Implementing IP-Based Access Control for workspaces
Is there a way to limit access to workspace based on the source IP address? I am developing an application that utilizes the Coder's REST API. A workspace may have a distinct set of allowed or prohibited IP addresses. Is there a good solution available for this?
4 Replies
<#1233456214852239432>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
What is the use case?
You can host Coder behind a webproxy and limit access to the deployment.
For workspace access, coder binary is used which requires a valid session token
I was going to recommend firewalls or web proxies as well.
I have an instance set up behind Cloudflare, and Cloudflare has a setup where you can define rules based on geo location, ASNs, specific IPs, etc. Works well and you get like 3 rules for free. A single rule can have a ton of criteria and complexity if you want.
But that is for the Coder deployment. The question is about limiting access to specific IPs per workspace.
Like matching workspaces with IPs