Closed dylburger closed 9 months ago
This will also require we narrow the range to a manageable list, so this issue tracks that feature implicitly, as well.
You can now restrict HTTP, S3, and Snowflake traffic by IP:
This ticket will remain open to track the larger feature for restricting all workflow traffic to a specific set of IPs.
We also recently developed an HTTP proxy that you can use to proxy any HTTP traffic from a workflow. Please reach out to our team if you'd like to use that proxy to tunnel HTTP traffic to a destination server.
hey @dylburger! any plans to restrict mySQL requests to a set array of IPs? I'm ready to take a crack at the bastion server solution, but just wanted to ask with crossed fingers and toes first 😅
@tommyrowe We're working on this right now! Still in the early phases, but we'll announce here when it's ready to test.
copy that @dylburger. happy to help test in the wild when the time comes. thanks for the reply and update!
i need whitelist ips for binance api trading which only allows whitelisted ips to trade
+1
+1
+1
+1
+1, this feature is very important for us. We need to whitelist IP and use PipeDream to issue MySQL queries.
+1, the reason being we have an onsite hosted instance of an application that we want to be able to integrate with cloud based services without opening ourselves up to the whole world.
@dylburger +1, lack of fix IPs was causing a major debate about potential implementation of Pipedream in corporate project. Some dev ops people operate single whitelisted IPs added to security groups. I would say this clearly will convert into adoption, by bigger entities.
@gregonarash @Vince-GMG @jingconan @mperzov @alexjordi @renattomachado Thanks for all the feedback. We just implemented virtual private clouds (VPCs) for our Business customers. You can create dedicated VPCs in Pipedream and configure specific workflows to run in that network. The VPC is unique to your workspace — no other customer workflows will run there — and it has a unique egress IP that you can whitelist on your firewalls. A lot of customers wanted truly dedicated egress IPs so they could ensure no other traffic would originate from that IP, so we decided to start here.
If you're interested in, please email me at dylan [at] pipedream [dot] com and I can help set this up on your workspace. We can also offer monthly billing for the Business plan if the annual option on the site isn't an option — just let me know when you reach out.
This is live! https://pipedream.com/docs/workflows/vpc/
For example, I'd like to query a Postgres DB from a workflow, and I need to add a network ACL to expose port 5432 to a limited set of IPs. So I'd like to know the IP address(es) from which the request will come.
Ideally, this would be provided in a publicly-accessible data exchange format (for example, AWS provides theirs as a JSON doc), so I can update firewall or network rules programmatically.