DigitalOcean

Report this

What is the reason for this report?
Question

Can we have better IP whitelist management?

Posted on October 23, 2024
Networking
BigDarkBlueJellyfish

By BigDarkBlueJellyfish

When whitelisting droplets or databases, we have the ability to add multipe IP addresses to whitelist.

When there’s only a handful, that’s fine, but if we have a complex network with several IPs, internal and external, the list of whitelisted IPs is just that. A list of IPs.

It would be amazing if we could add a ‘name’ to an IP so we can see what each IP referrs to. We have this documented - but instead of switching out to external documentation back and forth, it would be great if this was part of the IP management screen.

This helps us ensure that redundant IPs are services can be removed if needs be. Additional points if there was an audit trail for the user that added and removed these IPs.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Bobby
Bobby
October 24, 2024

Hey,

Great idea, sounds like it’d be super useful!

The best thing to do to get your voice heard regarding this would be to head over to our Product Ideas board and post a new idea, including as much information as possible for what you’d like to see implemented.

https://ideas.digitalocean.com/

In the meantime, you might want to check out using tags for your Droplets to help organize them and keep track of what’s what. You can find more about how to use tags here:

https://docs.digitalocean.com/glossary/tag/

That would still not help with external IP addresses though as you’ve mentioned.

Hope that helps!

- Bobby

0
alexdo
alexdo
October 26, 2024

You could tag your droplets based on their functions (e.g., web-server, database, staging) to get a quick overview. However, as you’ve noted, this doesn’t cover external IP addresses, which would still need to be tracked separately.

For external IP tracking, here are a few tips to consider in the meantime:

  1. Centralize IP Documentation: Use tools like Airtable or Google Sheets to document external IP addresses and their purposes. With column-based views, you can categorize IPs by purpose, status, or location, allowing easy filtering and updates.

  2. Consider Local Firewalls: If you manage a server-side firewall (like UFW on Ubuntu), you could name rules for specific IPs. For example, using comments like ufw allow from 1.2.3.4 comment 'Office VPN' can help track rules locally.

  3. Automate Documentation Updates: Using scripts to pull IP data and update documentation might be helpful if you’re frequently making changes. Tools like Ansible can be helpful in both setting up rules and creating logs to track these actions.

Hope that this helps!

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.