Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1002

Enabling allow listing policies automatically blocks Atlassian's own IPs

XMLWordPrintable

    • 48

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Issue Summary

      When users need to use Webhooks, for example in automation, and the allow listing polices are enabled, the Atlassian IP's are automatically blocked and in order to be accessible they need to be added in the allowlist which uses 32 out of the available 100 -> 500 configurable IPs.

      Steps to Reproduce

      1. Enable allow listing policies
      2. Attempt to use a webhook from an automation rule pointing to the originating instance.
      3. Unless the Atlassian IPs are added in the allowlisting policies the webhok operation fails.

      Expected Results

      Atlassian's own IPs should be allowed automatically even if the allowlisting policies are turned on. Also this shouldn't count toward the 100 limit provided to the customers

      Actual Results

      Atlassian IPs need to be manually added and they count towards the 100 -> 500 IP limit.

      jira { "errorMessages": [ "The IP address has been rejected because it is not on the allowedlist. See your admin for more information." ], "errors": {} }

      Workaround

      Customer needs to manually add Atlassian's IPs in the allowlist.

              c7091d2da3a4 Matthew Wirtz
              3638101d8c0a Jose Gochi
              Votes:
              20 Vote for this issue
              Watchers:
              45 Start watching this issue

                Created:
                Updated: