Rules to restrict outside IP addresses from using AWS Connect


Is it possible to prevent users from logging in if they are trying to log in from outside the office, e.g. from their home? We are looking to just allow our agents to use AWS Connect from some IP Addresses for security measures.

asked 10 days ago120 views
3 Answers
answered 10 days ago

You can create custom CCP [1] and host it with for example, CloudFront which is restricted using AWS WAF [2].

[1]. Custom CCP:

[2]. CloudFront distribution with AWS WAF:

answered 10 days ago
  • This does not protect the Connect endpoint directly, only your custom CCP. Agents can bypass this.


I've not seen any documentation around having your Connect instance inside a VPC, the only thing I can think of for the CCP itself is to deploy a custom CCP via CloudFront and put IP registrations on that. However, if the agents already know the Connect URL there would be nothing stopping them from going directly.


profile picture
answered 10 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions