Creative Force is a cloud-based application and to use it, you as a customer, need to allow some outbounds and inbounds if you have a Firewall / Proxy.
This document below describes what is required.
Infrastructure
Outbound
You as a customer should allow outbound to these domains (if you have a Firewall / Proxy):
- creativeforce.io
- 4q8cgc5u0e-log.creativeforce.io
- api.creativeforce.io
- app.creativeforce.io
- accounts.creativeforce.io
- docs.creativeforce.io
- download.creativeforce.io
- help.creativeforce.io
- images.creativeforce.io
- logs.creativeforce.io
- search-api.creativeforce.io
- socket.creativeforce.io
- webhook.creativeforce.io
- www.creativeforce.io
- zip.creativeforce.io
- s3-r-w.eu-central-1.amazonaws.com
- checkip.amazonaws.com
- kelvin-hue-download.s3.eu-central-1.amazonaws.com
- lh-euc1-files1.s3.eu-central-1.amazonaws.com
- lh-applications-release.s3.eu-central-1.amazonaws.com
- lh-applications-release.s3.amazonaws.com
- lh-uploader.log.s3.eu-central-1.amazonaws.com
- lh-applications-speedtest.s3.eu-central-1.amazonaws.com
- lh-euc1-resources.s3.eu-central-1.amazonaws.com
- zozr94bce5.execute-api.eu-central-1.amazonaws.com
- ui-avatars.com
- cdnjs.cloudflare.com
- gstatic.com
- google.com
- googleapis.com
- fonts.gstatic.com
- fonts.googleapis.com
- clients3.google.com
- csp.withgoogle.com
- www.google.com
- www.google-analytics.com
- stats.g.doubleclick.net
- browser.sentry-cdn.com
- sentry.io
- creativeforce.eu.looker.com
- static-a.lookercdn.com
- static-b.lookercdn.com
- ping.looker.com
- api-iam.intercom.io
- widget.intercom.io
- nexus-websocket-a.intercom.io
- js.intercomcdn.com
- static.intercomassets.com
- downloads.intercomcdn.com
- gifs.intercomcdn.com
- intercom.com
Additionally, we need outbound access to Google services at:
Additionally, we need outbound access to Amazon AWS services at IP ranges defined here:
IPs for AWS services
Documentation: https://docs.aws.amazon.com/en_pv/general/latest/gr/aws-ip-ranges.html
Please be aware that the IPs from Amazon get updated regularly and a new JSON IP range list is populated. It’s highly unlikely that it will impact the Creative Force applications, but updates to the services can happen.
As an alternative, it can be considered to allow outbound access to:
ZEBRA Network printer
If you are using the feature “ZEBRA Network printer”, you may have to allow outbound to the address of your printer.
The Printer settings can be found at https://app.creativeforce.io/settings/studio/print/printers
Depending on your settings, you may need to allow outbound to the specific IP address of the URL.
Inbound
You as a customer should allow inbound from this IP address (if you have a Firewall / Proxy).
- 52.59.62.218
Notes:
This requirement is only for
- Client delivery functionality
- External vendor functionality.
You can ignore this requirement if you don’t need these settings.
- The Client delivery settings can be found at https://app.creativeforce.io/settings/studio/clients, section “Delivery Options”.
- The Vendor settings can be found at https://app.creativeforce.io/settings/studio/post-production
- Depending on your settings, you may need to open a port. For example, if you made a setting to deliver assets to a server via SFTP at port 22, then you will have to open port 22 on that server.
- About the “Client data sources” settings: As we will never write to that data sources (we only read it) so you do not need to allow any inbound for this setting.
SSL Certificates
Customer should allow these SSL certificates:
Certificate for domain
Customer can view this certificate by going to https://app.creativeforce.io/
Certificate for Windows application
You can view this certificate by download our applications (HUE and Kelvin) from https://download.creativeforce.io/
Certificate for MacOS application
You can view this certificate by download our applications (HUE and Kelvin) from https://download.creativeforce.io/