Storage Network Access
Please read below carefully before you decide to restrict network access to your Object Storage service.
Cloud Provider
Auvious backend needs to connect to your storage to upload and download files necessary for certain features. In addition certain features and functionality requires users (both agents and customers) to access directly the storage from their devices using signed urls. Auvious uses provider SDKs to access the storage, and all provider SDKs use HTTPS for all storage operations. This can be depicted better in the following diagram:
SFTP Provider
When you use SFTP provider, only Auvious backend needs to connect to the storage. This connection takes place over a typical outgoing TCP connection. The SFTP service must be reliable and be able to handle several concurrent connections in proportion to the concurrent calls that will be made using Auvious application.
Source IP-addresses
Auvious is deployed currently on three regions on Google Cloud, europe-west1 (default), us-central1 and australia-southeast1. If you apply network restrictions, then to allow the connections described in the earlier sections you should allow connections from the Google Cloud ip ranges that correspond to the Auvious region you use:
Region | Google Cloud IP Range Scope to Whitelist |
---|---|
Europe (auvious.video or genesys.auvious.com) | europe-west1 |
US (us.auvious.video) | us-central1 |
Australia (au.auvious.video) | australia-southeast1 |
Do not forget to also whitelist agent and customer networks when you use a Cloud provider for Object Storage. If your customers need to connect from public internet, then this means you should allow access from anywhere i.e. 0.0.0.0/0. Otherwise functionality that relies on provider signed urls will not work correctly