ip
Less than 1 minute
Syntax
(*ip)${...}(*ip)<ip-string>
Examples
(*ip)${USER.ip}- convert current user's IP address into long value for further comparison.(*ip)10.0.0.0/16- convert IP CIDR annotation into range of IPs for further comparison.
Definition
Treat provided value as an IP address. Under the hood, the PHP core ip2long function is used to convert the text representation of the IP address for further evaluation.
It is important to typecast certain IP addresses so they can be property evaluated in conditions like In or Between.
It is absolutely critical to typecast IP CIDR notations, so AAM can properly handle range of IP address that fall under it. For instance, the following condition applies to a user coming from the IP range 10.123.10.0 – 10.123.10.255:
{
"Statement": [
{
"Effect": "allow",
"Resource": "Taxonomy:product_category:terms",
"Action": "Browse",
"Condition": {
"Between": {
"(*ip)${USER.ip}": [
"(*ip)10.123.10.0",
"(*ip)10.123.10.255"
]
}
}
}
]
}
In the following statement we restrict access to any admin page if the user is not coming from the internal IP range:
{
"Statement": {
"Effect": "deny",
"Resource": "URI:/wp-admin*",
"Condition": {
"NotIn": {
"${USER.ip}": "(*ip)10.1.23.0/24"
}
}
}
}