https://prefect.io logo
p

Pedro Machado

09/08/2023, 2:09 PM
Hi there. One of my clients has some security alerts configured and they pinged me about some traffic from a prefect flow to 34.74.57.176. They say this is associated with Netlify which is not "approved" by their security team. We are running Prefect 1 and Prefect 2 flows. I am trying to figure out what may be causing our flow to connect to this address. Would this be related to the anonymous tracking? (we just disabled that). Any other ideas? Thanks
j

jawnsy

09/08/2023, 4:27 PM
Hey Pedro, my name is Jonathan and I’m part of Prefect’s security team. This address appears to be in Google’s IP space, but does not match the IPv4 addresses of any of our endpoints used by Prefect Cloud (api.prefect.io is 34.111.157.195 and api.prefect.cloud is 34.111.36.90). It’s possible that it’s related to our anonymous telemetry, yes, because that uses Cloud Run, which does not have a fixed IP address. The hostname is sens-o-matic.prefect.io but I think the IP address may change (this is a CNAME to ghs.googlehosted.com). It’s also possible that other libraries you’re using are sending some telemetry to Google, so may be tricky to isolate. I’m happy to support your investigation in any way that we can; you can reach us via security@prefect.io
p

Pedro Machado

09/08/2023, 4:32 PM
Hi Jonathan. Thanks for the update and additional information. I found the setting to disable telemetry on Prefect 2. How do I do the same in Prefect 1?
j

jawnsy

09/08/2023, 5:07 PM
I believe only Prefect Server sends telemetry in Prefect 1, but will double check with a colleague. The documentation for that setting is here: https://docs-v1.prefect.io/orchestration/server/telemetry.html
I’ve confirmed that Prefect 1 does not send any telemetry from flows, only from Prefect server.
p

Pedro Machado

09/08/2023, 11:22 PM
Thanks! I'll keep researching.