Skip to end of banner
Go to start of banner

Adding the SnapLogic Platform to your Allowlist

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 71 Next »

In this article

Overview

If your network restricts outbound communication, you need to add the SnapLogic IP addresses described on this page to your network allowlist. To restrict inbound requests to the SnapLogic Platform, refer to Task allowlists and the Groundplex allowlist and the information on how to configure them in Admin Manager.

SnapLogic Platform uses a High Availability (HA) configuration with support for Disaster Recovery (DR) failover. This requires you to add multiple IP addresses to your Allowlist.

Additionally, consider the following guidelines:

  • Ensure that there is a reliable connection to the S3 services as JCC:

    • Downloads the WAR files directly from S3 but falls back to SLDB in case of failure, which may introduce some latency.

    • Uploads large log files directly to S3, provided JCC can access S3.

  • Ensure your AWS (Amazon Web Services) S3 instance can access Snaplexes after every JCC start-up. In case of any accessibility issues, all necessary communication occurs through the Control Plane services.

  • We strongly recommend enabling S3 access on Snaplex nodes.

  • For Cloudplex IP addresses outside the US region, you can use either the Snaplex Monitoring API request for REST clients or the Health tab in the SnapLogic Dashboard (as shown in the following image) to retrieve the External IP address.

The Dashboard is being replaced with Monitor. We encourage you to start using Monitor for monitoring and reporting requirements. Contact support@snaplogic.com if you need assistance.

To allow access to S3, update your allowlist to include all the IP addresses for your region. For example, for us-east-1, select all the CIDR blocks as per the official AWS documentation. Learn more about AWS IP address ranges and steps to filter the JSON files at AWS IP address ranges.

Requests to SnapLogic Control Plane

The following table lists the SnapLogic Control Plane IP addresses required on your Allowlists for public API calls and Tasks invoked to the Control Plane. The same addresses are required for allowing Groundplexes, which are on restricted networks, to be able to talk to the SnapLogic control plane.

You must add the following IP addresses to the Allowlist only if your network restricts outbound traffic.

SnapLogic Environment

Domain

IP Addresses to be allowed by your network

Production - Global

  • elastic.snaplogic.com

  • tcp.elastic.snaplogic.com

  • *.snaplogic.io

  • snaplogic-prod-sldb.s3.us-east-1.amazonaws.com

  • 34.208.89.109

  • 52.11.8.103/32 

  • 34.208.181.167/32

  • 52.10.35.99/32 

  • 52.36.97.11/32 

  • 52.25.90.203/32

  • 34.210.197.128/32

  • 52.12.92.65/32

  • 3.220.248.243/32

  • 3.220.248.158/32

  • 54.92.192.251/32

  • 54.157.253.74/32

  • 18.235.232.49/32

  • 50.16.206.60/32

Production - EMEA

  • emea.snaplogic.com

  • tcp.emea.snaplogic.com

  • *.emea.snaplogic.io

  • snaplogic-prodeu-sldb.s3.eu-west-1.amazonaws.com

  • 108.128.171.163/32

  • 99.80.45.186/32

  • 3.251.44.59/32

  • 99.81.220.200/32

UAT

  • uat.elastic.snaplogic.com

  • uat.tcp.elastic.snaplogic.com

  • *.snaplogic.io

  • 52.39.163.113/32 

  • 52.32.143.155/32 

  • 35.163.6.133/32

  • 44.232.154.15/32

  • 54.245.88.186/32

  • 34.210.102.144/32

  • 3.225.35.150/32

  • 52.87.92.31/32

  • 34.226.102.107/32

  • 54.146.10.130/32

  • 52.206.133.85/32

  • 52.205.203.252/32

Request from Cloudplexes to Snap Endpoints

You must add the following IP addresses to your Allowlist on Snap endpoints (like AWS Redshift) to allow requests from SnapLogic Cloudplexes. Here is an example of how to add IP addresses on AWS Redshift.

SnapLogic Environment

Domain

IP Addresses to be allowed by your endpoint for U.S. Cloudplexes

Ireland Cloudplexes

London Cloudplexes

Canada Cloudplexes

India Cloudplexes

Sydney Cloudplexes

Frankfurt Cloudplexes

Singapore Cloudplexes

Production - Global

elastic.snaplogic.com

  • 34.209.24.34/32

  • 34.208.230.181/32

  • 3.218.75.185/32

  • 3.218.106.208/32 

  • 54.245.151.210/32

  • 52.48.55.224/32

  • 34.255.146.133/32

  • 52.50.237.184/32

  • 18.168.134.32/32

  • 3.11.44.72/32

  • 18.135.154.254/32

  • 3.99.73.116/32

  • 3.96.78.0/32

  • 35.183.230.49/32

  • 15.206.44.66/32

  • 3.109.134.148/32

  • 43.205.223.54/32

  • 13.236.105.75/32

  • 3.104.162.0/32

  • 3.105.93.205/32

  • 13.210.177.19/32 (Inbound)

