Deployment Regions
Why use multiple regions?
There are several reasons an organization might choose to host Prismatic integrations across multiple regions:
- GDPR compliance requirements, ensuring EU-based customer data remains in the EU and US-based customer data remains in the US
- CJIS or ITAR compliance requirements necessitating customer data storage in GovCloud
- Low-latency requirements between their application and Prismatic, necessitating hosting integrations in Australia or the EU
- Private cloud hosting to fulfill specific customer requirements
Regardless of the requirement, when hosting integrations across multiple Prismatic stacks, you must maintain component and integration synchronization between regions.
Logging in to additional regions
Prismatic's public regions are accessible through the following URLs:
| Stack | App URL |
|---|---|
| US Commercial (Ohio) | https://app.prismatic.io |
| US GovCloud | https://app.us-gov-west-1.prismatic.io |
| Europe (Ireland) | https://app.eu-west-1.prismatic.io |
| Europe (London) | https://app.eu-west-2.prismatic.io |
| Canada (Central) | https://app.ca-central-1.prismatic.io |
| Australia (Sydney) | https://app.ap-southeast-2.prismatic.io |
Prismatic IP allowlist (whitelist)
If your integration connects to an external application or service that restricts connections based on IP address, you can add the following relevant IPs to your allowlist.
| Stack | App URL | IP Addresses |
|---|---|---|
| US Commercial (Ohio) | app.prismatic.io | 3.132.205.2043.139.185.169 |
| US GovCloud | app.us-gov-west-1.prismatic.io | 15.200.86.23015.205.78.158 |
| Australia (Sydney) | app.ap-southeast-2.prismatic.io | 52.65.181.7754.252.173.54 |
| Canada (Central) | app.ca-central-1.prismatic.io | 35.182.143.993.99.22.244 |
| Europe (Ireland) | app.eu-west-1.prismatic.io | 54.78.26.1954.246.201.85 |
| Europe (London) | app.eu-west-2.prismatic.io | 18.132.171.18518.134.91.207 |
If your integrations are hosted in a private cloud, please contact Prismatic support for the appropriate allowlist.
Note: Integrations in Prismatic send data to third-party applications and services from these IP addresses. Invoking integrations in Prismatic uses name-based routing (e.g., hooks.prismatic.io) and IPs are subject to change.
Private regions
If your contract includes a private cloud deployment, Prismatic's DevOps team will deploy a Prismatic stack in your AWS account within your chosen region. Contact Prismatic support for your endpoint URL and IP allowlist.
Access to additional regions
By default, new Prismatic accounts are provisioned in the US Commercial (Ohio) region, app.prismatic.io. Access to additional regions can be enabled by Prismatic for enterprise customers whose contracts include additional regions.
User authentication spans all regions, allowing you to use the same email and password to log in to each region. However, user data is not shared across regions. Once your organization has been enabled by Prismatic support in an additional region, you must invite your team members to the new region for them to access your tenant.
Logging in to additional regions with Prism
The prism CLI tool interacts with the US Commercial region by default.
To interact with an additional region, set a PRISMATIC_URL environment variable with the target region's endpoint:
$ prism login
Press any key to open prismatic.io in your default browser:
Login complete!
$ prism me
Name: John Doe
Email: john.doe@example.com
Organization: Example Corp - US Region
Endpoint URL: https://app.prismatic.io
$ export PRISMATIC_URL=https://app.eu-west-1.prismatic.io
$ prism login
Press any key to open prismatic.io in your default browser:
Login complete!
$ prism me
Name: John Doe
Email: john.doe@example.com
Organization: Example Corp - EU Region
Endpoint URL: https://app.eu-west-1.prismatic.io
Note: For PowerShell on Windows, you can set an environment variable using this syntax:
$ENV:PRISMATIC_URL="https://app.eu-west-1.prismatic.io"
For prism usage on headless systems (like a CI/CD pipeline or automated script), you will need to generate a refresh token.
See docs on Headless prism Usage.