When you are using a custom script in your TD Workflow, you might need to make sure that the IP addresses that Treasure Data needs are whitelisted by your firewall. You can use the following IP addresses to selectively open your firewalls (or public cloud equivalent, such as security groups in AWS) to allow the custom scripts used in your workflows to access external systems.
Region
Source IP Addresses
US
3.228.35.123
34.237.48.37
54.82.188.250
Region
Source IP Addresses
Tokyo
13.113.15.50
13.113.238.22
3.114.18.100
Region
Source IP Addresses
EU01
3.123.157.139
3.123.165.104
35.156.7.239
Region
Source IP Addresses
AP02
13.124.198.125
13.124.232.4
15.164.37.234
S3 Bucket Policy Configuration for Custom Scripts
When your S3 bucket is in the same region as your Treasure Data endpoint, you must set a VPC ID to allow TD's access to the bucket and still restrict access.