For enhanced control and security over your data, you can specify the IP addresses that are allowed to connect to your watsonx.governance as a Service on AWS service instance.
By default, all IP addresses can be used to log in to watsonx.governance as a Service on AWS and access the API.
Before you begin
- Make sure that you have a watsonx.governance as a Service on AWS instance. If you need to create an instance, see Setting up your watsonx.governance environment on AWS.
- To do these tasks, you need to be a Service Admin or the Service Owner.
- You need the URL for managing your instance. You can get the URL from the IBM SaaS Console. View the list of your instances, find the instance that you want to work with, and then click Open.
Setting up allowed IP addresses
To set allowed IP addresses, do the following steps:
-
Go to the URL for your instance to open the watsonx.governance Instance Management console.
-
Click the Settings tab.
-
In the IP Allowlisting table, click New.
-
Enter an IP address (IPv4 or IPv6) or specify a range (CIDR). Type a description, and then click Save.
For information about CIDR, see What is CIDR.
The IP addresses listed in the IP Allowlisting table are the only ones from which clients can access watsonx.governance as a Service on AWS.
Removing IP addresses from the allowlist
If you remove all of the entries in the IP Allowlisting table, any IP addresses can access the instance. This is the default configuration.
To remove IP addresses from the IP Allowlisting table, do the following steps:
-
Go to the URL for your instance to open the watsonx.governance Instance Management console.
-
Click the Settings tab.
-
In the IP Allowlisting table, click the Delete icon in the Actions column.
The IP address is removed from the IP Allowlisting table.
Parent topic: Managing your watsonx.governance environment on AWS (ongoing maintenance)