Appflow - security group


I want to configure the firewall in the security group to allow only Amazon AppFlow access to the RDS Postgres. Therefore, I retrieved the IP range from the ip_range.json file at, selecting all entries related to AppFlow. This included 3 groups of IPs with a /30 subnet mask. Initially, this worked for a few requests, but then I started experiencing timeouts. After enabling IP logging and opening the firewall, I discovered a new IP ( not listed in ip-range.json, which belongs to Amazon. Consequently, I added the entire range, and this solution worked for a few days. However, the connection has failed again, and I found another missing Amazon IP:, in my firewall settings. I'm unsure how to proceed. How can I determine the IP ranges used by Amazon AppFlow to ensure they are included in the firewall?

1 Answer


The IP ranges (per region) from where AppFlow will initiate requests are available here: Your approach seems to be correct!

Since, you have observed deviation from this, I suggest you get in touch with AWS Support so that they can investigate this specific case.


profile pictureAWS
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions