Use TimescaleSecurity

IP allow list

You can restrict access to your Timescale Cloud services to trusted IP addresses only. This prevents unauthorized connections without the need for a Virtual Private Cloud. Creating IP allow lists helps comply with security standards such as SOC 2 or HIPAA that require IP filtering. This is especially useful in regulated industries like finance, healthcare, and government.

For a more fine-grained control, you create separate IP allow lists for the ops mode and the data mode.

Create and attach an IP allow list in the ops mode

You create an IP allow list at the project level, then attach your service to it.

Important

You attach a service to either one VPC, or one IP allow list. You cannot attach a service to a VPC and an IP allow list at the same time.

  1. In Timescale Console, select Security > IP Allow List, then click Create IP Allow List

    Create IP allow list

  2. Enter your trusted IP addresses

    The number of IP addresses that you can include in one list depends on your pricing plan.

    Add IP addresses to allow list

  3. Name your allow list and click Create IP Allow List

    Click + Create IP Allow List to create another list. The number of IP allow lists you can create depends on your pricing plan.

  4. Select a Timescale Cloud service, then click Operations > Security > IP Allow List

    Attach IP allow list

  5. Select the list in the drop-down and click Apply

  6. Type Apply in the confirmation popup

You have created and attached an IP allow list for the operations available in the ops mode. You can unattach or change the list attached to a service from the same tab.

Create an IP allow list in the data mode

You create an IP allow list in the data mode settings.

  1. In Timescale Console, toggle Data

  2. Click the project name in the upper left corner, then select Settings

  3. Scroll down and toggle IP Allowlist

  4. Add IP addresses

    1. Click Add entry.
    2. Enter an IP address or a range of IP addresses.
    3. Click Add.
    4. When all the IP addresses have been added, click Apply.
    5. Click Confirm.

You have successfully added an IP allow list for querying your service in the data mode.

Keywords

ip allow listsecurity

Found an issue on this page?Report an issue or Edit this page in GitHub.

PreviousAWS Transit GatewayNextTimescale limitations

Related Content

Security
A high level of security is a major requirement to any database. Learn how Timescale Cloud protects your services with MFA, SAML, SSL modes, read-only access, VPC peering, and IP allow lists
Virtual Private Cloud
Virtual Private Cloud peering ensures that your Timescale Cloud services are only accessible through your secured AWS infrastructure. Set up VPC peering in Timescale Console
SAML (Security Assertion Markup Language)
SAML is a standard for exchanging authentication and authorization data. Timescale Cloud offers SAML authentication as part of its security suite.
About security in Timescale Cloud
Learn how Timescale Cloud protects your data with secure development practices, as well as configurable features that restrict access to your services
Connect with a stricter SSL mode
While require is the default SSL mode used to connect to Timescale Cloud services, you can also configure the connection with a stricter mode, such as verify-ca or verify-full. Learn how to set it up
Read-only role
Timescale Cloud includes different levels of access to your services for enhanced security. Learn how to grant read-only access to your data in Timescale Console