Autotask Static IP Addresses

Hi OZ,

Thanks for the super dope products! :smile: - This is more of a question than a bug report or anything...

I'm using OZ Defender Sentinels + Autotasks to shoot an http request to my backend system whenever an event is picked up on-chain. I wanted to implement some security in the backend that did "origin checks". Basically, I want my backend to only accept requests coming from whitelisted IP addresses. However, I've found it pretty difficult to find the IP address of my autotask, and I'm not sure if the IP address I did find will stay the same....

For example, here is some basic nodejs code I have within my autotask (which is of type "webhook"):

// Autotask pseudo code
exports.handler = async function (event) {
  1. How can I easily find the IP address my autotask?
  2. Do the autotasks have a static IP address, or do they have IP addresses that change over time?
  3. If the answer is that autotask IP addresses are not predictable, do you have any suggestions on how implement a kind of origin check that I am describing? I have already implemented custom auth layer using JWTs, but origin checks would have been the cherry on top :wink:

Thank you very much for your time,

Hi @cleo

Autotasks are implemented on top of AWS Lambda functions.
Lambda functions are using a set of dynamic IP addresses.

What could be helpful for you is that there is a list of AWS IP addresses you could whitelist.

However, seems that list is big and it includes IP address ranges so it is not going to be that simple task.
npm contains packages for AWS address lookup so please take a look.

Hope that this helps.

Best regards

Thanks @zeljko , will take a look at your references. Appreciate the help!

You could also store a username and password as Autotask secrets that could be included as AxiosBasicCredentials in your POST request so your backend knows the request is coming from Defender.