IP Addresses to Allowlist

If your environment restricts communications by allowing only known IP addresses, you need to allowlist the Coveo Cloud IP addresses. This is however optional to use Coveo Cloud.

Inbound Communication

Inbound communication with Coveo Cloud takes place when the Coveo cloud-based crawlers access your on-premises content to index it.

The following are typical cases in which you need to allowlist Coveo Cloud IP addresses:

Coveo Platform IP Addresses

  • The following IP addresses are used by Coveo Cloud.

    • 54.84.109.253

    • 54.84.122.250

    • 54.84.126.201

    • 54.84.126.206

    • 54.89.203.159

    • 34.228.114.92

  • (For Coveo HIPAA organizations only) The following IP addresses are used by the Coveo HIPAA Cloud Platform.

    If the IPs aren’t allowlisted, you will see error codes such as SALESFORCE_UNABLE_TO_AUTHENTICATE_IP_RESTRICTED for Salesforce sources.

    • 34.197.57.255

    • 34.198.140.110

    • 34.200.73.232

    • 52.55.181.180

    • 52.207.117.192

Outbound Communication

(Optional) Sometimes, you may also have to restrict the list of IP addresses with which your server can communicate with Coveo Cloud. If you use the Push API or the Coveo On-Premises Crawling Module, or if your server needs to perform queries, allowlist all IP address ranges that are associated with CloudFront edge servers and all ranges from region us-east-1 in the following list (see Push API and Coveo On-Premises Crawling Module): https://ip-ranges.amazonaws.com/ip-ranges.json.

Recommended Articles