Whitelist netlify build servers

I want to run a build on netlify, that connects to Mongo Atlas - our atlas is protected by a firewall. could you provide me with a list of IP to whitelist?

1 Like

Hi!
I don’t recommend IP whitelisting because the list would have to be refreshed regularly as sometimes new servers appear or others disappear, so whitelisting would be quite unreliable.
However there probably are some IP whois informations to identify Netlify servers on. (Somebody from Netlify would know more about this point)
What is your firewall? Is it your routers one? Is it something like iptables? Or is it your Atlas servers software integrated one?

2 Likes

Good instincts, @niansa! IP whitelisting will not work with our service. Builds, in particular, are on very transient IP’s within the GCE cloud and change constantly.

You could run something like a secret proxy which you allowed our builds to connect to, if you wanted, but that is not really adding much in terms of security, except obscurity, which of course is no real security at all.

The general use pattern for “must contact protected resource from within builds” is to use some form of authentication like password, or maybe SSH key (kinda convoluted to put it in there, but I’ve written up an example here:

[Common Issue] Using an SSH key via environment variable during build ).

It’s managed by Atlas

OK. What does that mean, for those of us who are not their customer?

We restricted access to our mongoDB cluster only to our Infrastructure on AWS @shrikster could shed more light into this process. I only know that Our mongoDB cluster on Atlas is not responding when I’m try to connect via code running on netlify

https://docs.atlas.mongodb.com/security-whitelist/

I expect that the answer I gave earlier, if you relayed it to them, would answer their question (probably not possible in the way you’d like).