From 1c8dccc7490fc606778388c6fcd138fe63e56a67 Mon Sep 17 00:00:00 2001
From: Benedikt Rollik <brollik@online.net>
Date: Wed, 10 Jul 2024 11:33:49 +0200
Subject: [PATCH 1/6] feat(k8s): add acl docs

---
 .../kubernetes/how-to/manage-allowed-ips.mdx  | 49 +++++++++++++++++++
 menu/navigation.json                          |  6 ++-
 2 files changed, 54 insertions(+), 1 deletion(-)
 create mode 100644 containers/kubernetes/how-to/manage-allowed-ips.mdx

diff --git a/containers/kubernetes/how-to/manage-allowed-ips.mdx b/containers/kubernetes/how-to/manage-allowed-ips.mdx
new file mode 100644
index 0000000000..9c9eda32c4
--- /dev/null
+++ b/containers/kubernetes/how-to/manage-allowed-ips.mdx
@@ -0,0 +1,49 @@
+---
+meta:
+  title: Managing allowed IP addresses for Kubernetes products
+  description: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions efficiently with our step-by-step guide.
+content:
+  h1: Managing allowed IP addresses for Kubernetes products
+  paragraph: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions efficiently with our step-by-step guide.
+tags: kubernetes kapsule kosmos
+dates:
+  validation: 2024-07-10
+  posted: 2024-07-10
+categories:
+  - containers
+---
+
+Restricting IPs on Kubernetes Kapsule or Kosmos clusters enhances security by limiting access to only trusted sources, thereby reducing the risk of unauthorized access and potential attacks.
+This control ensures that only specific IP addresses or networks can interact with your clusters, providing an additional layer of protection.
+The default entry `0.0.0.0/0` enables any host to establish a connection.
+
+<Macro id="requirements" />
+
+- Scaleway account logged into the [Scaleway console](https://console.scaleway.com)
+- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing actions in the intended Organization
+- [Created](/containers/kubernetes/how-to/create-cluster) a Kubernetes Kapsule or Kosmos cluster
+
+<Message type="note">
+  Allowed IP configuration is available for public networks only.
+</Message>
+
+## How to add an IP address
+
+1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The Kubernetes Kapsule dashboard appears.
+2. Select the cluster you wish to configure. The **Cluster information** page opens.
+3. Click the **Allowed IPs** tab to view your current list.
+4. Click **Add allowed IP**. Enter the IP address or IP block in CIDR format (e.g. `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block).
+    <Message type="note">
+      To restore default settings and allow connections from all IPs, add `0.0.0.0/0` to the list.
+    </Message>
+
+<Message type="important">
+    For **Kosmos** multi-cloud clusters, allow connections from all Scaleway IP subnets to ensure proper functionality. Access from these IPs cannot be restricted. Refer to our [peering information](https://www.scaleway.com/en/peering/) for details on all Scaleway IP prefixes.
+</Message>
+
+## How to delete an IP Address
+
+1. Locate the IP address in your allowed list.
+2. Click <Icon name="more" /> and choose **Delete**.
+3. Confirm by typing **DELETE** in the pop-up.
+4. Click **Delete allowed IP** to confirm deletion.
\ No newline at end of file
diff --git a/menu/navigation.json b/menu/navigation.json
index 7a2adedaa9..0673f58955 100644
--- a/menu/navigation.json
+++ b/menu/navigation.json
@@ -1348,6 +1348,10 @@
                     "label": "Manage a Kosmos cluster",
                     "slug": "edit-kosmos-cluster"
                   },
+                  {
+                    "label": "Manage allowed IPs",
+                    "slug": "manage-allowed-ips"
+                  },
                   {
                     "label": "Connect to a cluster with kubectl",
                     "slug": "connect-cluster-kubectl"
@@ -4885,4 +4889,4 @@
     ],
     "label": "Additional Services"
   }
-]
\ No newline at end of file
+]

From d1c03d4e3412e81d3beb462f3455be6f2ec3ef8d Mon Sep 17 00:00:00 2001
From: Benedikt Rollik <brollik@scaleway.com>
Date: Mon, 4 Nov 2024 13:35:54 +0100
Subject: [PATCH 2/6] Apply suggestions from code review

---
 containers/kubernetes/how-to/manage-allowed-ips.mdx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/containers/kubernetes/how-to/manage-allowed-ips.mdx b/containers/kubernetes/how-to/manage-allowed-ips.mdx
index 9c9eda32c4..24fe81c87b 100644
--- a/containers/kubernetes/how-to/manage-allowed-ips.mdx
+++ b/containers/kubernetes/how-to/manage-allowed-ips.mdx
@@ -7,8 +7,8 @@ content:
   paragraph: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions efficiently with our step-by-step guide.
 tags: kubernetes kapsule kosmos
 dates:
-  validation: 2024-07-10
-  posted: 2024-07-10
+  validation: 2024-11-05
+  posted: 2024-11-05
 categories:
   - containers
 ---

