Controlling access with Shield


IP allowlist management is available only to Shield subscribers on Cloud Platform Enterprise, and is not available for Site Factory.

Shield enables you to configure IP address allowlisting for occasions when you must restrict SSH access to the web servers in your subscription.


Shield imposes a limit of 25 IP addresses or CIDR ranges.


Enabling allowlisting in Shield

To limit SSH access to your infrastructure for all applications in your subscription:

  1. Sign in to the Cloud Platform interface with the Owner or Administrator role, and then select the application you want to work with.

  2. In the menu to the left, click Security.

  3. Click Shield.

  4. Click Add Rule.

  5. In the Rule Name field, enter a name less than 90 characters in length.

  6. In the IP address(es) or range section, select one of the following options:

    • Enter manually: Enter one or more addresses (such as in the text area.

    • Import a CSV file: Drag a text file containing one or more IP addresses (such as into the text area.


    You can separate several IP addresses by a space, comma, or line breaks. You can also use CIDR ranges, such as:

  7. Click Save.

    The system refreshes the webpage and displays a list of all allowlisting rules.