-
Suggestion
-
Resolution: Unresolved
-
None
-
3
-
At present, it is possible to set up an allowlist but this limits access to an entire product. This is a Suggestion to implement a feature in which once a new API key is created, it be possible to configure an allowlist that applies only to usage of this one key. ie. only certain addresses/subnets can use that particular key and so forth.
Further use case:
Currently, with Atlassian Guard, we can enforce IP Whitelist to limit access to Atlassian from trusted IPs only, but it is applied to the entire Org and affects all users, it is not flexible and causes a high impact for deployment. So, it is better if we can apply an IP restriction for each User API token or Admin API key only, it will be better for client and it is similar to other solutions like Github cloud, Terraform cloud, Sendgrid cloud, Tenable cloud, AWS, GCP, Azure, etc