Added IP restriction docs to groups

1 files changed, 19 insertions, 0 deletions

diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index 97d309caf7c..95e10be9974 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -323,6 +323,25 @@ This will disable the option for all users who previously had permissions to
 operate project memberships, so no new users can be added. Furthermore, any
 request to add a new user to a project through API will not be possible.
 
+#### IP access restriction **[ULTIMATE]**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/1985) in
+[GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0.
+
+To make sure only people from within your organization can access particular
+resources, you have the option to restrict access to groups and their
+underlying projects, issues, etc, by IP address. This can help ensure that
+particular content doesn't leave the premises, while not blocking off access to
+the entire instance.
+
+Add whitelisted IP subnet using CIDR notation to the group settings and anyone
+coming from a different IP address won't be able to access the restricted
+content.
+
+Restriction currently applies to UI, API access is not restricted.
+To avoid accidental lock-out, admins and group owners are are able to access
+the group regardless of the IP restriction.
+
 #### Group file templates **[PREMIUM]**
 
 Group file templates allow you to share a set of templates for common file