Assuming we're starting with zero outbound access to the Internet, what outbound traffic requirements does Bamboo have for its "Elastic Bamboo" feature?
I assume it hits one or more AWS API endpoints. Assuming I want to restrict access based on the FQDN of these endpoints, what are they?
The Elastic Bamboo feature hits several AWS API endpoints indeed. Here are your options:
AWS maintains a list of Regions and Endpoints:
To reduce data latency in your applications, most Amazon Web Services offer a regional endpoint to make your requests. An endpoint is a URL that is the entry point for a web service. For example,
https://dynamodb.us-west-2.amazonaws.comis an entry point for the Amazon DynamoDB service.
The subset of AWS services facilitated by Elastic Bamboo could be deduced from the actions in an applicable IAM Policy for Bamboo. Unfortunately those are still not officially documented as of today though:
However, a related long standing issue has at least seen some helpful comments in this regard:
Regardless, your question is only concerned with the services themselves rather than actions on those, I think the following endpoints would still be sufficient right now regarding Elastic Bamboo itself:
AWS also maintains a list of AWS IP Address Ranges meanwhile:
Amazon Web Services (AWS) publishes its current IP address ranges in JSON format. To view the current ranges, download the
.jsonfile. To maintain history, save successive versions of the
.jsonfile on your system. To determine whether there have been changes since the last time that you saved the file, check the publication time in the current file and compare it to the publication time in the last file that you saved.
Given the enormous worldwide range of all the AWS' CIDR blocks, this is obviously not all that limiting, but better than nothing of course, esp. given AWS has terms of services against malicious usage and is capable of detecting and blocking AWS accounts that systematically violate those.
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Bamboo 5.9 will no longer be supported after June 12, 2017. What does this mean? As part of our End of Life policy, Atlassian supports major versions for two years after the first major iteratio...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs