GitHub user bernardodemarco added a comment to the discussion: Ability to filter who can access a cloudstack resource set (possibly domain or...) based on his IP address besides username-password.
Hello, @alsko-icom > Can we maybe access a domain or subdomain through a direct URL without typing > it on the box underneath the password? Currently, Apache CloudStack does not support this functionality. A functionality that similarly encompasses the described use case is the GUI whitelabel runtime system, proposed in the PR #8942. The new proposed APIs support a parameter called `commonnames`, that enables a theme to be retrieved according to a set of Internet common names. Therefore, for example, the operators can configure a dark theme to be retrieved when the users access a URL with the `dark` subdomain (e.g.: `dark.acme.com`). > the actual need is to filter based on source IP, the connection to the end > user UI specific dashboard What Apache CloudStack allows the operator to control is the IPv4/IPv6 CIDRs from which API calls can be performed. This can be configured through the `api.allowed.source.cidr.list` global configuration, and it can be overwritten on account level as well. > Also, is there a guide out there to describe the methods to achieve isolation > per tenant/customer? One option to achieve tenant isolation is through domains. Multiple accounts of a customer can be grouped into a single domain. Another option is to create an account for a customer and create users for that account as needed. GitHub link: https://github.com/apache/cloudstack/discussions/10396#discussioncomment-12239445 ---- This is an automatically sent email for users@cloudstack.apache.org. To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
