SaaS Regions and IP Ranges

Overview

Sysdig SaaS applications are deployed in five data center regions—US East (Virginia), US West AWS (Oregon), US West GCP (Dallas), AP Australia (Sydney) and the European Union (Frankfurt). At the data centers, Sysdig ensures the best security and compliance standards for your data. This page lists the current Sysdig SaaS domains and IP ranges for each region.

For code-based access: Note: The endpoints for Sysdig Monitor and Sysdig Secure are the same in the US West (AWS and GCP), AP Australia, and EU regions. When configuring code-based access to Sysdig Secure, use the endpoint rather than the website URL.

For Single Sign-On: Sysdig SaaS users require the website address to reach the Sysdig applications. Use the appropriate website URL while configuring a single sign-on.

Collector: Additionally, Sysdig agents in a SaaS-based deployment need to be able to reach the Sysdig collector. Depending on your network configuration, you might need to modify your firewall configuration to permit outbound connections from agents to the collector.

Inbound IP Addresses: The traffic originating from the Sysdig agent to the Sysdig backend is known as inbound traffic. Allow the agent to send communication outbound on TCP 6443 to the inbound IP ranges associated with your SaaS region.

Outbound IP Addresses: Also known as source IP addresses and all the traffic originating from the Sysdig backend hosted in each region flows through one of the corresponding source IP addresses.

Whitelisting Guidance

Choose what to whitelist based on the Sysdig products and features you use. If you run:

Monitor Only

Whitelist:

  • Monitor Domain (optional, if needed to communicate with API for, e.g., an on-prem Jenkins job)
  • IP Ranges
  • Collector (endpoints, ports)
  • Prometheus endpoint (if using Prometheus remote write or onprem Grafana)

Secure Vuln Management/Scanning

Whitelist:

  • Secure Endpoint (communicates to API)
  • S3 Bucket
  • Node analyzer (for old engine host scanner; new engine does not require whitelist for the runtime scanner)

Secure Threat Detection

Whitelist:

  • Secure Endpoint
  • Collector (endpoints, ports)

Actionable Compliance KSPM

  • Secure Endpoint

Americas

US East (North Virginia)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.sysdigcloud.comAll the traffic originating from the US East datacenter will have one of the following source IP addresses:

54.82.115.3
50.19.72.123
18.207.87.189

The inbound IP addresses are:

18.214.168.193
3.210.216.124
44.196.252.240
Sysdig SecureEndpoint: https://secure.sysdig.com
Website URL: https://secure.sysdig.com
Sysdig Collectorcollector.sysdigcloud.com (Collector port: 6443)
Node Analyzerhttps://collector-static.sysdigcloud.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-us-east-1-761931097553.s3.us-east-1.amazonaws.com
API Docshttps://app.sysdigcloud.com/api/public/docs/index.html
https://secure.sysdig.com/swagger.htm

US West (Oregon)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://us2.app.sysdig.comAll the traffic originating from the US West datacenter will have one of the following source IP addresses:

54.218.164.215
54.244.190.180
44.232.85.27

The inbound IP addresses are:

54.190.202.108
54.203.169.53
54.70.9.188
Sysdig SecureEndpoint: https://us2.app.sysdig.com
Website URL: https://us2.app.sysdig.com/secure/
Sysdig Collectoringest-us2.app.sysdig.com (Collector port: 6443)

ingest-alt-us2.app.sysdig.com (Collector port: 443)
Node Analyzerhttps://us2.app.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-us-west-2-263844535661.s3.us-west-2.amazonaws.com
API Docshttps://us2.app.sysdig.com/api/public/docs/index.html
https://us2.app.sysdig.com/secure/swagger.html

US West (GCP)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.us4.sysdig.comOutbound IP:

34.145.19.124

Inbound IP:

34.145.19.124
Sysdig SecureEndpoint: https://app.us4.sysdig.com/
Website URL: https://app.us4.sysdig.com/secure/
Sysdig Collectoringest.us4.sysdig.comInbound IP:

34.145.123.253
Node Analyzerhttps://app.us4.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://storage.googleapis.com/us4-prod-usw1-e33c-us-west1-us-secure-feeds
API Docshttps://app.us4.sysdig.com/api/public/docs/index.html
https://app.us4.sysdig.com/secure/swagger.html

European Union

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://eu1.app.sysdig.comAll traffic originating from the European Union (EU) datacenter will have one of the following source IP addresses:

3.127.3.205
3.127.111.42
18.157.104.82

The inbound IP addresses are:

18.156.190.126
18.157.62.50
3.126.167.54
Sysdig SecureEndpoint: https://eu1.app.sysdig.com
Website URL: https://eu1.app.sysdig.com/secure/
Sysdig Collectoringest-eu1.app.sysdig.com (Collector port: 6443)

ingest-alt-eu1.app.sysdig.com (Collector port: 443)
Node Analyzerhttps://eu1.app.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-eu-central-1-263844535661.s3.eu-central-1.amazonaws.com
API Docshttps://eu1.app.sysdig.com/api/public/docs/index.html
https://eu1.app.sysdig.com/secure/swagger.html