From 06ac9cbfadb4c7e95cc22f594d6b077fd789f89f Mon Sep 17 00:00:00 2001
From: Benedikt Rollik <brollik@online.net>
Date: Mon, 4 Nov 2024 16:53:14 +0100
Subject: [PATCH 3/6] docs(k8s): review docs allowed ips

---
 .../kubernetes/how-to/manage-allowed-ips.mdx  | 25 ++++++++++---------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/containers/kubernetes/how-to/manage-allowed-ips.mdx b/containers/kubernetes/how-to/manage-allowed-ips.mdx
index 24fe81c87b..7448a0d0d8 100644
--- a/containers/kubernetes/how-to/manage-allowed-ips.mdx
+++ b/containers/kubernetes/how-to/manage-allowed-ips.mdx
@@ -1,10 +1,10 @@
 ---
 meta:
   title: Managing allowed IP addresses for Kubernetes products
-  description: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions efficiently with our step-by-step guide.
+  description: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions with our step-by-step guide.
 content:
   h1: Managing allowed IP addresses for Kubernetes products
-  paragraph: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions efficiently with our step-by-step guide.
+  paragraph: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions with our step-by-step guide.
 tags: kubernetes kapsule kosmos
 dates:
   validation: 2024-11-05
@@ -29,21 +29,22 @@ The default entry `0.0.0.0/0` enables any host to establish a connection.
 
 ## How to add an IP address
 
-1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The Kubernetes Kapsule dashboard appears.
+1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes Kapsule dashboard** appears.
 2. Select the cluster you wish to configure. The **Cluster information** page opens.
-3. Click the **Allowed IPs** tab to view your current list.
-4. Click **Add allowed IP**. Enter the IP address or IP block in CIDR format (e.g. `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block).
-    <Message type="note">
+3. Click the **Network** tab to display your cluster's network information. Your access control list appears in the **Allowed IPs for control plane** section.
+4. Click **Add allowed IP**. Enter the IP address or IP block in [CIDR notation](/network/ipam/concepts/#cidr-notation) (e.g., `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block).
+   <Message type="note">
       To restore default settings and allow connections from all IPs, add `0.0.0.0/0` to the list.
-    </Message>
+   </Message>
 
 <Message type="important">
     For **Kosmos** multi-cloud clusters, allow connections from all Scaleway IP subnets to ensure proper functionality. Access from these IPs cannot be restricted. Refer to our [peering information](https://www.scaleway.com/en/peering/) for details on all Scaleway IP prefixes.
 </Message>
 
-## How to delete an IP Address
+## How to delete an IP address
 
-1. Locate the IP address in your allowed list.
-2. Click <Icon name="more" /> and choose **Delete**.
-3. Confirm by typing **DELETE** in the pop-up.
-4. Click **Delete allowed IP** to confirm deletion.
\ No newline at end of file
+1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes Kapsule dashboard** appears.
+2. Select the cluster you wish to configure. The **Cluster information** page opens.
+3. Click the **Network** tab to display your cluster's network information. Your access control list appears in the **Allowed IPs for control plane** section.
+4. Locate the IP address in your allowed list.
+5. Click <Icon name="delete" /> next to the IP you want to delete. Confirm by typing **DELETE** in the pop-up, then click **Delete allowed IP** to confirm deletion.
\ No newline at end of file

From 9f7571e0ac8244b2ae68f738b57afb0f5b638a2f Mon Sep 17 00:00:00 2001
From: Benedikt Rollik <brollik@online.net>
Date: Mon, 4 Nov 2024 16:55:15 +0100
Subject: [PATCH 4/6] docs(k8s): acl docs

---
 containers/kubernetes/how-to/manage-allowed-ips.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/containers/kubernetes/how-to/manage-allowed-ips.mdx b/containers/kubernetes/how-to/manage-allowed-ips.mdx
index 7448a0d0d8..07abe05d18 100644
--- a/containers/kubernetes/how-to/manage-allowed-ips.mdx
+++ b/containers/kubernetes/how-to/manage-allowed-ips.mdx
@@ -32,7 +32,7 @@ The default entry `0.0.0.0/0` enables any host to establish a connection.
 1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes Kapsule dashboard** appears.
 2. Select the cluster you wish to configure. The **Cluster information** page opens.
 3. Click the **Network** tab to display your cluster's network information. Your access control list appears in the **Allowed IPs for control plane** section.
-4. Click **Add allowed IP**. Enter the IP address or IP block in [CIDR notation](/network/ipam/concepts/#cidr-notation) (e.g., `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block).
+4. Click **Add allowed IP**. Enter the IP address or IP block in [CIDR notation](/network/ipam/concepts/#cidr-notation) (e.g., `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block) and click **Add IPs**.
    <Message type="note">
       To restore default settings and allow connections from all IPs, add `0.0.0.0/0` to the list.
    </Message>

