Create & Delete Static IP Rules

Admin Only

Static IP rules are only available to organization administrators. The number of rules you can create depends on your plan (Free: 1, Paid: unlimited, usage-based).

Creating a Rule

Navigate to Static IPs under the Admin section in the sidebar.

Click Add Rule.
Fill in the form:
- Label — A descriptive name (e.g., "NYC Office")
- IP Address — An IPv4/IPv6 address or CIDR range (e.g., 203.0.113.10, 10.0.0.0/8, or 0.0.0.0/0)
- Resources — Check the resources to apply the rule to. Each resource is listed with its provider badge.
Click Create.

The rule appears in the rules table. EntryGuard immediately applies the IP to all selected resources.

info

If no resources are available, you'll see "No resources available" in the form. Add resources on the Resources page first.

Rules Table

Column	Description
(Expand)	Click to expand and see per-resource details
Label	Rule display name
IP Address	The whitelisted IP
Status	Rule status badge
Resources	Number of resources the rule applies to
Created	When the rule was created
(Delete)	Delete the rule

Status Indicators

ACTIVE (green) — IP applied to all resources
PARTIAL (yellow) — Applied to some resources, failed on others
PENDING (blue) — Application in progress
FAILED (red) — Failed to apply

Viewing Rule Details

Click a rule row to expand it and see per-resource details:

The creator's email address
Each resource's name, applied timestamp, status, and any error messages

Deleting a Rule

Click the delete button (trash icon) on the rule row.

When deleted:

The IP is immediately revoked from all associated resources
Security group entries are removed
The rule is permanently deleted

warning

This action cannot be undone. To re-add the IP, you must create a new rule.

IP Address Validation

IPv4 addresses are accepted (e.g., 203.0.113.10)
IPv6 addresses are accepted (e.g., 2001:db8::1)
CIDR ranges are supported (e.g., 10.0.0.0/8, 192.168.0.0/16, 0.0.0.0/0)
IPv6 CIDR ranges are supported (e.g., 2001:db8::/32)
Hostnames are not supported

CIDR Range Examples

CIDR	Description
`203.0.113.10`	Single host
`203.0.113.0/24`	256 addresses (203.0.113.0 – 203.0.113.255)
`10.0.0.0/8`	All 10.x.x.x addresses
`0.0.0.0/0`	All IPv4 addresses (open access)
`::/0`	All IPv6 addresses (open access)

warning

Using wide CIDR ranges like 0.0.0.0/0 opens the resource to all traffic. Use this only when intentional, such as for a development environment or a resource behind an additional authentication layer.

Best Practices

Descriptive labels — Use clear names that identify the source (e.g., "NYC Office - 5th Floor")
Regular audits — Periodically review rules and delete unused ones
Minimize scope — Only apply rules to resources that truly need permanent access
Use specific CIDRs — Prefer specific ranges over 0.0.0.0/0 when possible

Next Steps

Static IP Rules overview →

API Reference: For programmatic access, see Create Static IP Rule.

Creating a Rule​

Rules Table​

Status Indicators​

Viewing Rule Details​

Deleting a Rule​

IP Address Validation​

CIDR Range Examples​

Best Practices​

Next Steps​