Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

atlassian/ssh-run:0.4.2 pipe and IP adress

pmilosevic
pmilosevic November 19, 2024

I have bitbucket pipeline defined using the yaml file. One step is related to deployment - removing previous installation. Removing is done using the pipe "atlassian/ssh-run:0.4.2", the command is "rm...". However, after 2 minutes timeout (step execution is limited to 2 min), the step is declared as failed. Usually, time need for this command (step) to be executed is few seconds. The step is default size. Since no changes were inside the yaml file in the near past (the problem occurred this week, the last successful pipeline execution was 25 days ago ), I have doubt that the problem is in my internal network (firewall configuration) of it is related to the ip address range on the BB. This is my range used to set fw configuration:

34.199.54.113/32

34.232.25.90/32

34.232.119.183/32

34.236.25.177/32

35.171.175.212/32

52.54.90.98/32

52.202.195.162/32

52.203.14.55/32

52.204.96.37/32

34.218.156.209/32

34.218.168.212/32

52.41.219.63/32

35.155.178.254/32

35.160.177.10/32

34.216.18.129/32

188.2.97.71/32

13.236.8.128/32

18.246.31.128/32

185.166.140.0/22

18.184.99.128/32

52.215.192.128/25

104.192.136.0/21

18.205.93.0/27

18.136.214.0/25

13.52.5.0/25

18.234.32.128/25

 

 

Is this a sufficient set of addresses? All the addresses found in the atlassian-ip-ranges (https://support.atlassian.com/bitbucket-cloud/docs/what-are-the-bitbucket-cloud-ip-addresses-i-should-use-to-configure-my-corporate-firewall/) are practically included here. Which specific address is used for SSH? For now, it's important to me to know that all the addresses are correct and none are missing, which would then lead me to believe the issue is in my internal network.

Answer
Watch
Like Be the first to like this
284 views

1 answer

0 votes
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 19, 2024

Hi @pmilosevic

We have recently updated our 1x/2x size option builds to operate from a new, broader IP range.

The documentation of Bitbucket Pipelines Cloud IP addresses is divided into two sections:

  • Section 1: Valid IP addresses for Bitbucket Pipelines build environments

    This section applies to 1x/2x step sizes (or 4x/8x steps that have not been explicitly flagged to use atlassian-ip-ranges). An exhaustive list of IP addresses from which the traffic may originate on AWS can be obtained by using the following endpoint. You should filter records where the service equals EC2 or S3, and focus on the us-east-1 and us-west-2 regions. However, we do not recommend using these IP ranges as a security control due to their broad nature.

  • Section 2: Atlassian IP Ranges

    This section pertains to steps specifically configured to use Atlassian IP ranges. These are applicable only to 4x and 8x size steps that have the atlassian-ip-ranges: true flag enabled. The step sizes 4x and 8x are only available for builds running under a paid Bitbucket Cloud plan (Standard or Premium).

If you want your Pipelines builds to run from the more restricted IPs listed in Atlassian IP Ranges, then you can adjust the step as follows:

pipelines:
  default:
    - step:
       size: 4x
       runtime:
         cloud:
           atlassian-ip-ranges: true
       script:
          - echo "This step will use atlassian-ip-ranges"

You can find more info on this configuration here:

This setup offers better security by narrowing down the IP addresses used by Pipelines builds.

Please Note: Opting for larger step sizes (4x/8x) may impact billing. We encourage you to review the relevant documentation on step sizes here to understand these implications fully.

To provide some extra context on this change and the requirement for 4x/8x steps to access restricted IP's, please see the discussion re: this topic from the Pipelines community space here.

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security