Creating allow and deny lists for an app is easy with CloudEnv.
Just open the app’s page from the CloudEnv Dashboard and scroll down to see a section like this.
You can press the purple plus button to add a new Allow or Deny subnet
When you are adding a new IP address or subnet, you can check one of two boxes:
1) Notify Organization Admins When Env Vars Are Accessed from This IP Address 2) Require Email Authorization from Organization Admins Before Allowing This IP Address
The first box will send an email to all of an organizations admin accounts whenever the secrets are accessed from this block. This allows you to keep a close eye on certain IP addresses.
This email will look like this:
You can also setup notification for the Deny list and get an email any time any access is denied.
The second box will block the attempt until an admin actually manually approves access.