Some third-party platforms may find it necessary to whitelist connections made from your Porter-provisioned infrastructure. This guide walks you through determining the egress IPs used by your applications.

AWS

AWS CLI

After ensuring you have the AWS CLI installed and configured to access the account which contains your Porter cluster, run the following command:

aws ec2 describe-nat-gateways --filter "Name=tag-key,Values=kubernetes.io/cluster/<CLUSTER_NAME>" --query "NatGateways[*].NatGatewayAddresses[0].PublicIp"

You’ll need to replace <CLUSTER_NAME> with the name of your cluster. This command will return the egress IP which you can use to whitelist your workloads with third party platforms. In case your cluster has multiple gateways, there will be multiple egress IPs.

AWS VPC Console

  1. Log into the AWS account containing your Porter cluster, and navigate to the VPC console.

  2. In the left pane, select NAT gateways, and you’ll be able to see your cluster’s NAT gateways; they’ll be named after your cluster. Alternatively, you can use kubernetes.io/cluster/<CLUSTER_NAME>: shared to pull up the cluster’s NAT gateways, where CLUSTER_NAME corresponds to your Porter cluster name.

  3. Copy the contents of Primary public IP - this serves as the egress IP which you can use to whitelist your workloads with third party platforms. In case your cluster has multiple gateways, there will be multiple egress IPs.

aws-egress-ip

Google Cloud Platform (GCP)

gcloud CLI

After ensuring you have the GCP gcloud CLI installed and configured to access the account which contains your Porter cluster, run the following command:

gcloud compute addresses list --filter="region:REGION AND users~.*routers/.*-cloud-router$"

You’ll need to replace REGION with the region that your cluster was deployed in. If your cluster name is my-cluster, then your egress IP will be my-cluster-cloud-nat-ip This command will return the egress IP which you can use to whitelist your workloads with third party platforms. In case your cluster has multiple gateways, there will be multiple egress IPs.

GCP Console

  1. Log into the GCP console, and navigate to Cloud NAT

  2. Search for your cluster name in the search bar, and click on the ‘Gateway Name’ cloud-routers

  3. Your clusters IP address will be listed under “Cloud NAT Rules” as “Cloud NAT IPs” cloud-nat-ip

Role Based Access ControlConfiguring AWS ALB