If you just want to add or remove an IP, see the bottom for the simplest commands. For the detail of how it all works in squad config, read on.
The IP whitelist is set in the squad config at config.apigateway.ip_whitelist.
An IP whitelist object looks like this, so you just need to set the inner permissions object:
"192-168-0-1": {
"ANY": [
"*"
]
},
If this isn't a developer's IP address, you can give specific permissions which will be added to the Auth Policy when API Gateway receives a request from this IP.
Permissions here are in the format {"VERB": ["<endpoints>"]}
E.g.
{
"POST":["/msm/rate"],
"GET":["/users"]
}
Once you're happy with your edited whitelist, you can set it like so:
wrench trantor set_config \
-a '<account>' \
-s '<squad>' \
--json \
--jsonpath '/config/apigateway/ip_whitelist/<your_ip>' \
--value '<your ip permissions>'
The IP address should use hyphens (-) not full stops (.).
Make sure your whitelist is a dictionary and is in strings all on one line. You may need to minify your JSON to do this :)
Full example:
wrench trantor set_config \
-a 'BBM Dev' \
-s 's-aggregator-dev' \
--json \
--jsonpath '/config/apigateway/192-168-0-1' \
--value '{"ANY":["*"]}'
As a shortcut to save on JSON formatting you can use the IP whitelist trantor command directly:
trantor apigateway ip_whitelist add \
-a 'BBM Dev' \
-s 's-aggregator-dev' \
--method ANY \
--endpoint * \
--ip '192.168.0.1'
This is also available with legacy wrench at wrench trantor add_whitelisted_ip.
To remove, it's:
trantor apigateway ip_whitelist remove \
-a 'BBM Dev' \
-s 's-aggregator-dev' \
--ip '192.168.0.1'
As you can see, remove removes the entire access of an IP, whereas add adds a specific permission.