Allowlist Harness domains and IPs
Harness SaaS delegates only need outbound access to the Harness domain name (typically app.harness.io) and, optionally, to logging.googleapis.com (used to provide logs to Harness support).
The URL logging.googleapis.com
is used to send log files to Harness support. Use the environment variable STACK_DRIVER_LOGGING_ENABLED
to disable this functionality.
For more information, go to Delegate environment variables.
Harness Manager
Users of the Harness Manager browser client need access to app.harness.io and static.harness.io. This is not a Harness Delegate requirement. It's simply for users to use the browser-based Harness Manager.
Vanity URL
If you are using a Harness vanity URL, like mycompany.harness.io, you can allowlist it also.
Allowlist Harness SaaS IPs
The following list is optional. You can allowlist these IPs if needed.
35.201.91.229
34.120.225.85
34.110.203.189
34.149.33.161
34.160.153.7
34.82.155.149
34.168.179.66
Harness will not change IPs without 30 days notice to all customers. If a security emergency requires a change, all customers are notified.
Add Harness hosted GitOps IPs to the allowlist
Access to Kubernetes clusters that are behind strict firewalls and are not accessible from the public internet is controlled through authorized IP addresses. To allow access to these clusters, Harness provides a list of IP addresses that need to be configured on the clusters.
If you are using hosted GitOps agents to deploy on managed clusters, you must configure these clusters with a specific set of IP addresses to authorize access.
Harness hosted GitOps IPs
All the IPs are cloud NAT gateways and need to enable specific IPs instead of ranges.
34.168.25.119/32
35.247.93.45/32
34.82.210.106/32
34.83.159.16/32
35.237.119.232/32
34.82.155.149/32
34.83.51.28/32
35.230.70.231/32
34.105.92.100/32
35.233.187.42/32
35.247.6.7/32
34.83.106.43/32
34.168.179.66/32
34.145.10.183/32
35.197.78.109/32
35.247.11.84/32
34.168.91.26/32
35.230.82.250/32
35.247.57.139/32
34.83.191.187/32
34.127.8.91/32
35.247.40.237/32
35.236.117.224/32
35.236.112.238/32
34.94.29.95/32
34.94.190.229/32
Harness hosted Feature Flags IPs
With Feature Flags, the following IP can be added to the allowlist as needed.
35.244.167.62
For Flutter Web users only, you can use the following IP address:
35.190.29.75
If you'd like to install the JavaScript SDK needed for the Flutter Web IP, you can refer to the Feature Flags Javascript SDK Documentation or the Flutter GitHub repo.
Configure clusters
To ensure proper functionality, configure your clusters with API access to the authorized Harness IP addresses.
If you have not yet configured your clusters with the required IP addresses, use the links provided below to complete the configuration for the listed clusters.