Nobl9 agent network requirements
To operate in compliance with the existing firewall or IP address restrictions, there are certain outbound access requirements for locally hosted Nobl9 agents.
N9 agent container network requirements at runtimeโ
Nobl9 agent needs outbound TCP port 443 to the following:
- Nobl9 Okta instance
- Nobl9 SaaS application
- The data source API URL that was configured when you created the agent in the Nobl9 UI
Nobl9 Okta instance and Nobl9 SaaS application are an Amazon ALB. As such, the IP addresses may change over time.
The agent container imageโ
Nobl9's agent image is published on Docker Hub. Your Kubernetes cluster or other container runtime requires access to the Docker Hub to pull the image. You can also pull the image to a locally hosted artifact image repository and run it from there.
Nobl9 agent needs outbound TCP port 443 to the following:
AuthN/AuthZ concernsโ
When you create a data source using the agent connection, an OAuth2 credential is created, unique to that agent. These credentials consist of a Client ID and Client Secret.
This credential allows the agent instance to connect to Nobl9 over outbound HTTPS, identify itself, and obtain its query configurations from the Nobl9 Application.