SaaS Regions and IP Ranges

Overview

Sysdig SaaS applications are deployed in five data center regions:

At the data centers, Sysdig ensures the best security and compliance standards for your data.

This page lists the current Sysdig SaaS domains and IP ranges for each region.

Use Cases

Code-based Access

The endpoints for Sysdig Monitor and Sysdig Secure are the same in the US West (AWS and GCP), AP Australia, and EU regions. When configuring code-based access to Sysdig Secure, use the endpoint rather than the website URL.

Single Sign-On

Sysdig SaaS users require the website address to reach the Sysdig applications. Use the appropriate website URL when configuring a single sign-on.

Collector

Additionally, Sysdig agents in a SaaS-based deployment need to be able to reach the Sysdig collector. Depending on your network configuration, you might need to modify your firewall configuration to permit outbound connections from agents to the collector.

Inbound IP Addresses

The traffic originating from the Sysdig agent to the Sysdig backend is known as inbound traffic. Allow the agent to send communication outbound on TCP 6443 to the inbound IP ranges associated with your SaaS region.

Outbound IP Addresses Also known as source IP addresses, all the traffic originating from the Sysdig backend hosted in each region flows through one of the corresponding source IP addresses.

Allowlist Guidance

Choose what to allowlist, based on the Sysdig products and features you use. The allowlist values vary based on the Sysdig Platform Region you use.

Ensure that you add download.sysdig.com to the set of URLs in the allowlist for all the Sysdig SaaS regions.


If you run:

Monitor Only

Allow:

  • Monitor Domain (optional, if needed to communicate with API for, e.g., an on-prem Jenkins job)
  • IP Ranges
  • Collector (endpoints, ports)
  • Prometheus endpoint (if using Prometheus remote write or on-prem Grafana)

Secure Vuln Management/Scanning

Allow:

  • Secure Endpoint (communicates to API)
  • S3 Bucket where Vulnerability DB is stored
  • Node analyzer (for old engine host scanner; new engine does not require you to allow the runtime scanner)

Secure Threat Detection

Allow:

  • Secure Endpoint
  • Collector (endpoints, ports)

Actionable Compliance KSPM

Allow:

  • Secure Endpoint

On-Premise Vulnerability Feeds

Allow:

  • Secure Endpoint (communicates to API)
  • S3 Bucket where Vulnerability DB is stored

Note: This is only necessary for the Vulnerability Management engine until air-gapped support is available.

Sysdig Platform Regions

US East (North Virginia)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.sysdigcloud.comAll the traffic originating from the US East datacenter will have one of the following source IP addresses:

54.82.115.3
50.19.72.123
18.207.87.189

The inbound IP addresses are:

18.214.168.193
3.210.216.124
44.196.252.240
Sysdig SecureEndpoint: https://secure.sysdig.com
Website URL: https://secure.sysdig.com
All the traffic originating from the US East datacenter will have one of the following source IP addresses:

54.82.115.3
50.19.72.123
18.207.87.189

The inbound IP addresses are:

18.214.168.193
3.210.216.124
44.196.252.240
Sysdig Collectorcollector.sysdigcloud.com (Collector port: 6443)
Node Analyzerhttps://collector-static.sysdigcloud.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-us-east-1-761931097553.s3.us-east-1.amazonaws.com
API Docshttps://app.sysdigcloud.com/api/public/docs/index.html
https://secure.sysdig.com/swagger.html

US West (Oregon)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://us2.app.sysdig.comAll the traffic originating from the US West datacenter will have one of the following source IP addresses:

54.218.164.215
54.244.190.180
44.232.85.27

The inbound IP addresses are:

54.190.202.108
54.203.169.53
54.70.9.188
Sysdig SecureEndpoint: https://us2.app.sysdig.com
Website URL: https://us2.app.sysdig.com/secure/
All the traffic originating from the US West datacenter will have one of the following source IP addresses:

54.218.164.215
54.244.190.180
44.232.85.27

The inbound IP addresses are:

