Public Accessibility Allow List

Some of your Instance or Container resources may be deliberately accessible from the public internet, and as such, you may not want them flagged as non-compliant. To prevent flagging Insights and increasing your risk score, you need to update the Public Accessibility Allow List. Domain Admins can add allow list entries for Classless Inter-Domain Routing (CIDR) blocks of IP addresses (IPv4 or IPv6), domain names, or Kubernetes services manually or using a CSV file.

⚠️

Public Accessibility Allow List support

The Public Accessibility Allow List can only override public accessibility status for the Instance or Container (AWS EKS only) resource type. InsightCloudSec calculates public accessibility using the Compute Instance Open To The Public and Container Open to the Public Insights for Instances and Containers respectively. To determine if another resource type is publicly accessible, view Assess public accessibility.

Adding or managing single CIDR blocks or domains

To add a value:

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility.
  3. Choose which value type to add:
    1. For adding a CIDR block, click the IP tab.
    2. For adding a domain, click the Domain tab.
  4. Click Add > Add Value.
  5. Provide a value and an optional description. For domains, you also need to provide an operator.
  6. Click Save.

To edit a value:

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility.
  3. Choose which value type to edit:
    1. For a CIDR block, click the IP tab.
    2. For a domain, click the Domain tab.
  4. Click the Action menu (…) > Edit Value next to the value you want to edit.
  5. Adjust the values or description as necessary.
  6. Click Save.

To delete a value:

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility.
  3. Choose which value type to delete:
    1. For a CIDR block, click the IP tab.
    2. For a domain, click the Domain.
  4. Click the Action menu (…) > Delete Value next to the value you want to delete.
  5. Click Delete to confirm the deletion.

Adding or managing multiple CIDR blocks or domains

You can add multiple allow list values at the same time using a CSV file, but it needs to follow a specific format. If you are adding CIDR blocks, your comma-separated values need the following format: <CIDR block>,<notes>. For example, 10.10.1.0/24,my first subnet. If you are adding domains, your comma-separated values need the following format: <domain>,<operation>,<notes>. For example, my-domain,startswith,all of my-domain. The following is an example CSV:

domain,op,notes gcp-compute-instance,startswith,gcp-compute-instance.dns-zone.rapid7.com eastus2.cloudapp.azure.com,equals,eastus2.cloudapp.azure.com id-id2.elb.us-east-2.amazonaws.com,equals,"Instance" id.us-east-2.compute.internal NIC ec2-id.us-east-2.compute.amazonaws.com LB id1-id2.elb.us-east-2.amazonaws.com" test.com,endswith,test desc

To add multiple values (.csv file upload):

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility.
  3. Choose which value type to add:
    1. For adding multiple CIDR blocks, click the IP tab.
    2. For adding multiple domains, click the Domain.
  4. Click Add > Import CSV.
  5. Click Choose File. A local file browser opens.
  6. Select a local .csv file and then click Open.
  7. Click Import.

To delete multiple values:

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility.
  3. Choose which value type to delete:
    1. For a CIDR block, click the IP tab.
    2. For a domain, click the Domain tab.
  4. Select the checkbox next to the values you want to delete.
  5. Click Delete to confirm the deletion.

Adding or managing Kubernetes services

To add a Kubernetes service:

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility > Kubernetes Service.
  3. Click Add > Add Value.
  4. Select a Kubernetes Cluster and Service.
  5. Optionally, enter a description.
  6. Click Save.

To add multiple Kubernetes services with a CSV file:

You can upload a .csv file to add multiple services. The file must have the following format: <cluster-name>,<service-name>,<notes>.

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility > Kubernetes Service.
  3. Click Add > Import CSV.
  4. Click Choose File. A local file browser opens.
  5. Select a local .csv file and then click Open.
  6. Click Import.

To edit or delete an allowed Kubernetes service:

  1. Log in to InsightCloudSec as a Domain Admin.
  2. Navigate to Settings > System Administration > Public Accessibility > Kubernetes Service.
  3. Select the checkbox next to the services you want to manage.
  4. Click Action (…) then the relevant action.