Configure IP access lists for the account console

This article describes how to configure IP access lists for the Databricks account console. You can also use the Account IP Access Lists API. To configure IP access lists for a Databricks workspace, see Configure IP access lists for workspaces.

Requirements

  • IP access lists support only Internet Protocol version 4 (IPv4) addresses.

Enable IP access lists

Account admins can enable and disable IP access lists for account console. When IP access lists is enabled, users can only access the account console through IPs on the allow list. When IP access lists is disabled, all existing allow lists or block lists are ignored and all IP addresses can access the account console. By default, new IP access lists for the account console take effect within a few minutes.

  1. As an account admin, go to the account console.

  2. In the sidebar, click Settings.

  3. On the Security tab, click IP Access List.

    IP access lists for account console main settings
  4. Set the Enabled/disabled toggle to Enabled.

Add an IP access list

  1. As an account admin, go to the account console.

  2. In the sidebar, click Settings.

  3. In the Security tab, click IP Access List.

  4. Click Add rule.

    IP access lists add rule
  5. Choose whether to make an ALLOW or BLOCK list.

  6. In the label field, add a human-readable label.

  7. Add one or more IP addresses or CIDR IP ranges, with commas separating them.

  8. Click Add rule.

Delete an IP access list

  1. As an account admin, go to the account console.

  2. In the sidebar, click Settings.

  3. In the Security tab, click IP Access List.

  4. On the row for the rule, click the kebab menu Kebab menu on the right, and select Delete.

  5. Confirm deletion in the confirmation popup that appears.

Disable an IP access list

  1. As an account admin, go to the account console.

  2. In the sidebar, click Settings.

  3. In the Security tab, click IP Access List.

  4. In the Status column, click the Enabled button to toggle between enabled and disabled.

Update an IP access list

  1. As an account admin, go to the account console.

  2. In the sidebar, click Settings.

  3. In the Security tab, click IP Access List.

  4. On the row for the rule, click the kebab menu Kebab menu on the right, and select Update.

  5. Update any fields.

  6. Click Update rule.