IP address conditions in AWS IAM policies for enhanced security

Define IP address conditions in AWS IAM policies for enhanced security.

Site24x7 makes programmatic calls to your AWS account using access keys (Secret Access Key and Access Key ID) or RoleARN to gather metrics of supported AWS resources, mentioned in the IAM policy document. For extra security, the user can define conditions under which IAM policies allow access to a particular AWS resource. This can be done when you are creating a new IAM policy or when you are pasting the custom IAM policy (maintained by Site24x7) in the policy editor.

IP address condition operator
Using the conditional operator "IpAddress," you can define conditional elements in the IAM policy assigned to Site24x7. Once setup, the conditional operator will only allow requests originating from the specified IPv4 or IPv6 address. By doing this, you can lock down the AWS IAM policy for your account and ensure only Site24x7's IP addresses can access it. 
The basic format of a conditional element consists of a conditional operator and a key value pair.

Conditional operator: "IpAddress"
Key: "aws:SourceIp"
Value: "Individual IPv4 or IPv6 address or IP address range" 
For unrestricted monitoring of your AWS services, we suggest you whitelist both the IP addresses of our California and Dallas Data centers.

    • Related Articles

    • Getting notified on IP updates

      For an uninterrupted monitoring experience, IP addresses of Site24x7's monitoring locations should be whitelisted in your firewall policy. During any IP related update, Site24x7 will usually notify you via the methods listed below: You'll be promptly ...

    • Monitor and validate DNS IP changes using regex

      DNS administrators often monitor their DNS servers to detect changes in domain resolution and ensure IP mappings remain secure and accurate. Problem When your organization adds or modifies an IP address for your domain name, it’s critical to: Be ...

    • Automating your IP allowlisting

      For an uninterrupted monitoring experience, IP addresses of Site24x7's monitoring locations should be allowlisted in your firewall policy. Read this article to know more. Now, Site24x7 has mapped all the IP addresses of our global monitoring ...

    • Encryption in Site24x7

      Encryption safeguards the contents of a message so that only the intended recipient can read it. Encryption is done by replacing the contents with unrecognizable data, which can be decrypted only by the intended recipient. Thus, data is protected ...

    • How does Site24x7 roll out IP updates to customers?

      Once an IP location update in planned by Site24x7, we make sure our customers are kept informed via email and our community post. This information will be passed onto the customers at least a four days prior to the actual IP being made live. This is ...