses): Only API requests from IP addresses or CIDR blocks in the whitelist are allowed by the Cloud-native API Gateway instance.

      • Blacklist (Denies Access from Specific IP Addresses): API requests from IP addresses or CIDR blocks in the blacklist are blocked by the Cloud-native API Gateway instance.

      Granularity

      The level at which the IP address blacklist or whitelist takes effect. Valid values:

      • Global: The IP address blacklist or whitelist takes effect on the Cloud-native API Gateway instance.

      • Domain Name: The IP address blacklist or whitelist takes effect on specific domains.

      • Routes: The IP address blacklist or whitelist takes effect on specific routes.

        Note

        The IP address blacklist or whitelist takes effect at the following levels in descending order of priority: Routes > Domain Name > Global.

      IP Address/CIDR Block

      Enter the IP addresses or CIDR blocks that you want to add to the IP address whitelist or blacklist.