Skip to content

Actions: Outbound network control for GitHub-hosted runners #821

New issue
New issue
Closed as not planned
Closed as not planned
Actions: Outbound network control for GitHub-hosted runners#821
Labels
EnterpriseProduct SKU: GitHub EnterpriseactionsFeature: GitHub ActionscloudAvailable on Cloudgithub teamProduct SKU: GitHub TeampreviewFeature phase: PreviewrunnersC2C - Actions Compute
@github-product-roadmap

Description

@github-product-roadmap
github-product-roadmap
opened on Sep 6, 2023

Summary

Customers can now configure a list of IP address or domains that are allowed to be accessible by GitHub-hosted runners.

Intended Outcome

This feature allows platform administrators to control their Enterprise or org-owned GitHub-hosted runners to only access approved destinations while blocking access to everything else giving them control on the network security of their build machines. This also enables teams to run workflows on GitHub-hosted runners that require access to private resources (private artifact repository, on-prem test database, cloud-based storage etc.) as software is deployed.

How will it work?

Platform administrators can enter a range of allowed IPs or domains while configuring a runner group. All runners created as part of that runner group will inherit the outbound allow-list and will only be able to reach the approved destinations.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    EnterpriseProduct SKU: GitHub EnterpriseactionsFeature: GitHub ActionscloudAvailable on Cloudgithub teamProduct SKU: GitHub TeampreviewFeature phase: PreviewrunnersC2C - Actions Compute

    Type

    No type

    Projects

    GitHub Public Roadmap

    • Status

      Future

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions