On-premises storage solutions in companies can cause increasingly higher maintenance and hardware costs.
At EBERTLANG, we offer you 100% S3-compatible storage with
EL storage, which is up to 80% cheaper than other providers, works together with common backup solutions such as
Altaro and
BackupAssist, and is available from as little as 1TB.
The technology behind is based on Wasabi.
To restrict access to the contents of an EL storage bucket to specific public IP addresses (e.g. the WAN IP of the firewall or the public IP of the hosted VM at the provider), you must configure a policy for the bucket.
To do this, log in to your web console at
https://console.wasabisys.com/#/login, click on
Buckets → Actions → Settings to open the configuration of the relevant bucket.
Now switch to the Policies tab. Here you need to configure the following policy for the bucket:
{
"Id": "Policy1512590315712",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1512590314407",
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Action": "*",
"Resource": [
"arn:aws:s3:::my-bucket",
"arn:aws:s3:::my-bucket/*"
],
"Condition": {
"NotIpAddress": {
"aws:SourceIp": ["179.22.0.0/16","129.34.67.24/32"]
}
}
}
]
}
For "my-bucket" you must insert the name of the bucket for which you configure the policy. For "aws:SourceIp", you must specify in the square brackets the IPs or IP ranges that are allowed to access the bucket (see example).
Explanation:
179.22.0.0/16 restricts all IP addresses within the /16 subnet.
129.34.67.24/32 restricts exactly this specific IP address.
If a green tick appears above the code window, the policy is valid. If a red cross appears, it may contain a formatting error. However, the statement often lacks closing braces, curly braces, or square brackets.