In this article
Overview
If your network restricts outbound communication, you need to add the SnapLogic IP addresses described on this page to your network allowlist. To restrict inbound requests to the SnapLogic Platform, refer to Task allowlists and the Groundplex allowlist and the information on how to configure them in Admin Manager.
SnapLogic Platform uses a High Availability (HA) configuration with support for Disaster Recovery (DR) failover. This requires you to add multiple IP addresses to your Allowlist.
Additionally, consider the following guidelines:
Ensure that there is a reliable connection to the Amazon S3 services. If Snaplex outbound access to S3 is blocked:
FileReader/FileWriter Snaps that Read/Write to Snaplogic filesystem (
sldb
) via the Files asset type will not work.Snaplex WAR files will continue to work, but the download will fall back to the Snaplogic Control Plane and might introduce some latency.
For Cloudplex IP addresses outside the US region, you can use either the /wiki/spaces/DRWIP/pages/2892791821 or the Health tab in the SnapLogic Dashboard (as shown in the following image) to retrieve the External IP address.
The Dashboard is being replaced with Monitor. We encourage you to start using Monitor for monitoring and reporting requirements. Contact support@snaplogic.com if you need assistance.
To allow access to S3, update your allowlist to include all the IP addresses for your region. For example, for us-west-1, select all the CIDR blocks as per the official AWS documentation. Learn more about AWS IP address ranges and steps to filter the JSON files at AWS IP address ranges.
Requests to SnapLogic Control Plane
The following table lists the SnapLogic Control Plane IP addresses required on your Allowlists for public API calls and Tasks invoked to the Control Plane. The same addresses are required for allowing Groundplexes, which are on restricted networks, to be able to talk to the SnapLogic control plane.
You must add the following IP addresses to the Allowlist only if your network restricts outbound traffic.
SnapLogic Environment | Domain | IP Addresses to be allowed by your network |
---|---|---|
Production - Global |
|
|
Production - EMEA |
|
|
UAT |
|
|
Request from Cloudplexes to Snap Endpoints
You must add the following IP addresses to your Allowlist on Snap endpoints (like AWS Redshift) to allow requests from SnapLogic Cloudplexes. Here is an example of how to add IP addresses on AWS Redshift.
SnapLogic Environment | Domain | IP Addresses to be allowed by your endpoint for U.S. Cloudplexes | Ireland Cloudplexes | London Cloudplexes | Canada Cloudplexes | India Cloudplexes | Sydney Cloudplexes | Frankfurt Cloudplexes | Singapore Cloudplexes |
---|---|---|---|---|---|---|---|---|---|
Production - Global | elastic.snaplogic.com |
|
|
|
|
|
|
|
(Inbound) |
Production - EMEA | emea.snaplogic.com | N/A |
| N/A | N/A | N/A | N/A | N/A | N/A |
UAT | uat.elastic.snaplogic.com |
|
| N/A | N/A | N/A | N/A | N/A | N/A |
Requests to Cloudplex API endpoints
The following table provides the IP addresses required to be added to Allowlist for making Triggered and Ultra Task calls to the Cloudplex load balancers on the snaplogic.io domain. For the US region, use the same IP addresses as listed for Requests to SnapLogic Control Plane:
You need to add the given IP addresses to the Allowlist for load balancers.
SnapLogic Environment | Domain | Ireland | London | Canada | India |
---|---|---|---|---|---|
Production - Global |
|
|
|
|
|
Production - EMEA |
|
| N/A | N/A | N/A |
UAT |
|
| N/A | N/A | N/A |
Cloudflare integration
The SnapLogic platform uses Cloudflare, and the UI automatically redirects to the given Cloudflare CDN addresses. This enhances the SnapLogic platform’s response time, security, and performance. Only customers who restrict outbound IP addresses to a pre-identified list of IP addresses must extend their Allowlist to add all the given IP addresses to ensure continued access to the SnapLogic UI.
You can verify the need to extend your Allowlist by successfully launching the CDN domains mentioned below. For more information, contact support@snaplogic.com.
The Cloudflare integration only impacts the SnapLogic UI. No customer action is required for Groundplex nodes' connectivity, Triggered Tasks' invocation, public API calls, and OAuth/SSO configurations.
We recommend you to check Cloudflare’s latest IP ranges to ensure that you get the most recent IP addresses, since they update the same without notice.
Domains | IP Addresses to be allowed by your network |
---|---|
|
|
cdn.emea.snaplogic.com |
|
Outbound Requests from SnapLogic Control Plane
The following table lists the IP addresses required on your Allowlists for the SnapLogic Control Plane to communicate with these third-party platforms:
GitHub (cloud)
GitLab (cloud)
Azure Repos
Slack
On-premises GitHub Enterprise Server (GHES) and GitLab (self-managed) integrations do not need these IP addresses to be added to your Allowlist.
SnapLogic Environment | Domain | IP Addresses to be allowed by your network |
---|---|---|
Production |
| 35.166.213.233/32 34.208.82.245/32 34.223.147.175/32 3.212.225.26/32 3.214.21.106/32 52.203.89.150/32 |
UAT |
| 35.165.46.38/32 52.36.202.44/32 35.166.161.52/32 35.171.116.7/32 54.160.75.172/32 3.212.72.32/32 |