From fc7357586885eeaa2a490d9dea183b1f8d97a773 Mon Sep 17 00:00:00 2001
From: Jessica <113192637+jcirinosclwy@users.noreply.github.com>
Date: Thu, 19 Dec 2024 11:48:09 +0100
Subject: [PATCH 5/6] Apply suggestions from code review

---
 containers/kubernetes/how-to/manage-allowed-ips.mdx | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/containers/kubernetes/how-to/manage-allowed-ips.mdx b/containers/kubernetes/how-to/manage-allowed-ips.mdx
index 07abe05d18..e49a669802 100644
--- a/containers/kubernetes/how-to/manage-allowed-ips.mdx
+++ b/containers/kubernetes/how-to/manage-allowed-ips.mdx
@@ -13,13 +13,13 @@ categories:
   - containers
 ---
 
-Restricting IPs on Kubernetes Kapsule or Kosmos clusters enhances security by limiting access to only trusted sources, thereby reducing the risk of unauthorized access and potential attacks.
-This control ensures that only specific IP addresses or networks can interact with your clusters, providing an additional layer of protection.
+Restricting IPs on Kubernetes Kapsule or Kosmos clusters enhances security by limiting access to only trusted sources. Since only IP addresses and networks specified by you can interact with your clusters, you reduce the risk of unauthorized access and potential attacks.
+
 The default entry `0.0.0.0/0` enables any host to establish a connection.
 
 <Macro id="requirements" />
 
-- Scaleway account logged into the [Scaleway console](https://console.scaleway.com)
+- A Scaleway account logged into the [Scaleway console](https://console.scaleway.com)
 - [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing actions in the intended Organization
 - [Created](/containers/kubernetes/how-to/create-cluster) a Kubernetes Kapsule or Kosmos cluster
 
@@ -29,10 +29,10 @@ The default entry `0.0.0.0/0` enables any host to establish a connection.
 
 ## How to add an IP address
 
-1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes Kapsule dashboard** appears.
+1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes dashboard** appears.
 2. Select the cluster you wish to configure. The **Cluster information** page opens.
 3. Click the **Network** tab to display your cluster's network information. Your access control list appears in the **Allowed IPs for control plane** section.
-4. Click **Add allowed IP**. Enter the IP address or IP block in [CIDR notation](/network/ipam/concepts/#cidr-notation) (e.g., `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block) and click **Add IPs**.
+4. Click **Add allowed IP**. Enter the IP address or IP block in [CIDR notation](/network/ipam/concepts/#cidr-notation) (e.g., `198.51.100.135/32` for a single IP, `198.51.100.0/24` for an IP block), then click **Add IP(s)**.
    <Message type="note">
       To restore default settings and allow connections from all IPs, add `0.0.0.0/0` to the list.
    </Message>
@@ -43,7 +43,7 @@ The default entry `0.0.0.0/0` enables any host to establish a connection.
 
 ## How to delete an IP address
 
-1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes Kapsule dashboard** appears.
+1. Click **Kubernetes** in the **Containers** section of the [Scaleway console](https://console.scaleway.com). The **Kubernetes dashboard** appears.
 2. Select the cluster you wish to configure. The **Cluster information** page opens.
 3. Click the **Network** tab to display your cluster's network information. Your access control list appears in the **Allowed IPs for control plane** section.
 4. Locate the IP address in your allowed list.

From 3cd3639cc10339a8624fae89a4446d108f75cc52 Mon Sep 17 00:00:00 2001
From: Jessica <113192637+jcirinosclwy@users.noreply.github.com>
Date: Tue, 24 Dec 2024 12:32:44 +0100
Subject: [PATCH 6/6] Apply suggestions from code review

---
 containers/kubernetes/how-to/manage-allowed-ips.mdx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/containers/kubernetes/how-to/manage-allowed-ips.mdx b/containers/kubernetes/how-to/manage-allowed-ips.mdx
index e49a669802..e9b10a1f84 100644
--- a/containers/kubernetes/how-to/manage-allowed-ips.mdx
+++ b/containers/kubernetes/how-to/manage-allowed-ips.mdx
@@ -7,8 +7,8 @@ content:
   paragraph: Learn how to manage allowed IP addresses for your Kubernetes Kapsule and Kosmos clusters. Configure access restrictions with our step-by-step guide.
 tags: kubernetes kapsule kosmos
 dates:
-  validation: 2024-11-05
-  posted: 2024-11-05
+  validation: 2024-12-24
+  posted: 2024-12-24
 categories:
   - containers
 ---