Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1519

Increase IP allow list address/range/network block limit past 100

XMLWordPrintable

    • 109

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      Suggested Solution

      • Increase the limit or allow customers to increase the limit

      Why this is important

      • 100 addresses/ranges is not be enough for certain customers

      Workaround

      • Adopt any VPN service to narrow down the outbound IP addresses from your organization
      • Condense IP addresses into CIDR blocks and reducing the overall number of distinct allowlisted ranges
      • Contact Atlassian support and ask for this limit to be increased, while sharing this case number.

            [ACCESS-1519] Increase IP allow list address/range/network block limit past 100

            Pinned comments

            Pinned by Kat N

            Kunwardeep Singh added a comment -

            Added support to add 500 IPs to thje allowlist.

            https://support.atlassian.com/security-and-access-policies/docs/specify-ip-addresses-for-product-access/

            Kunwardeep Singh added a comment - Added support to add 500 IPs to thje allowlist. https://support.atlassian.com/security-and-access-policies/docs/specify-ip-addresses-for-product-access/

            All comments

            Pinned by Kat N

            Kunwardeep Singh added a comment -

            Added support to add 500 IPs to thje allowlist.

            https://support.atlassian.com/security-and-access-policies/docs/specify-ip-addresses-for-product-access/

            Kunwardeep Singh added a comment - Added support to add 500 IPs to thje allowlist. https://support.atlassian.com/security-and-access-policies/docs/specify-ip-addresses-for-product-access/

            Kunwardeep Singh added a comment -

            We have added support to accommodate 500 IPs- therefore closing this ticket. 

            Kunwardeep Singh added a comment - We have added support to accommodate 500 IPs- therefore closing this ticket. 

            Kunwardeep Singh added a comment -

            We will be adding support to increase the limit from 100 to 500 by 10/15/24. 

            Kunwardeep Singh added a comment - We will be adding support to increase the limit from 100 to 500 by 10/15/24. 

            Kunwardeep Singh added a comment - - edited

            We are currently building this feature. Potential launch date - 10/1/2024

            Kunwardeep Singh added a comment - - edited We are currently building this feature. Potential launch date - 10/1/2024

            Luis Camilo Betancur Rios added a comment -

            It is really important for us having more than 100 IP addresses for a specific product.

             

            Have you updates regarding this?

            Luis Camilo Betancur Rios added a comment - It is really important for us having more than 100 IP addresses for a specific product.   Have you updates regarding this?

            Avery Lane added a comment -

            https://getsupport.atlassian.com/browse/PCS-229666

            Avery Lane added a comment - https://getsupport.atlassian.com/browse/PCS-229666

            Tin Nguyen added a comment -

            Well we use the whitelist for a subset of third party address's to reach our ecosystem. How ever I am installing plugins that require Atlassian Forge Allow-listing. Well guess what we only have 100 slots to do this work with and that is not enough to even cover all of the CIDR blocks your forge apps have.

            I wanted to get this behaviors plugin to work with Script Runer. 
            https://docs.adaptavist.com/sr4jc/latest/features/behaviours

            Well I was going to start looking into adding the into the scope of allowed lists but then noticed over 1200 records with various cidr blocks. Why does Forge not have a single IP address or a small subset that is NAT'ed back to the end users cloud instance. Because at this point we are hard blocked after being forced to move to cloud.

            https://ip-ranges.amazonaws.com/ip-ranges.json

            Force Closure of Server Instances to make people use DC or Cloud was a terrible move as DC is almost 3 times the cost and Cloud is not flushed out enough. If you are a simple user then this may not be an issue. But how can you be a power user of a product when the Providers of the tool simply block you from using their tool in an agile way to moving back to a waterfall methodology of using the tool.

            Tin Nguyen added a comment - Well we use the whitelist for a subset of third party address's to reach our ecosystem. How ever I am installing plugins that require Atlassian Forge Allow-listing. Well guess what we only have 100 slots to do this work with and that is not enough to even cover all of the CIDR blocks your forge apps have. I wanted to get this behaviors plugin to work with Script Runer.  https://docs.adaptavist.com/sr4jc/latest/features/behaviours Well I was going to start looking into adding the into the scope of allowed lists but then noticed over 1200 records with various cidr blocks. Why does Forge not have a single IP address or a small subset that is NAT'ed back to the end users cloud instance. Because at this point we are hard blocked after being forced to move to cloud. https://ip-ranges.amazonaws.com/ip-ranges.json Force Closure of Server Instances to make people use DC or Cloud was a terrible move as DC is almost 3 times the cost and Cloud is not flushed out enough. If you are a simple user then this may not be an issue. But how can you be a power user of a product when the Providers of the tool simply block you from using their tool in an agile way to moving back to a waterfall methodology of using the tool.

            Rick Olson added a comment - - edited

            To those of your who are saddled with the 100 IP address limitation in the allow list:

            We attempted to use the new Behaviours module, from ScriptRunner, that is making use of Forge. With over 400 IP addresses to included in the allow list (we are in region us-west-2), I appreciate that the support team was able to increase my limit of IP addresses to 1000. With that increase, the Behaviours module now works!

            Rick Olson added a comment - - edited To those of your who are saddled with the 100 IP address limitation in the allow list: We attempted to use the new Behaviours module, from ScriptRunner, that is making use of Forge. With over 400 IP addresses to included in the allow list (we are in region us-west-2), I appreciate that the support team was able to increase my limit of IP addresses to 1000. With that increase, the Behaviours module now works!

            Lance Bouchard added a comment -

            Literally turned me into a switch board operator.... turning access on and off for remote users to get their work done.

             

            Lance Bouchard added a comment - Literally turned me into a switch board operator.... turning access on and off for remote users to get their work done.  

            Andrew Bryant added a comment -

            We were essentially forced to move to the cloud, and then only given 100 IPs to work with. With a global workforce this is an indefensible, this is a product defect, not a 'feature request'. 

            Andrew Bryant added a comment - We were essentially forced to move to the cloud, and then only given 100 IPs to work with. With a global workforce this is an indefensible, this is a product defect, not a 'feature request'. 

              5cd8def7e384 Kunwardeep Singh
              dnguyen4 Derrick Nguyen
              Votes:
              121 Vote for this issue
              Watchers:
              127 Start watching this issue

                Created:
                Updated:
                Resolved: