I would to be able to restrict access to the entire secrets vault based on country/ip. And also be able to restrict a service account to a particular set of IP. So that for example production secrets only can be accessed from certain locations.
1 Like
this would work best if you self-host the password manager which they offer and it sits behind your personal firewall and you could restrict it. when it comes to the online version what happens if you need access from an outside ip and then you’re locked out. when its on your home network you have ability on your LAN or you could VPN into your LAN.
It was tagged for secrets manager. Even so, self-hosting isn’t always the solution.
I would also really value having IP restrictions on the Secret Manager (not the password manager!) or at least being notified when a machine account has been used from a new IP.
Being able to limit access for machine accounts reduces the attack surface dramatically. If an access key leaks by developer error, the risk is still limited to systems active on the same IP. Therefore practically impossible to exploit for external actors.
I would specifically use Bitwarden not to self host a solution. So self hosting is no option for me. I would like reduced risks as a service 
1 Like