IP address conditions in AWS IAM policies for enhanced security

Define IP address conditions in AWS IAM policies for enhanced security.

Site24x7 makes programmatic calls to your AWS account using access keys (Secret Access Key and Access Key ID) or RoleARN to gather metrics of supported AWS resources, mentioned in the IAM policy document. For extra security, the user can define conditions under which IAM policies allow access to a particular AWS resource. This can be done when you are creating a new IAM policy or when you are pasting the custom IAM policy (maintained by Site24x7) in the policy editor.

IP address condition operator
Using the conditional operator "IpAddress," you can define conditional elements in the IAM policy assigned to Site24x7. Once setup, the conditional operator will only allow requests originating from the specified IPv4 or IPv6 address. By doing this, you can lock down the AWS IAM policy for your account and ensure only Site24x7's IP addresses can access it. 
The basic format of a conditional element consists of a conditional operator and a key value pair.

Conditional operator: "IpAddress"
Key: "aws:SourceIp"
Value: "Individual IPv4 or IPv6 address or IP address range" 
For unrestricted monitoring of your AWS services, we suggest you whitelist both the IP addresses of our California and Dallas Data centers.

    • Related Articles

    • Automating your IP whitelisting

      For an uninterrupted monitoring experience, IP addresses of Site24x7's monitoring locations should be whitelisted in your firewall policy. Read this article to know more.Now, Site24x7 has mapped all the IP addresses of our global monitoring locations ...

    • How to provide ReadOnly access to your AWS resources via the AWS IAM console?

      Site24x7 makes programmatic API calls to your AWS resources to collect performance metrics and metadata. For this to occur, you (AWS account holder) need to grant access and connect your AWS account with Site24x7. An AWS account holder can grant ...

    • Set up a password expiry policy

      Zoho Single Sign on lets you set a password policy for a more secure login to your Site24x7 account. Setting a password policy lets you,  define how often the password for your organization users needs to be reset define how complex your password ...

    • How to define the Group Policy Management when bulk adding Windows servers via Active Directory?

      Go to Start > Administrative Tools > Group Policy Management Right click on your domain and select Create a GPO in this domain, and Link it here in the console tree. Provide a name for New GPO. Right click on the new GPO and select Edit. This will ...

    • Enable IP restriction to secure login to my Site24x7 account

      You can control access to your Site24x7 account by configuring trusted IP addresses and allowing login only from those IP addresses.  Please follow the below steps to configure/manage your trusted IP addresses for a single user: Login to your ...