Restrict access to the database via IP address or Tailscale tailnet?

Hi, if my Neon Postgres connection string somehow leaks, are there any additional protections provided by the platform to help limit the damage? I’ve seen “restrict by IP address” (e.g. Postgres) and "add to Tailscale tailnet (e.g. Crunchy Bridge) on other platforms. Thanks!


If a connection somehow leaks, you can reset the password for the connection string.

We currently don’t support restricting access to specific IP addresses. It’s on our roadmap, but not for the immediate future in Q2. Is this a blocker for you?

Okay, thanks. Yes, it’s a blocker for my use case. I’m looking to move a Heroku (Common Runtime) Postgres somewhere else for increased security.

I’ll share your feedback with our Product team. Thank you for reaching out :smile:

I agree that this is a basic security feature that should be implemented as soon as possible. Please prioritize the implementation of this feature to ensure the security of your customers’ data.

1 Like

Also makes it hard for me to justify using Neon for production on my B2B SaaS, along with the general lack of information on GDPR compliance etc. Pretty much limits us to convenience for dev environments.

I would also like support for Tailscale, and the ability to restrict specific IP access per role.

Also a requirement for our use case, unfortunately. I’m glad to hear that Neon is planning on implementing this feature at least. Is there an ETA for this?

+1 for Tailscale, you guys are great!

This is a blocker for us as well, it’s a shame that this feature isn’t ready yet.