Doc feedback: Pre-requisites for GL with Amazon Q list IPs but without clarifying the need
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem to solve
The Set up GitLab Duo with Amazon Q pre-requisites mention opening network access to Amazon Q services. Getting push back from a customer in regards to what is the purpose, what network protocol (TCP or HTTP), what ports, and security considerations. A very security conscious team is concerned about opening up network access without further details being provided.
This affects Ultimate 17.10 with Duo and Amazon Q (now GA). The documents call out general details without consideration on how customers may have to handle from a security perspective. Any help in clarifying the following details is appreciated. (see snippit from docs Set up GitLab Duo with Amazon Q
Prerequisites
- You must have GitLab Self-Managed:
- On GitLab 17.8 or later.
- On an instance in AWS. The instance must allow incoming network access to Amazon Q services originating from these IP addresses:
- 34.228.181.128
- 44.219.176.187
- 54.226.244.221