Securing UI Access with IP-Based Controls

Before you begin

To configure trusted IP addresses for UI access, you must have Administrator privileges for the account.

Configuring trusted IP access

1. Sign in to IBM Cloud. Log in to your IBM Cloud account.

2. From the IBM Cloud Console, navigate to Manage > Context-based restrictions.

   

3. From the Navigation pane, click Rules.

4. Click Create+. The New rule page opens. Select watsonx.data service from the list.

   

   

5. Click Next. Select all APIs. Define the APIs that you want to protect to narrow the scope of a rule's restrictions. See Defining the scope of a rule.

   

6. Click Next. From Resources, select Specific resource option and choose watsonx.data. You can review the selection.

7. Click Continue. Specify the contexts from where your resource can be accessed. See Contexts.

   Turn On the Endpoints to specify the endpoint that receives the connection. Only Public endpoints are supported.

   

   From the Network zones, click Create and list the IP addresses that needs to be allowed in the Allowed IP addresses field. You can also list the IP addressed that needs to be denied access in the Denied IP addresses field. See Network zone.

   

8. From the Reference a service section, select watsonx.data as the service. Click Continue.

   

9. You can decide how you want to enforce a rule upon creation and update the rule enforcement at any time. See Rule enforcement.

   

10. Click Create. The rule is created successfully.

For more information, see Creating context-based restrictions and Enforcing context-based restrictions.

Limitation

Context-based restrictions does not work for account-scoped lite instances.