Define IP address conditions in AWS IAM policies for enhanced security.
Site24x7 makes programmatic calls to your AWS account using access keys (Secret Access Key and Access Key ID) or RoleARN to gather metrics of supported AWS resources, mentioned in the IAM policy document. For extra security, the user can define conditions under which IAM policies allow access to a particular AWS resource. This can be done when you are creating a new IAM policy or when you are pasting the custom IAM policy (maintained by Site24x7) in the policy editor.
IP address condition operator
Using the conditional operator "IpAddress," you can define conditional elements in the IAM policy assigned to Site24x7. Once setup, the conditional operator will only allow requests originating from the specified IPv4 or IPv6 address. By doing this, you can lock down the AWS IAM policy for your account and ensure only Site24x7's IP addresses can access it.
The basic format of a conditional element consists of a conditional operator and a key value pair.
Conditional operator: "IpAddress"
Value: "Individual IPv4 or IPv6 address or IP address range"