Versions Compared

Version Old Version 10 New Version 11
Changes made by

Marc Amouyal

Marc Amouyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If you need a generic Sealights endpoint, you can use the following command

...

https://csdemo.sealights.co in your command.

Warning

In case this command fails, it is important to understand why. Looking at the detailed output (given by the -vI flags) can point us in the right direction.

...

Allow outbound traffic to Sealights' domain

The Firewall should allow outbound connections on port 443 (TLS v1.2) to our domain https://*.sealights.co.
For a more restrictive rule, you can open the connections to your Sealights dashboard URL only.

...

Be sure to follow the next steps to understand which IP addresses need to be added to your exceptions list:

  1. Download the provided ip-ranges.json file from AWS.

  2. From the file, filter out the entires entries related to CloudFront (using jq):

    Code Block

    cat

    ip-ranges.json

    |

    jq

    '.prefixes[]

    |

    select(.service=="CLOUDFRONT")'

  3. Add the subnets output from the previous stage to your Firewall exception list for outbound connections on port 443 (TLS v1.2)

...