Is there a list of source ip addresses/networks for Terraform Cloud runs?

My use case should be fairly common I guess: I want to manage a Google Cloud SQL instance using the Terraform PostgreSQL provider. I don’t want to open my instance to the whole world though, so I’d like to whitelist a range of addresses or networks from which Terraform Cloud runs originate.

I know it’s not top notch security: there’ll be nothing stopping an informed attacker from deploying their hits on Terraform Cloud. I just want to avoid the bots.

4 Likes

I’m looking for the same information. My use case is exactly the same. Any answers?

I am also looking for the same information. Anyoen found anything yet?

Looking for the same. Having the same issue managing azure storageaccounts with firewalling enabled.

Hello all,

I wanted to follow-up and confirm the answer. Currently, Terraform Cloud does not run on a predefined range of IP addresses. I understand that the ability to whitelist is important, there is a possibility we may have a solution for this in the future. At this time, the runners are fairly dynamic.

too bad. this is kind of a dealbreaker for using terraform cloud. Was in touch with hashicorp support, the the suggesting is to move to terraform enterprise.

Half-way through migrating to Terraform Cloud I realised this is a total dealbreaker. Disappointing :frowning:

Shouldn’t be too hard to route the runners’ traffic through a bunch of NAT gateways with publicly known IP addresses should it?