Just an update to whoever is using IP allowlisting and running into issues still. The code provided here helped me somewhat but I found that there were still IPs missing that the Jira API needed. The original code only pulls out IPv4 and subnet mask lengths of 28. In my use case, I needed only US IPs and found that the /28 was not inclusive of everything I needed to make the API work. I tinkered with it and the below code should work for you. Keep in mind if you are trying to grab the US only, you will need to iterate the code with the regions you need to grab. In my case, I needed us-east-1, us-west-1, us-west-2, and global.
To make it easy for people in the US, here is the list of IPs I gathered that worked for me. This is as of August 2024, this list can change in the future, so be aware.
US WEST 1
3.101.177.128/26,13.52.5.0/25,13.52.5.96/28,104.192.138.0/24,104.192.138.240/28,2401:1d80:3000::/36,2401:1d80:3220:2::/64,2401:1d80:3220:3::/64,2600:1f1c:cc5:2300::/56,2600:1f1c:cc5:2304::/64,2600:1f1c:cc5:2305::/64
US WEST 2
18.246.31.128/25,18.246.31.224/28,18.246.188.0/25,18.246.188.32/28,35.84.197.128/26,104.192.140.0/24,104.192.140.240/28,2401:1d80:3000::/36,2401:1d80:3224:3::/64,2401:1d80:3224:4::/64,2401:1d80:3224:5::/64,2600:1f14:824:300::/56,2600:1f14:824:304::/64,2600:1f14:824:305::/64,2600:1f14:824:306::/64
US EAST 1
18.234.32.128/25,18.234.32.224/28,44.197.146.192/26,44.220.40.128/25,44.220.40.160/28,104.192.142.0/24,104.192.142.240/28,2401:1d80:3000::/36,2401:1d80:321c:3::/64,2401:1d80:321c:4::/64,2401:1d80:321c:5::/64,2600:1f18:2146:e300::/56,2600:1f18:2146:e304::/64,2600:1f18:2146:e305::/64,2600:1f18:2146:e306::/64
Global
104.192.136.0/21,2401:1d80:3000::/36
var json = JSON.parse(document.body.innerText);
var list = new Set();
json.items.filter(function(entry){
return (
entry.direction.indexOf("egress") != -1 &&
entry.product.indexOf("jira") != -1 &&
entry.region.indexOf("global") != -1
);
}).forEach(function(entry){
list.add(entry.cidr);
});
var result = "";
list.forEach(function(item) {
result += "," + item;
});
console.log(result.substring(1));
I hope this helps other people, as it’s been a pain point for me. Atlassian should automatically approve their own IP space for customers that utilize the API (as most integrations use it) or just offer a feature checkbox that says, “Check here to automatically add Atlassian API IPs.”