Domain names and their usage in agent services

Data Integrity Suite

Product

Spatial_Analytics

Data_Integration

Data_Enrichment

Data_Governance

Precisely_Data_Integrity_Suite

geo_addressing_1

Data_Observability

Data_Quality

dis_core_foundation

Services

Spatial Analytics

Data Integration

Data Enrichment

Data Governance

Geo Addressing

Data Observability

Data Quality

Core Foundation

ft:title

Data Integrity Suite

ft:locale

en-US

PublicationType

pt_product_guide

copyrightfirst

2000

copyrightlast

2026

This section lists the endpoints required for the Data Integrity Suite agent’s basic operation and for integrating Google BigQuery as a replication target. If your environment restricts outbound web traffic, ensure outbound HTTPS access to these domain names is explicitly allowed. The agent does not accept inbound connections and does not require any inbound traffic or open ports.

Note: These endpoints may change over time. Ensure you review and allow them before installing and downloading the agent.

Required domain names for all regions

These endpoints must be allowed for the Data Integrity Suite agent to function correctly across all regions. These are necessary for agent installation, authentication, container interactions, and cloud integrations:

Domain name	Description
`repo1.maven.org`	Required to download Java libraries and tools when building projects using Maven.
`508747789874.dkr.ecr.us-east-1.amazonaws.com`	Required for pulling docker images during agent installation from AWS ECR (Elastic Container Registry).
`api.ecr.us-east-1.amazonaws.com`	Necessary for interacting with AWS ECR for container-related activities, such as pulling images.
`api.github.com`	Used for accessing GitHub repositories for code updates or dependencies.
`auth.docker.io`	Required for authentication when pulling docker images from docker hub.
`awscli.amazonaws.com`	Required for AWS CLI operations, such as configuring and managing AWS services used by the Data Integrity Suite.
`cdn.cloud.precisely.com`	Serves content and updates required for Data Integrity Suite operations from Precisely’s cloud.
`collect.traefik.io`	Used for collecting monitoring and operational metrics related to the Data Integrity Suite agent’s health.
`precisely-agent-operator-installation-bucket.s3.amazonaws.com`	Needed for accessing the Precisely agent operator installation resources on AWS S3.
`prod-us-east-1-starport-layer-bucket.s3.us-east-1.amazonaws.com`	Used for accessing specific data or resources related to agent operation on AWS S3.
`production.cloudflare.docker.com`	Required for docker related activities hosted via cloudflare, ensuring proper agent operation and security.
`registry-1.docker.io`	Required for pulling docker images from docker hub.
`rpm.rancher.io`	Needed for accessing RPM packages for agent installation and updates on supported linux distributions.
`sts.us-east-1.amazonaws.com`	Required for AWS STS (Security Token Service) for identity and access management related to agent operations.
`update.traefik.io`	Used for retrieving updates and configurations for Traefik, a reverse proxy used by the Data Integrity Suite agent.

Required domain names for US1 region

In addition to the general endpoints, the following endpoints are needed specifically for the US1 region:

Table 1.
Domian name	Description
`agent-management.dis-platform.cloud.precisely.com`	Used for managing agent configurations, updates, and communication with the DI platform for the US1 region.
`agent-sqs-request-response-bucket-prd.s3.amazonaws.com`	Required for sending and receiving data via AWS SQS for agent operations in the US1 region.
`docker-images-prod.s3.dualstack.us-east-1.amazonaws.com`	Required for accessing docker images stored on AWS S3 for agent installation and updates in the US1 region.
`sqs.us-east-1.amazonaws.com`	Used for AWS SQS messaging services to facilitate communication between agent components in the US1 region.

Required domain names for EU1 region

In addition to the general endpoints, the following endpoints are needed specifically for the EU1 region:

Table 2.
Domian name	Description
`agent-management.dis-platform.cloud.eu1.precisely.com`	Used for managing agent configurations, updates, and communication with the DI platform for the EU region.
`agent-sqs-request-response-bucket-prd-eu-west-1.s3.eu-west-1.amazonaws.com`	Required for sending and receiving data via AWS SQS for agent operations in the EU region.
`docker-images-prod.6aa30f8b08e16409b46e0173d6de2f56.r2.cloudflarestorage.com`	Required for accessing docker images stored on AWS S3 for agent installation and updates in the EU region.
`sqs.eu-west-1.amazonaws.com`	Used for AWS SQS messaging services to facilitate communication between agent components in the EU region.
`sts.eu-west-1.amazonaws.com`	Required for AWS STS (Security Token Service) for identity and access management related to agent operations in EU1 region.

Domian names for BigQuery as replication target

If using Google BigQuery as a replication target, the following endpoint should also be allowed:

Domian name	Description
`bigquery.googleapis.com`	Required for integrating with BigQuery for data replication tasks, including querying and transferring data.
`metadata.google.internal`	Used for accessing internal metadata within google cloud environments for BigQuery integration.
`oauth2.googleapis.com`	Necessary for OAuth2 authentication to securely connect to google BigQuery and other google cloud services.
`storage.googleapis.com`	Required for accessing google cloud storage to store or retrieve data for BigQuery replication.