Configure file storage access to specific IP addresses or subnets
File storage can be accessed:
- to all IP addresses on the private subnet where the storage is located;
- to specific IP addresses;
- to other private subnets.
To grant access, you need to add rules. You can customize the access rules:
- at file storage;
- or existing file storage-- add rules or remove the rules.
For each rule, you can select a specific access level.
Access levels
Depending on the file storage protocol, you can assign an access level to the storage:
- for CIFS SMBv3 read and write (
rw); - for NFSv4 is read-only (
ro), read and write (rw).
Add rule
The new list of access rules for file stores with NFSv4 protocol is applied within 15 minutes of adding or removing rules.
Rules are applied in order in the list — from top to bottom:
- rule to access the storage from any IP address on the private subnet (
0.0.0.0/0); - Access rules from private subnets (for example,
192.168.0.0/29); - rules for access from specific IP addresses (e.g,
192.168.0.10).
For example, if rules are added 0.0.0.0/0, 192.168.0.0/29, 192.168.0.1The storage will be accessible from any IP address of the private subnet.
To add a rule:
-
В control panels from the top menu, press Products and select File storage.
-
Open the file storage page → tab Access rules.
-
Click + Add a rule.
-
Enter the IP address or CIDR of the private subnet.
-
Select access level.
-
Optional: enter a comment for the rule.
-
Click Save.
-
Optional: to add an additional rule, press + Add a rule.
Delete rule
The new list of access rules for file stores with NFSv4 protocol is applied within 15 minutes of adding or removing rules.
-
В control panels from the top menu, press Products and select File storage.
-
Open the file storage page → tab Access rules.
-
On the rule line, click .
-
Click Delete.