A web proxy bypass rule or firewall rule with the following information may be required in your environment to use Endor Labs successfully.
| Description | DNS | Direction / IP Address CIDR | Port |
|---|---|---|---|
| User access to Endor Labs UI | app.endorlabs.com |
Outbound (Egress): 32.133.71.122/32, 52.224.62.85/32 |
443 |
| CI system and user access to Endor Labs API and CLI downloads | api.endorlabs.com |
Outbound (Egress): 34.96.123.220/32, 52.234.140.241/32 |
443 |
| User access to Endor Labs documentation | docs.endorlabs.com |
Outbound (Egress): 34.123.199.118/32, 52.224.70.63/32 |
443 |
| Inbound access from Endor Labs scanning clusters | N/A |
Inbound (Ingress): 137.135.89.57/32 |
Variable |
Configure inbound access from Endor Labs’ scanning clusters for services that have IP range restrictions such as GitLab or GitHub with the Ingress rule listed above.
If you have configured integrations with third-party applications like Jira, you may need to configure additional egress rules to complete that integration. Consult the documentation for those applications to add the required rules.
Note
For better performance, the Endor Labs client,endorctl, may attempt to connect to dynamically managed Endor Labs cloud resources not listed above. Egress restrictions that prevent such connections will not limit Endor Labs’ functionality.