New Relic uses public minions to execute your synthetic monitors. These minions are deployed in different data centers around the globe and are in charge of running your monitors.
Because of this, ensure your firewall allows synthetics network requests. Minion IP addresses are publicly available in JSON format, so you can easily read and parse them.
Important
Please ensure your allow list or related configurations include all ranges in the IP range lists as requests could be sent from either environment.
Optional steps:
- You can automate your rules for your allow list based on these files.
- You can identify synthetic monitor requests using our standard headers or by adding a custom header to your ping or simple browser monitor, scripted API monitor, or scripted browser monitor.
IP addresses are not personal data
Minions are deployed on servers, and the agents are activated using non-personal credentials. IP addresses associated with minions running on servers are not personal data under data protection and privacy laws. For more information, see the Synthetic's security documentation.
Daily JSON listings for IP addresses
IP addresses for released locations are subject to change. If a change is needed, we'll attempt to proactively notify customers prior to any changes via e-mail. You can also check the Support Forum for updates. The IP ranges listed are reserved for use by New Relic and cannot be used by anyone else.
Important
If you are adding Synthetics traffic to the allowlist from any public locations using IP addresses, you must update your allowlists with the new IP ranges. New IP ranges to allowlist:
152.38.128.0/19
212.32.0.0/20
64.251.192.0/20
The following IP ranges will remain in use for the
us-east-1region:- 44.202.178.0/24
- 44.202.180.0/23
- 44.210.68.0/24
- 44.210.110.0/25
EU and US accounts |
|---|
Important
It is recommended that you add the entire global ranges provided by New Relic to your allowlist. The JSON file has now been updated to include a regional breakdown of the new IP ranges. Any region not mentioned in the new list will continue using old IPs.
The following IP ranges are available for use:
Region | Location | IP Range |
|---|---|---|
us-east-1 | Washington, DC, USA | 152.38.128.64/26, 152.38.132.0/24, 64.251.196.0/24, 44.202.178.0/24, 44.202.180.0/23, 44.210.68.0/24, 44.210.110.0/25 |
us-east-2 | Columbus, OH, USA | 152.38.129.96/27, 64.251.197.0/24 |
us-west-1 | San Francisco, CA, USA | 152.38.130.0/26, 64.251.198.0/24, 152.38.130.64/26, 152.38.130.128/28 |
us-west-2 | Portland, OR, USA | 152.38.131.64/26, 64.251.199.0/24 |
eu-west-1 | Dublin, IE | 212.32.1.128/25, 212.32.1.64/26, 212.32.1.32/28 |
eu-west-2 | London, England, UK | 212.32.0.64/26, 212.32.0.128/25, 212.32.0.32/27, 212.32.3.0/25 |
eu-central-1 | Frankfurt, DE | 212.32.2.128/25, 212.32.2.64/26 |
ap-southeast-2 | Sydney, AU | 64.251.192.128/25, 64.251.193.0/28, 64.251.192.64/26 |
Public minion locations and location labels
The following table cross-references the synthetic's public minion locations with their location labels. You can query the location and locationLabel attributes from the SyntheticCheck and SyntheticRequest events.
Using NerdGraph? You don't need the AWS_ prefix, as shown in the NerdGraph synthetics docs.
Public minion location | Location label |
|---|---|
AWS_AP_EAST_1 | "Hong Kong, HK" |
AWS_AP_SOUTH_1 | "Mumbai, IN" |
AWS_AP_SOUTHEAST_1 | "Singapore, SG" |
AWS_AP_NORTHEAST_2 | "Seoul, KR" |
AWS_AP_NORTHEAST_1 | "Tokyo, JP" |
AWS_AP_SOUTHEAST_2 | "Sydney, AU" |
AWS_US_WEST_1 | "San Francisco, CA, USA" |
AWS_US_WEST_2 | "Portland, OR, USA" |
AWS_US_EAST_2 | "Columbus, OH, USA" |
AWS_US_EAST_1 | "Washington, DC, USA" |
AWS_CA_CENTRAL_1 | "Montreal, Québec, CA" |
AWS_SA_EAST_1 | "São Paulo, BR" |
AWS_EU_WEST_1 | "Dublin, IE" |
AWS_EU_WEST_2 | "London, England, UK" |
AWS_EU_WEST_3 | "Paris, FR" |
AWS_EU_CENTRAL_1 | "Frankfurt, DE" |
AWS_EU_NORTH_1 | "Stockholm, SE" |
AWS_EU_SOUTH_1 | "Milan, IT" |
AWS_ME_SOUTH_1 | "Manama, BH" |
AWS_AF_SOUTH_1 | "Cape Town, ZA" |