Prepare the Environment for Lacework
Preparing your environment for Lacework typically requires a few configuration adjustments, as described in this topic.
Lacework IPs
Lacework may attempt to connect to endpoints in your environment for various purposes, including for alerting (such as alerting through a web hook) or for image vulnerability scans of container registries.
To prepare your environment for Lacework, you need to configure any allow-lists to permit inbound connections from Lacework for the IP addresses listed in the following sections.
Region-Specific IPs
US
34.208.85.38
35.93.121.192/26
35.95.82.0/26
35.165.121.10
35.165.62.149
35.165.83.150
35.166.181.157
44.231.201.69
52.42.2.33
52.43.197.121
52.88.113.199
54.200.230.179
54.203.18.234
54.213.7.200
EU
3.75.192.192/26
3.121.245.162
18.184.141.112
18.193.166.115
APAC
3.27.79.192/26
Lacework IaC IPs
The following IPs are only required for Lacework Infrastructure As Code (IaC) Security.
34.102.142.169
34.107.222.15
34.107.205.17
34.107.179.205
Outbound FQDN
If your Lacework Console users need to connect to Lacework from a firewalled environment, you must configure your allow-lists to permit outbound HTTP traffic to the following domains:
updates.lacework.net
*.lacework.net
*.lacework.com
docs.lacework.net
app.launchdarkly.com
events.launchdarkly.com
clientstream.launchdarkly.com