Nobl9 Agent Network Requirements
To operate in compliance with the existing firewall or IP address restrictions, there are certain outbound access requirements for locally hosted N9 Agents.
N9 Agent container network requirements at runtime
N9 Agent needs outbound TCP port 443 to the following:
- Nobl9 Okta instance
- Nobl9 SaaS application
- the data source API URL that was configured when you created the Agent in the Nobl9 UI.
Nobl9 Okta instance and Nobl9 SaaS application are an Amazon ALB. As such, the IP addresses may change over time.
The Agent container image
Nobl9's Agent image is published on Docker Hub. Your Kubernetes cluster or other container runtime requires access to the Docker Hub to pull the image. You can also pull the image to a locally hosted artifact image repository and run it from there.
N9 Agent needs outbound TCP port 443 to the following:
AuthN/AuthZ concerns
When you create a data source using an Agent connection, an OAuth2 credential is created, unique to that Agent. These credentials consist of a Client ID and Client Secret.
This credential allows the Agent instance to connect to Nobl9 over outbound HTTPS, identify itself, and obtain its query configurations from the Nobl9 Application.
Submit Feedback