You can configure the IP address whitelist to allow CloudSSO users to log on to the CloudSSO user portal from only specified IP addresses. This enhances access security.
Limits
You can add up to 100 IP addresses or CIDR blocks to the IP address whitelist.
The IP address whitelist takes effect only on CloudSSO users who want to log on to the CloudSSO user portal. The IP address whitelist does not take effect on CloudSSO users who access accounts in a resource directory from the CloudSSO user portal.
Procedure
Log on to the CloudSSO console.
In the left-side navigation pane, click Settings.
In the Login Preference section, click Edit.
In the Login Preference dialog box, add IP addresses or CIDR blocks to the IP address whitelist.
Click Ok.
Result
After you configure the IP address whitelist, all CloudSSO users can log on to the CloudSSO user portal only from the IP addresses or CIDR blocks in the whitelist. Logons from IP addresses that are not in the whitelist are denied.
References
Log on to the CloudSSO user portal and access Alibaba Cloud resources