Configure network security policies

1 minute read

Configure network allowlists and firewall rules to ensure reliable communication between your infrastructure and CloudBees Unify services. Before you begin, ensure you have administrative access to your network configuration and firewall settings.

Organizations with locked-down environments must update their allowlists to avoid connectivity issues.

Configure outbound domain allowlist

Add these domains to your firewall’s allowlist for outbound HTTPS traffic to ensure proper CloudBees Unify functionality:

Core platform domains

Feature management domains

If using feature management capabilities, also allowlist these domains:

Configure inbound access (optional)

For webhook notifications, allow inbound traffic from these CloudBees gateway IP addresses:

  • 100.21.184.186 (US West)

  • 54.236.193.143 (US East)

These supersede the previous IPs 52.24.30.200 and 54.156.242.224.

Configure your firewall to allow inbound HTTPS (port 443) from these IPs to your webhook endpoints.

Test and troubleshoot connectivity

Test outbound access:

curl -I https://cloudbees.io curl -I https://api.cloudbees.io

For connection issues, verify:

  • Outbound HTTPS access to *.cloudbees.io domains.

  • DNS resolution and corporate proxy configuration.

  • Inbound firewall rules allow CloudBees gateway IPs (for webhooks).

  • SSL certificates are valid.

Use standard network tools (nslookup, openssl s_client, curl -v) for detailed diagnostics.