Hi Yahia,
For your information, we have updated our 1x/2x size option builds to operate from a new, broader IP range.
For teams who need their builds to run from a more restricted set of IP addresses, we recommend using the atlassian-ip-ranges configuration available with our 4x/8x steps. This option provides enhanced security by limiting the IP addresses to a smaller, more manageable list. You can find more details about this configuration here. This configuration does not need to apply to all steps in a pipeline, just the steps that access secure resources.
Please Note: Opting for larger step sizes (4x/8x) may impact billing. We encourage you to review the relevant documentation on step sizes here to understand these implications fully.
As you're using 1x/2x step size - you can view the complete list of IP addresses used by the 1x/2x steps in this JSON format. This list can be explicitly filtered for EC2 or S3 resources located in us-east-1 and us-west-2. We do not recommend or support adding these IP addresses into your firewall configuration.
Important Note: Relying solely on IP-based firewalls for securing your infrastructure is not recommended. Instead, consider implementing secure authentication methods for any services exposed to Bitbucket Pipelines, such as using OpenID Connect (OIDC).
Alternatively, you may consider utilizing Bitbucket's pipeline runners. Runners enable you to execute builds in Pipelines on your own infrastructure. Additionally, as your runner is hosted on your own infrastructure, you will have greater flexibility regarding the list of IP addresses to permit.
Cheers!
- Ben (Bitbucket Cloud Support)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.