Hi guys,
We have a list of IP addresses which belong to our company. We would like to restrict access to Octopus Deploy using this list. Is there best practices to do it? How do you solve this task?
Thank you in advance!
Kind regards,
Denis Titusov
Hi Denis,
Thanks for getting in touch.
Octopus does not include a way to restrict access by IP address. As far as best practices, you’re looking for what is called a “Network ACLs” (Access Control List). I’ve used these in Azure to lock down virtual machines to a range of IP addresses, and there’s an equivalent for AWS. Specific instructions will depend on where your machines are hosted. But if you google search for “network acls” that will get you started.
Hope this helps.
Cheers
Mark
Hi Mark,
Thank you for information. I was curious whether this is possible to include this feature in future Octopus releases?
Kind regards,
Denis Titusov
Hi Denis,
While this is not on our roadmap, you could submit a Uservoice suggestion and if it gets enough votes we would consider designing this feature in the future.
Alternatively, in Octopus 3.5 we have open-sourced the authentication providers for Octopus, so you could essentially roll-your-own 
The documentation on Server Extensibility would be a good place to start.
Hope this helps
Mark
Thank you for information, Mark.