Introduction to IP Allow Lists | 蜜豆视频 Experience Manager

Documentation AEM as a Cloud Service User Guide

Introduction to IP Allow Lists introduction

Last update: Tue Apr 22 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

Admin
Developer

Learn how IP Allow Lists can limit from which addresses users can access domains in AEM as a Cloud Service.

Overview overview

AEM as a cloud service is by default accessible by way of the Internet. While security is handled through user authentication and authorization, IP allow-listing is a way to limit access only to trusted IP addresses.

Cloud Manager鈥檚 IP Allow Lists can be used to limit and control access only to such trusted IP addresses. Cloud Manager users with appropriate permissions can create and add IP Allow Lists of trusted IP addresses from which their site鈥檚 users can access their AEM domains.

After adding, IP Allow Lists can be applied or unapplied multiple times as a unit or entity to an author service, or a publisher service, or both, in an environment.

NOTE

If no IP Allow List is applied, by default all IP addresses are allowed. When an IP Allow List is applied, no IP addresses are allowed except for addresses on the IP Allow List.

Usage notes usage-notes

A maximum of 50 IP Allow Lists can be added to your program.
A maximum of 50 IP/CIDR addresses can be added to each IP Allow List.
IP Allow List names are supported in Cloud Manager for author service, or publish service, or both, in an environment.

Front-End Pipelines and IP Allow Lists front-end-pipeline

If you use鈥攐r intend to use鈥攖he front-end pipeline to develop sites, the following Cloud Manager IP Allow List must be added beforehand.

When you add the IP Allow List, name it Cloud Manager, then copy the list of addresses below and paste them into the IP Allow List dialog box.

52.254.106.192/28
20.186.185.181
52.254.106.240/28
52.254.107.128/28
52.254.105.192/28
52.254.106.176/28
20.186.185.227
52.254.106.144/28
52.254.107.64/28
20.186.185.239
20.22.83.112
52.254.107.80/28
52.254.107.144/28
52.254.106.224/28
20.14.241.153
52.254.107.0/28
52.254.107.32/28
52.254.106.208/28
40.70.154.136/29
52.254.106.160/28
52.254.107.16/28
52.254.106.0/28
4.152.211.251

To avoid disruption of running the front-end pipeline, ensure that this Cloud Manager IP Allow List is added. Then, apply the list to the Author environment before you enable the pipeline.

See Apply IP Allow List and Enable front-end pipeline for more information.

The Universal Editor and IP Allow Lists universal-editor

If you intend to use the Universal Editor to author your content, you must add the IP addresses that the Universal Editor Service uses to an Allow List and apply it.

Retrieve the IP addresses used by the Universal Editor Service from the following API endpoint: http://universal-editor-service.adobe.io/ip-ranges.
Create an allow list with those IP addresses, naming it Universal Editor Service or similar.
Apply the Universal Editor Service allow list.

The list of IP addresses used by the Universal Editor Service is subject to change and you must update your allow list accordingly.

recommendation-more-help

fbcff2a9-b6fe-4574-b04a-21e75df764ab