Starting today, you can add an extra layer of security in connecting to your database by defining which IP addresses can connect to each database branch. Giving your organization the tools you need to operate your databases securely is a top priority, and IP restrictions, launching today in beta, are one additional way to provide an extra layer of security.
While PlanetScale passwords have limited access by default, with each password valid for a single specific branch, some organizations may prefer or even require more stringent access control. IP restrictions let admins specify the ranges of IP addresses allowed to connect for a given password.
Examples of when you may want to use IP restrictions:
- You want to segment database access so that the production database can only be connected to from production environments or development branches.
- You use a bastion in production and want to ensure that all database connections originate or pass through the bastion.
- You want to allow a single client to be able to access your database (e.g., for debugging) and want to provide the least amount of access for them to do so.
- You have compliance requirements that require implementing a more stringent access control list in your database.
We know that security is of utmost importance in operating databases, and we hope that IP restrictions provide one more tool for you to help manage your production systems. To learn more, please visit our IP restrictions documentation.