Asia Pacific (Sydney)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.au1.sysdig.comOutbound IPs:

13.236.248.84
13.236.151.38
13.54.145.96

The inbound IPs:

13.238.59.195
52.62.57.59
52.64.82.29
Sysdig SecureEndpoint: https://app.au1.sysdig.com/
Website URL: https://app.au1.sysdig.com/secure/
Sysdig Collectoringest.au1.sysdig.com
Node Analyzerhttps://app.au1.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-ap-southeast-2-263844535661.s3.ap-southeast-2.amazonaws.com
API Docshttps://app.au1.sysdig.com/api/public/docs/index.html
https://app.au1.sysdig.com/secure/swagger.html

Sysdig Collector Ports

Sysdig Agent uses the following ports to communicate with the Sysdig Collector.

RegionsPort
US EastCollector: SSL/TLS 6443
Collector: TCP 6666
UI/API: HTTPS 443
US WestCollector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443
US West (GCP)Collector: SSL/TLS 6443
UI/API: HTTPS 443
EUCollector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443
Asia Pacific (Sydney)Collector: SSL/TLS 6443
UI/API: HTTPS 443

AWS Account IDs

RegionsAWS Account IDs
US East761931097553
US West263844535661
EU263844535661

Redirect URLs for Authentication

Authentication ProtocolUS EastOther Regions
SAMLSysdig Monitor
ACS URL / Sign on URL: https://app.sysdigcloud.com/api/saml/auth
Entity ID: https://app.sysdigcloud.com
Sysdig Secure
ACS URL / Sign on URL: https://secure.sysdig.com/api/saml/secureAuth
Entity ID: https://secure.sysdig.com/
Sysdig Monitor

ACS URL / Sign on URL:
https://eu1.app.sysdig.com/api/saml/auth
Entity ID: https://eu1.app.sysdig.com
ACS URL / Sign on URL:
https://us2.app.sysdig.com/api/saml/auth
Entity ID: https://us2.app.sysdig.com
ACS URL / Sign on URL:
https://app.au1.sysdig.com/api/saml/auth
Entity ID: https://app.au1.sysdig.com
ACS URL / Sign on URL:
https://app.us4.sysdig.com/api/saml/auth
Entity ID: https://app.us4.sysdig.com

Sysdig Secure

ACS URL / Sign on URL:
https://eu1.app.sysdig.com/api/saml/secureAuth
Entity ID: https://eu1.app.sysdig.com/secure/
ACS URL / Sign on URL:
https://us2.app.sysdig.com/api/saml/secureAuth
Entity ID: https://us2.app.sysdig.com/secure/
ACS URL / Sign on URL:
https://app.au1.sysdig.com/api/saml/secureAuth
Entity ID: https://app.au1.sysdig.com/secure/
ACS URL / Sign on URL:
https://app.us4.sysdig.com/api/saml/secureAuth
Entity ID: https://app.us4.sysdig.com/secure/
OpenIDSysdig Monitor
Redirect URL:
https://app.sysdigcloud.com/api/oauth/openid/auth
Sysdig Secure
Redirect URL:
https://secure.sysdig.com/api/oauth/openid/secureAuth
Sysdig Monitor
Redirect URL:

https://eu1.app.sysdig.com/api/oauth/openid/auth
https://us2.app.sysdig.com/api/oauth/openid/auth
https://app.au1.sysdig.com/api/oauth/openid/auth
https://app.us4.sysdig.com/api/oauth/openid/auth

Sysdig Secure
Redirect URL:

https://eu1.app.sysdig.com/api/oauth/openid/secureAuth
https://us2.app.sysdig.com/api/oauth/openid/secureAuth
https://app.au1.sysdig.com/api/oauth/openid/secureAuth
https://app.us4.sysdig.com/api/oauth/openid/secureAuth
Google OAuthSysdig Monitor
https://app.sysdigcloud.com/api/oauth/google/auth
Sysdig Secure
https://secure.sysdig.com/api/oauth/google/secureAuth
Sysdig Monitor

https://eu1.app.sysdig.com/api/oauth/google/auth
https://us2.app.sysdig.com/api/oauth/google/auth
https://app.au1.sysdig.com/api/oauth/google/auth
https://app.us4.sysdig.com/api/oauth/google/auth

Sysdig Secure

https://eu1.app.sysdig.com/api/oauth/google/secureAuth
https://us2.app.sysdig.com/api/oauth/google/secureAuth
https://app.au1.sysdig.com/api/oauth/google/secureAuth
https://app.us4.sysdig.com/api/oauth/google/secureAuth

Prometheus Endpoints

Use the following Prometheus endpoints for Grafana integrations.

RegionEndpoint
US Easthttps://app.sysdigcloud.com/prometheus
US Westhttps://us2.app.sysdig.com/prometheus
US West (GCP)https://app.us4.sysdig.com/prometheus
EU Centralhttps://eu1.app.sysdig.com/prometheus
Asia Pacific (Sydney)https://app.au1.sysdig.com/prometheus