Appflow - security group

1

I want to configure the firewall in the security group to allow only Amazon AppFlow access to the RDS Postgres. Therefore, I retrieved the IP range from the ip_range.json file at https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-ranges.html, selecting all entries related to AppFlow. This included 3 groups of IPs with a /30 subnet mask. Initially, this worked for a few requests, but then I started experiencing timeouts. After enabling IP logging and opening the firewall, I discovered a new IP (44.211.234.252) not listed in ip-range.json, which belongs to Amazon. Consequently, I added the entire range 44.192.0.0/11, and this solution worked for a few days. However, the connection has failed again, and I found another missing Amazon IP: 34.236.216.188, in my firewall settings. I'm unsure how to proceed. How can I determine the IP ranges used by Amazon AppFlow to ensure they are included in the firewall?

1 Antwort
0

Hi

The IP ranges (per region) from where AppFlow will initiate requests are available here: https://ip-ranges.amazonaws.com/ip-ranges.json. Your approach seems to be correct!

Since, you have observed deviation from this, I suggest you get in touch with AWS Support so that they can investigate this specific case.

Thanks

profile pictureAWS
EXPERTE
beantwortet vor 9 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen