IP Whitelisting

Owned by Tristan Mohn (Deactivated)
Last updated: Feb 09, 2023 by Victoria Buhler (Deactivated)
2 min read


Page Contents


Overview

As we scale our infrastructure to meet demand, the IP addresses assigned to your instance may change from time to time. Since this impacts integrations between ZenGRC and other applications, this document provides optimum firewall configurations and a list of ZenGRC's public IP addresses.

IMPORTANT

If your organization is using the self-hosted, on-premise version of Jira or ServiceNow and has integrated it with ZenGRC, please review this information. Those using Jira Cloud do not need to whitelist.


We recommend you configure your firewalls to use the hostname (e.g., https://yourinstance.zengrc.com) rather than rely on the dynamically assigned IP address for your ZenGRC subdomain.

  • If your firewall policy filters inbound traffic only, please see the list of IP addresses to whitelist.
  • If your firewall policy filters both inbound and outbound traffic:
    • We recommend whitelisting with both the Fully Qualified Domain Name (FQDN) of your ZenGRC server (e.g., https://yourinstance.zengrc.com) as well as the IP addresses below.
    • If your firewall doesn’t support FQDN-based whitelisting, we recommend you disable outbound filtering or upgrade to a firewall that supports this feature.

IP Addresses

NOTE

To receive updates on this page, you can use ifttt.com or zapier.com and subscribe to the linked RSS feed.


The following is the list of ZenGRC set of public IP addresses. This list may update from time to time.

35.171.131.182

52.4.145.43

34.192.191.164

Jira Server

If your Jira Server instance is behind a firewall, and IP whitelisting isn't enough, the following additional strategies are possible:

  • (Recommended) Configure the firewall to allow requests that have the Authorization HTTP header with the specific value of the Basic Authentication-encoded service account you configured.

  • Configure your firewall to allow only some HTTP requests to Jira based on path prefixes.  The list of consumed Jira paths from ZenGRC are as follows:

    /rest/api/1.0/users/picker
/rest/api/2/field
/rest/api/2/issue
/rest/api/2/issue/createmeta
/rest/api/2/issue/{ID}
/rest/api/2/issue/{ID}/comment
/rest/api/2/issue/{ID}/editmeta
/rest/api/2/issue/{ID}/transitions
/rest/api/2/issue/{ID}/watchers
/rest/api/2/issue/{ISSUE_KEY}
/rest/api/2/issue/{ISSUE_KEY}/editmeta
/rest/api/2/issueLink
/rest/api/2/issueLinkType
/rest/api/2/issuetype
/rest/api/2/project
/rest/api/2/project/{ID}
/rest/api/2/project/{ID}/statuses
/rest/api/2/project/{PROJECT_KEY}
/rest/api/2/search
/rest/api/2/serverInfo
/rest/api/2/user/assignable/search
/rest/api/latest/user/assignable/search
/v1/batch

Other Helpful Content

•  Access and User Assistance 
•  System of Record List Views  
•  Actions on the Details Page 
•  Creating New Objects 
•  Favorites 
•  Quick Tips for End Users (Printable) 
•  Searching the Left-Hand Navigation

© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com