Docs
HomeGitHubSign Up

Egress and Ingress communication for firewalls

If you are using a firewall or any other method to filter egress communication, please ensure that the following addresses are allowed for outbound communication. This is necessary to operate the in-cluster components.

All communication should be routed through or directed to port 443 for secure HTTPS communication.

Service

DNS

IPv4

IPv6

ARMO Platform (default data-center in EU)

api.armosec.io
ens.euprod1.cyberarmorsoft.com
otelcol.armosec.io
report.armo.cloud
synchronizer.armosec.io

Please refer to https://www.cloudflare.com/ips/

N/A

ARMO Platform (US data-center)

cloud-report.us.armosec.io
cloud-ens.us.armosec.io
api.us.armosec.io
otelcol.us.armosec.io
synchronizer.us.armosec.io

Please refer to https://www.cloudflare.com/ips/

N/A

Grype (vulnerabilities scanning)

grype.anchore.io
toolbox-data.anchore.io

172.67.15.216
104.22.74.215
104.22.75.215

2606:4700:10::6816:4bd7
2606:4700:10::ac43:fd8
2606:4700:10::6816:4ad7

GitHub (policies download)

raw.githubusercontent.com

140.82.121.4
185.199.108.133
185.199.109.133
185.199.110.133
185.199.111.133

2606:50c0:8000::154
2606:50c0:8001::154
2606:50c0:8002::154
2606:50c0:8003::154

📘

GitHub IP ranges are prone to change. The GitHub IP addresses listed above are provided for convenience, but the source of truth is GitHub’s Meta API. For the latest IPv4 and IPv6 ranges used by GitHub web endpoints, refer to the .web section in https://api.github.com/meta.

For Ingress traffic please ensure the following addresses are allowed for inbound communication

Service

DNS

IPv4

IPv6

ARMO Platform

13.49.199.135
13.63.121.215
13.63.99.28

N/A

ARMO US Platform

3.12.0.124
3.151.183.44
18.117.200.208

N/A

Updated 4 days ago