Host IP Services can restrict access to only specific application protocols authorized to be used with the service running on the Host. They can also be used in Access Groups to control who can access that Host's service using the Host Connector's tunnel IP address.
Consider this example of Host IP Services use:
You want to make a private web server accessible to all users, but allow only the IT department to manage it using SSH. You represent the web server by configuring a Host. You then add an IP Service named webapp, allowing only HTTPS. You then add another IP Service named manage, allowing only SSH. After installing the Connector on the web server, the web server connects to your WPC, and the tunnel IP address of the Connector is 100.96.1.18
. Note that the tunnel IP address will not change even if the Connector disconnects or connects to another Region.
Now, you configure an Access Group that allows access to manage and webapp to the User Group with all the IT department members as its Users and another one to provide access to webapp for all other User Groups.
With the above configuration, all users can use only HTTPS and access https://100.96.1.18
, while the IT department can use ssh user@100.96.1.18
.