Ability to filter who can access a cloudstack resource set (possibly domain or...) based on his IP address besides username-password. #10396
Replies: 2 comments
-
|
Is this a popular request? Are there other ways to implement filtering? |
Beta Was this translation helpful? Give feedback.
-
|
Hello, @alsko-icom
Currently, Apache CloudStack does not support this functionality. A functionality that similarly encompasses the described use case is the GUI whitelabel runtime system, proposed in the PR #8942. The new proposed APIs support a parameter called
What Apache CloudStack allows the operator to control is the IPv4/IPv6 CIDRs from which API calls can be performed. This can be configured through the
One option to achieve tenant isolation is through domains. Multiple accounts of a customer can be grouped into a single domain. Another option is to create an account for a customer and create users for that account as needed. |
Beta Was this translation helpful? Give feedback.
-
The required feature described as a wish
As a a Cloudstack admin, who recently implemented v4.20 for the first time, I am wondering if we can filter which IP address/network can access a set of resources, a domain, subdomain, account, anything that you can offer. Can we maybe access a domain or subdomain through a direct URL without typing it on the box underneath the password? This might mean injecting the domain path on the URL. but the actual need is to filter based on source IP, the connection to the end user UI specific dashboard. In other words allow a user to reach a specific domain or set of virtualization resources. Is something like this implemented? Also, is there a guide out there to describe the methods to achive isolation per tenant/customer?
Beta Was this translation helpful? Give feedback.
All reactions