54.190.202.108
54.203.169.53
54.70.9.188
Sysdig Collectoringest-us2.app.sysdig.com (Collector port: 6443)

ingest-alt-us2.app.sysdig.com (Collector port: 443)
Node Analyzerhttps://us2.app.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-us-west-2-263844535661.s3.us-west-2.amazonaws.com
API Docshttps://us2.app.sysdig.com/api/public/docs/index.html
https://us2.app.sysdig.com/secure/swagger.html

US West (GCP)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.us4.sysdig.comOutbound IP:

34.105.1.7
34.127.13.141

Inbound IP:

34.145.19.124
Sysdig SecureEndpoint: https://app.us4.sysdig.com/
Website URL: https://app.us4.sysdig.com/secure/
Outbound IP:

34.105.1.7
34.127.13.141

Inbound IP:

34.145.19.124
Sysdig Collectoringest.us4.sysdig.comInbound IP:

34.145.123.253
Node Analyzerhttps://app.us4.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://storage.googleapis.com/us4-prod-usw1-e33c-us-west1-us-secure-feeds
API Docshttps://app.us4.sysdig.com/api/public/docs/index.html
https://app.us4.sysdig.com/secure/swagger.html

European Union

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://eu1.app.sysdig.comAll traffic originating from the European Union (EU) datacenter will have one of the following source IP addresses:

3.127.3.205
3.127.111.42
18.157.104.82

The inbound IP addresses are:

18.156.190.126
18.157.62.50
3.126.167.54
Sysdig SecureEndpoint: https://eu1.app.sysdig.com
Website URL: https://eu1.app.sysdig.com/secure/
All traffic originating from the European Union (EU) datacenter will have one of the following source IP addresses:

3.127.3.205
3.127.111.42
18.157.104.82

The inbound IP addresses are:

18.156.190.126
18.157.62.50
3.126.167.54
Sysdig Collectoringest-eu1.app.sysdig.com (Collector port: 6443)

ingest-alt-eu1.app.sysdig.com (Collector port: 443)
Node Analyzerhttps://eu1.app.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-eu-central-1-263844535661.s3.eu-central-1.amazonaws.com
API Docshttps://eu1.app.sysdig.com/api/public/docs/index.html
https://eu1.app.sysdig.com/secure/swagger.html

Asia Pacific (Sydney)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.au1.sysdig.comOutbound IPs:

13.236.248.84
13.236.151.38
13.54.145.96

The inbound IPs:

13.238.59.195
52.62.57.59
52.64.82.29
Sysdig SecureEndpoint: https://app.au1.sysdig.com/
Website URL: https://app.au1.sysdig.com/secure/
Outbound IPs:

13.236.248.84
13.236.151.38
13.54.145.96

The inbound IPs:

13.238.59.195
52.62.57.59
52.64.82.29
Sysdig Collectoringest.au1.sysdig.com (Collector port: 6443)

ingest-alt.au1.sysdig.com (Collector port: 443)
Node Analyzerhttps://app.au1.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-ap-southeast-2-263844535661.s3.ap-southeast-2.amazonaws.com
API Docshttps://app.au1.sysdig.com/api/public/docs/index.html
https://app.au1.sysdig.com/secure/swagger.html

Other Feature-Specific/Region Data

Sysdig Collector Ports

Sysdig Agent uses the following ports to communicate with the Sysdig Collector.

RegionsPort
US EastCollector: SSL/TLS 6443
Collector: TCP 6666
UI/API: HTTPS 443
US WestCollector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443
US West (GCP)Collector: SSL/TLS 6443
UI/API: HTTPS 443
EUCollector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443
Asia Pacific (Sydney)Collector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443

AWS Account IDs

RegionsAWS Account IDs
US East761931097553
US West263844535661
EU263844535661
Asia Pacific263844535661

Redirect URLs for Authentication

Authentication ProtocolUS EastOther Regions
SAMLSysdig Monitor
ACS URL / Sign on URL: https://app.sysdigcloud.com/api/saml/auth
Entity ID: https://app.sysdigcloud.com
Sysdig Secure
ACS URL / Sign on URL: https://secure.sysdig.com/api/saml/secureAuth
Entity ID: https://secure.sysdig.com/
Sysdig Monitor

