Configure file storage access to specific IP addresses or subnets
You can customize access to the file storage by adding rules. You can open access to the storage:
- to all IP addresses on the private subnet where the storage is located;
- to specific IP addresses;
- to other private subnets.
For each rule, you can select access level.
You can customize access rules by file storage or existing file storage-- add rules or remove the rules.
Access levels
Depending on the file storage protocol, you can assign an access level to the storage:
- for CIFS SMBv3 read and write (
rw); - for NFSv4 is read-only (
ro); read and write (rw).
Add rule
The new list of access rules for file stores with NFSv4 protocol applies up to 15 minutes after rules are added or removed.
Rules are applied in order in the list — from top to bottom:
- rule to access the storage from any IP address on the private subnet (
0.0.0.0/0); - Access rules from private subnets (for example,
192.168.0.0/29); - IP address access rules (e.g,
192.168.0.10).
For example, if rules are added 0.0.0.0/0, 192.168.0.0/29, 192.168.0.1The storage will be accessible from any IP address of the private subnet.
To add a rule:
- В control panels go to Cloud platform → File storage.
- Open the file storage page → tab Access rules.
- Click Add rule.
- Enter the IP address or CIDR of the private subnet.
- Select access level.
- Optional: enter a comment for the rule.
- Click Save.
- Optional: to add an additional rule, press + Add a rule.
Delete rule
The new list of access rules for file stores with NFSv4 protocol applies up to 15 minutes after rules are added or removed.
- В control panels go to Cloud platform → File storage.
- Open the file storage page → tab Access rules.
- On the rule line, click .
- Click Delete.