roadmap icon indicating copy to clipboard operation
roadmap copied to clipboard
verified publisher icon github

Actions: Outbound network control for GitHub-hosted runners

Open github-product-roadmap opened this issue 2 years ago • 0 comments

Summary

Customers can now configure a list of IP address or domains that are allowed to be accessible by GitHub-hosted runners.

Intended Outcome

This feature allows platform administrators to control their Enterprise or org-owned GitHub-hosted runners to only access approved destinations while blocking access to everything else giving them control on the network security of their build machines. This also enables teams to run workflows on GitHub-hosted runners that require access to private resources (private artifact repository, on-prem test database, cloud-based storage etc.) as software is deployed.

How will it work?

Platform administrators can enter a range of allowed IPs or domains while configuring a runner group. All runners created as part of that runner group will inherit the outbound allow-list and will only be able to reach the approved destinations.

github-product-roadmap avatar Sep 06 '23 18:09 github-product-roadmap