Static IP Rules Overview
Admin Only
Static IP rules are only available to organization administrators. The number of rules you can create depends on your plan (Free: 1, Starter: 5, Team: 15, Business: unlimited).
Static IP rules provide permanent IP whitelist entries that don't expire, unlike session-based rules.
What Are Static IP Rules?
Static IP rules let you permanently whitelist specific IP addresses on cloud resources without requiring active sessions. They're ideal for:
- Office Networks — Whitelist your office's public IP address
- VPN Gateways — Grant access to users connecting through a company VPN
- CI/CD Runners — Permanently allow your build servers
- Partner Access — Grant third-party vendors persistent access
Static Rules vs Sessions
| Feature | Static IP Rules | Sessions |
|---|---|---|
| Duration | Permanent (until deleted) | Temporary (expires after duration) |
| Who can create | Admins only | All users (based on roles) |
| Use case | Fixed infrastructure | Dynamic user access |
| Automatic cleanup | No | Yes |
| IP changes | Must update manually | Auto-detected per session |
How They Work
- An admin navigates to Static IPs and clicks Add Rule
- Enters a label, IP address, and selects resources
- EntryGuard applies the IP to all selected resources
- The IP remains whitelisted indefinitely
- An admin can delete the rule to revoke access from all resources
Next Steps
API Reference: For programmatic access, see Static IP Rules API.