ACS URL / Sign on URL:
https://eu1.app.sysdig.com/api/saml/auth
Entity ID: https://eu1.app.sysdig.com
ACS URL / Sign on URL:
https://us2.app.sysdig.com/api/saml/auth
Entity ID: https://us2.app.sysdig.com
ACS URL / Sign on URL:
https://app.au1.sysdig.com/api/saml/auth
Entity ID: https://app.au1.sysdig.com
ACS URL / Sign on URL:
https://app.us4.sysdig.com/api/saml/auth
Entity ID: https://app.us4.sysdig.com

Sysdig Secure

ACS URL / Sign on URL:
https://eu1.app.sysdig.com/api/saml/secureAuth
Entity ID: https://eu1.app.sysdig.com/secure/
ACS URL / Sign on URL:
https://us2.app.sysdig.com/api/saml/secureAuth
Entity ID: https://us2.app.sysdig.com/secure/
ACS URL / Sign on URL:
https://app.au1.sysdig.com/api/saml/secureAuth
Entity ID: https://app.au1.sysdig.com/secure/
ACS URL / Sign on URL:
https://app.us4.sysdig.com/api/saml/secureAuth
Entity ID: https://app.us4.sysdig.com/secure/
OpenIDSysdig Monitor
Redirect URL:
https://app.sysdigcloud.com/api/oauth/openid/auth
Sysdig Secure
Redirect URL:
https://secure.sysdig.com/api/oauth/openid/secureAuth
Sysdig Monitor
Redirect URL:

https://eu1.app.sysdig.com/api/oauth/openid/auth
https://us2.app.sysdig.com/api/oauth/openid/auth
https://app.au1.sysdig.com/api/oauth/openid/auth
https://app.us4.sysdig.com/api/oauth/openid/auth

Sysdig Secure
Redirect URL:

https://eu1.app.sysdig.com/api/oauth/openid/secureAuth
https://us2.app.sysdig.com/api/oauth/openid/secureAuth
https://app.au1.sysdig.com/api/oauth/openid/secureAuth
https://app.us4.sysdig.com/api/oauth/openid/secureAuth
Google OAuthSysdig Monitor
https://app.sysdigcloud.com/api/oauth/google/auth
Sysdig Secure
https://secure.sysdig.com/api/oauth/google/secureAuth
Sysdig Monitor

https://eu1.app.sysdig.com/api/oauth/google/auth
https://us2.app.sysdig.com/api/oauth/google/auth
https://app.au1.sysdig.com/api/oauth/google/auth
https://app.us4.sysdig.com/api/oauth/google/auth

Sysdig Secure

https://eu1.app.sysdig.com/api/oauth/google/secureAuth
https://us2.app.sysdig.com/api/oauth/google/secureAuth
https://app.au1.sysdig.com/api/oauth/google/secureAuth
https://app.us4.sysdig.com/api/oauth/google/secureAuth

Prometheus Endpoints and Regions

Prometheus Remote Write

Prometheus Remote Write resides in the ingest endpoints for each region under /prometheus/remote/write. The public Prometheus Remote Write endpoints for each region are listed below:

RegionEndpoints
US Easthttps://api.sysdigcloud.com/prometheus/remote/write
US Westhttps://us2.app.sysdig.com/prometheus/remote/write
US West (GCP)https://app.us4.sysdig.com/prometheus/remote/write
European Unionhttps://eu1.app.sysdig.com/prometheus/remote/write
Asia Pacific (Sydney)https://app.au1.sysdig.com/prometheus/remote/write

Grafana Integrations

Use the following Prometheus endpoints for Grafana integrations.

RegionEndpoint
US Easthttps://app.sysdigcloud.com/prometheus
US Westhttps://us2.app.sysdig.com/prometheus
US West (GCP)https://app.us4.sysdig.com/prometheus
EU Centralhttps://eu1.app.sysdig.com/prometheus
Asia Pacific (Sydney)https://app.au1.sysdig.com/prometheus