Restrict network access to services#

By default, Aiven services are publicly accessible, but you can restrict access to your service to a single IP, an address block, or any combination of both.


IP filters apply to publicly-accessible endpoints only.

  1. Log in to Aiven Console.

  2. On the Services page, select the service you want to restrict.

  3. On the Overview page of your service, scroll down to Allowed IP addresses, and select Change.

  4. In the Allowed inbound IP addresses window, enter your address or address block using the CIDR notation, and select the + icon to add it to the list of the trusted IP addresses.


    You can add multiple addresses or address blocks or combination of both at once.

  5. Select Close.


Now your service can be accessed from the specified IP addresses only.

Alternative method

You can also use the dedicated service update function to create or update the IP filter for your service via the Aiven CLI.

See also

For more ways of securing your service, check information on Virtual Private Cloud (VPC) in Networking with VPC peering and Configure VPC peering.