Firewall rules to limit traffic to Zeebe, Tasklist and Operate API's on SaaS

We are planning to deploy a Spring Boot Application within Azure that will contain job workers, as well as services that will use the Operate and Tasklist API’s on a Camunda SaaS instance.

A requirement will be to have firewall rules defined that will limit traffic to the following from the SB application to the Zeebe Gateway and Operate / Tasklist REST endpoints.

Does anyone have a set of example rules that you would typically define to restrict access to the above in this situation? I am no FW expert and I cannot find any documentation that provides any pointers.

Thanks in advance.

Hi @Justin_Phillips - Camunda’s SaaS API’s are publicly available, so limiting outbound traffic from your Azure apps isn’t doing much in terms of security. If you have an enterprise SaaS plan, IP Whitelisting is probably the best way to handle this.

1 Like

Fair point, thanks.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.