A key security mechanism in Couchdrop is ACLs. ACLs limit access to particular IP addresses or netwrok ranges.

There are three levels of ACL controls in Couchdrop:

• User based

• Group based

• Tenant based

ACLs are additive, in that if the user authenticating originates from an IP address in a range at all three levels, then we will allow the request.

Configuring an IP address or network range is simple: