Skip to main content

Akuity Platform Networking Requirements

Egress Traffic Rules

  • Allow port 443 (TCP) for secure HTTPS and TCP communication.

Domain Access

The following domains need to be configured and allowlisted for access :

US Region

  • akuity.cloud
  • *.cd.akuity.cloud
  • *.cdsvcs.akuity.cloud
  • *.kargo.akuity.cloud
  • *.kargosvcs.akuity.cloud

EU Region

  • eu.akuity.cloud
  • *.cd.eu.akuity.cloud
  • *.cdsvcs.eu.akuity.cloud
  • *.kargo.eu.akuity.cloud
  • *.kargosvcs.eu.akuity.cloud

IP Allowlisting

Akuity Platform IPs

If your workload cluster restricts egress traffic by IP, add the following Akuity Platform addresses to your cluster's allow list so that the Akuity Platform Agent can reach the Akuity Platform:

US Region :
35.83.167.172
35.164.149.26
44.227.111.216
13.248.239.50
166.117.206.69
EU Region :
63.180.120.65
3.74.238.191
63.180.42.11
166.117.35.43
99.83.186.100

Outbound IPs for External Service Allowlisting

When Akuity Platform components on the controlplane (one notable example is when an app-of-apps is used) connects to your external services (such as Git repositories, container registries, or other endpoints), its outbound traffic originates from the following IP addresses. If your external service restricts access by IP — for example, when using GitHub App IP allow lists — add these addresses to permit access:

US Region:
52.40.235.49
35.85.123.223
52.32.37.241
EU Region:
63.177.220.72
3.68.60.214
3.120.93.7

Cloudflare IPs

The Akuity Platform uses Cloudflare as a sub-processor to provide CDN and security services. Cloudflare only processes limited network-level metadata (IP addresses and HTTP request data) and does not access or retain customer application data, credentials, or stored content. Cloudflare is compliant with ISO 27001, SOC 2 Type II, PCI-DSS, GDPR, and other leading security standards.

When accessing resources behind IP allowlists (such as private Git repositories or artifact registries), you must add Cloudflare's IP ranges to your allowlist. This ensures that traffic from the Akuity Platform, which routes through Cloudflare, can successfully reach your protected resources.

Cloudflare IP Ranges

For more information about Akuity's sub-processors, see the Sub-Processor list.