Investigating
IP restriction for ingress integration via Service Credentials
| Request for Feature Enhancement (RFE) Summary: |
Restrict IP access for ingress integration that use Service Credentials on AEMasCS author without putting the whole environment behind vpn |
| Use-case: | The third-party connector leverages Service Credentials to access AEM as a cloud Author. It uses POST and Sling Post requests for updates in AEM. We want to make sure that if the credentials are compromised, nobody would be able to make any updates to the production environment from IPs that are not whitelisted. While the environment should be still publicly accessible. |
| Current/Experienced Behavior: | No IP restrictions per Service Credentials/Integration |
| Improved/Expected Behavior: | It is possible to restrict the access for the integrations per IP |
| Environment Details (AEM version/service pack, any other specifics if applicable): | AEM as a Cloud Service |
| Customer-name/Organization name: | Macys |
| Screenshot (if applicable): | |
| Code package (if applicable): |