Appflow - security group

1

I want to configure the firewall in the security group to allow only Amazon AppFlow access to the RDS Postgres. Therefore, I retrieved the IP range from the ip_range.json file at https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-ranges.html, selecting all entries related to AppFlow. This included 3 groups of IPs with a /30 subnet mask. Initially, this worked for a few requests, but then I started experiencing timeouts. After enabling IP logging and opening the firewall, I discovered a new IP (44.211.234.252) not listed in ip-range.json, which belongs to Amazon. Consequently, I added the entire range 44.192.0.0/11, and this solution worked for a few days. However, the connection has failed again, and I found another missing Amazon IP: 34.236.216.188, in my firewall settings. I'm unsure how to proceed. How can I determine the IP ranges used by Amazon AppFlow to ensure they are included in the firewall?

1 回答
0

Hi

The IP ranges (per region) from where AppFlow will initiate requests are available here: https://ip-ranges.amazonaws.com/ip-ranges.json. Your approach seems to be correct!

Since, you have observed deviation from this, I suggest you get in touch with AWS Support so that they can investigate this specific case.

Thanks

profile pictureAWS
专家
已回答 9 个月前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则