  • 18.158.200.22/32

  •  3.68.171.171/32

  •  3.73.223.216/32

  • 18.153.118.95/32 (Inbound)

 

  • 52.77.140.15/32

  • 54.151.156.37/32

  • 13.228.204.214/32

  • 52.221.91.192/32

(Inbound)

Production - EMEA

emea.snaplogic.com

N/A

  • 54.220.107.202/32

  • 34.254.142.249/32

  • 34.241.53.240/32

N/A

N/A

N/A

N/A

N/A

N/A

UAT

uat.elastic.snaplogic.com

  • 35.161.252.12/32

  • 34.212.109.28/32

  • 54.70.172.187/32

  • 54.73.213.202/32

  • 34.254.128.21/32

  • 34.251.17.186/32

N/A

N/A

N/A

N/A

N/A

N/A

Requests to Cloudplex API endpoints

The following table provides the IP addresses required to be added to Allowlist for making Triggered and Ultra Task calls to the Cloudplex load balancers on the snaplogic.io domain. For the US region, use the same IP addresses as listed for Requests to SnapLogic Control Plane:

You need to add the given IP addresses to the Allowlist for load balancers.

SnapLogic Environment

Domain

Ireland

London

Canada

India

Production - Global

  • elastic.snaplogic.com

  • tcp.elastic.snaplogic.com

  • *.snaplogic.io

  • 34.250.25.244/32

  • 3.11.38.59/32

  • 52.60.47.67/32

  • 43.204.207.168/32

Production - EMEA

  • emea.snaplogic.com

  • tcp.emea.snaplogic.com

  • *.emea.snaplogic.io

  • 54.220.107.202/32

  • 34.254.142.249/32

  • 34.241.53.240/32

N/A

N/A

N/A

UAT

  • uat.elastic.snaplogic.com

  • uat.tcp.elastic.snaplogic.com

  • *.snaplogic.io

  • 18.200.147.152/32

N/A

N/A

N/A

Cloudflare integration

The SnapLogic platform uses Cloudflare, and the UI automatically redirects to the given Cloudflare CDN addresses. This enhances the SnapLogic platform’s response time, security, and performance. Only customers who restrict outbound IP addresses to a pre-identified list of IP addresses must extend their Allowlist to add all the given IP addresses to ensure continued access to the SnapLogic UI.

You can verify the need to extend your Allowlist by successfully launching the CDN domains mentioned below. For more information, contact support@snaplogic.com.

The Cloudflare integration only impacts the SnapLogic UI. No customer action is required for Groundplex nodes' connectivity, Triggered Tasks' invocation, public API calls, and OAuth/SSO configurations.

We recommend you to check Cloudflare’s latest IP ranges to ensure that you get the most recent IP addresses, since they update the same without notice.

Domains

IP Addresses to be allowed by your network

  • cdn.uat.elastic.snaplogic.com

  • cdn.elastic.snaplogic.com

  • 103.21.244.0/22

  • 103.22.200.0/22

  • 103.31.4.0/22

  • 104.16.0.0/13

  • 104.24.0.0/14

  • 108.162.192.0/18

  • 131.0.72.0/22

  • 141.101.64.0/18

  • 162.158.0.0/15

  • 172.64.0.0/13

  • 173.245.48.0/20

  • 188.114.96.0/20

  • 190.93.240.0/20

  • 197.234.240.0/22

  • 198.41.128.0/17

cdn.emea.snaplogic.com

  • 103.21.244.0/22

  • 103.22.200.0/22

  • 103.31.4.0/22

  • 104.16.0.0/13

  • 104.24.0.0/14

  • 108.162.192.0/18

  • 131.0.72.0/22

  • 141.101.64.0/18

  • 162.158.0.0/15

  • 172.64.0.0/13

  • 173.245.48.0/20

  • 188.114.96.0/20

  • 190.93.240.0/20

Outbound Requests from SnapLogic Control Plane

The following table lists the IP addresses required on your Allowlists for the SnapLogic Control Plane to communicate with these third-party platforms:

  • GitHub (cloud)

  • GitLab (cloud)

  • Azure Repos

  • Slack

On-premises GitHub Enterprise Server (GHES) and GitLab (self-managed) integrations do not need these IP addresses to be added to your Allowlist.

SnapLogic Environment

Domain

IP Addresses to be allowed by your network

Production

  • elastic.snaplogic.com

  • tcp.elastic.snaplogic.com

35.166.213.233/32 

34.208.82.245/32

34.223.147.175/32

3.212.225.26/32

3.214.21.106/32

52.203.89.150/32

UAT

  • uat.elastic.snaplogic.com

  • uat.tcp.elastic.snaplogic.com

35.165.46.38/32

52.36.202.44/32

35.166.161.52/32

35.171.116.7/32

54.160.75.172/32

3.212.72.32/32

Related Content

Cloudplexes (Snaplexes Managed by SnapLogic)

  • No labels