IP Whitelisting
- Tristan Mohn (Deactivated)
- Victoria Buhler (Deactivated)
- Don Brown (Deactivated)
- Alan Cohen (Deactivated)
Page Contents
Overview
As we scale our infrastructure to meet demand, the IP addresses assigned to your instance may change from time to time. Since this impacts integrations between ZenGRC and other applications, this document provides optimum firewall configurations and a list of ZenGRC's public IP addresses.
IMPORTANT
If your organization is using the self-hosted, on-premise version of Jira or ServiceNow and has integrated it with ZenGRC, please review this information. Those using Jira Cloud do not need to whitelist.
We recommend you configure your firewalls to use the hostname (e.g., https://yourinstance.zengrc.com) rather than rely on the dynamically assigned IP address for your ZenGRC subdomain.
- If your firewall policy filters inbound traffic only, please see the list of IP addresses to whitelist.
- If your firewall policy filters both inbound and outbound traffic:
- We recommend whitelisting with both the Fully Qualified Domain Name (FQDN) of your ZenGRC server (e.g., https://yourinstance.zengrc.com) as well as the IP addresses below.
- If your firewall doesn’t support FQDN-based whitelisting, we recommend you disable outbound filtering or upgrade to a firewall that supports this feature.
IP Addresses
NOTE
To receive updates on this page, you can use ifttt.com or zapier.com and subscribe to the linked RSS feed.
The following is the list of ZenGRC set of public IP addresses. This list may update from time to time.
35.171.131.182
52.4.145.43
34.192.191.164
Jira Server
If your Jira Server instance is behind a firewall, and IP whitelisting isn't enough, the following additional strategies are possible:
- (Recommended) Configure the firewall to allow requests that have the Authorization HTTP header with the specific value of the Basic Authentication-encoded service account you configured.
Configure your firewall to allow only some HTTP requests to Jira based on path prefixes. The list of consumed Jira paths from ZenGRC are as follows:
/rest/api/1.0/users/picker /rest/api/2/field /rest/api/2/issue /rest/api/2/issue/createmeta /rest/api/2/issue/{ID} /rest/api/2/issue/{ID}/comment /rest/api/2/issue/{ID}/editmeta /rest/api/2/issue/{ID}/transitions /rest/api/2/issue/{ID}/watchers /rest/api/2/issue/{ISSUE_KEY} /rest/api/2/issue/{ISSUE_KEY}/editmeta /rest/api/2/issueLink /rest/api/2/issueLinkType /rest/api/2/issuetype /rest/api/2/project /rest/api/2/project/{ID} /rest/api/2/project/{ID}/statuses /rest/api/2/project/{PROJECT_KEY} /rest/api/2/search /rest/api/2/serverInfo /rest/api/2/user/assignable/search /rest/api/latest/user/assignable/search /v1/batch
© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com