Skip to main content

Allowlist for Sonatype Cloud

The Sonatype Cloud Allowlist filters inbound traffic to the service by IP address. This feature blocks inbound traffic unless the IP address is found in the accessAllowlist set by the Configuration REST API.

Classless Inter-Domain Routing

Classless Inter-Domain Routing (CIDR) is a method for allocating IP addresses for IP routing. [source]

Single IP addresses and IP address ranges using CIDR notation can be added to the Allowlist. The Allowlist supports both IPv4 and IPv6 IP addresses. A description field is also supported to help keep track of IP addresses. Invalid CIDR IP addresses are interpreted as a single IP address, not an IP address range.

Update the accessAllowlist

Users with the Edit System Configuration and Users permission to self-service the access Allowlist using the Configuration REST API.

The property is a JSON list of allowed inbound IP or CIDR addresses, with descriptions.

{
  "accessAllowlist": [
    {
      "ipAddress": "192.168.33.67",
      "description": "User IP address"
    },
    {
      "ipAddress": "223.225.0.0/18",
      "description": "IP address range CIDR notation"
    }
  ]
}

System Allowlist

The System Allowlist is added to the config.yml to store user admin and infrastructure IP addresses. This configuration is modified through a support ticket.

# System IP Address Filter Allowlist
# Supports single IP address and IP address range in CIDR notation
systemAllowlist:   
  - ipAddress: 223.223.0.0/18
    description: Customer Monitor IP range CIDR Notation
  - ipAddress: 223.223.33.66
    description: Customer Admin IP for REST API Access