Configure file storage access to specific IP addresses or subnets
You can customize access to file storage:
- to all IP addresses on the private subnet where the storage is located;
- to certain IP addresses;
- to other private subnets.
To customize access to the file storage, you need to add rules or delete rules. You can select a specific access level for each rule . Rules can be added:
- when creating file storage;
- or existing file storage.
Access levels
Depending on the file storage protocol, you can assign an access level to the storage:
- for CIFS SMBv3 — read and write
(rw); - for NFSv4 — read only
(ro), read and write (rw).
Add rule
The new list of access rules for file stores with NFSv4 protocol is applied within 15 minutes of adding or removing rules.
Rules are applied in order in the list — from top to bottom:
- the rule of access to the storage from any IP address of the private subnet
(0.0.0.0.0/0); - access rules from private subnets (for example,
192.168.0.0.0/29); - access rules from specific IP addresses (e.g.
192.168.0.10).
For example, if the rules 0.0.0.0.0/0, 192.168.0.0.0/29, 192.168.0.1 are added, the storage will be accessible from any IP address on the private subnet.
To add a rule:
-
In the Control Panel, on the top menu, click Products and select File Storage.
-
Open the File Storage page → Access Rules tab.
-
Click + Add Rule.
-
Enter the IP address or CIDR of the private subnet.
-
Select the access level.
-
Optional: enter a comment for the rule.
-
Click Save.
-
Optional: to add an additional rule, click + Add Rule.
Delete rule
The new list of access rules for file stores with NFSv4 protocol is applied within 15 minutes of adding or removing rules.
-
In the Control Panel, on the top menu, click Products and select File Storage.
-
Open the File Storage page → Access Rules tab.
-
In the rule bar, click .
-
Click Delete.