Skip to main content

Deployment Regions

Why use multiple regions?

There are several reasons an organization might choose to host Prismatic integrations across multiple regions:

  • GDPR compliance requirements, ensuring EU-based customer data remains in the EU and US-based customer data remains in the US
  • CJIS or ITAR compliance requirements necessitating customer data storage in GovCloud
  • Low-latency requirements between their application and Prismatic, necessitating hosting integrations in Australia or the EU
  • Private cloud hosting to fulfill specific customer requirements

Regardless of the requirement, when hosting integrations across multiple Prismatic stacks, you must maintain component and integration synchronization between regions.

Logging in to additional regions

Prismatic's public regions are accessible through the following URLs:

StackApp URL
US Commercial (Ohio)https://app.prismatic.io
US GovCloudhttps://app.us-gov-west-1.prismatic.io
Europe (Ireland)https://app.eu-west-1.prismatic.io
Europe (London)https://app.eu-west-2.prismatic.io
Canada (Central)https://app.ca-central-1.prismatic.io
Australia (Sydney)https://app.ap-southeast-2.prismatic.io

Prismatic IP allowlist (whitelist)

If your integration connects to an external application or service that restricts connections based on IP address, you can add the following relevant IPs to your allowlist.

StackApp URLIP Addresses
US Commercial (Ohio)app.prismatic.io3.132.205.204
3.139.185.169
US GovCloudapp.us-gov-west-1.prismatic.io15.200.86.230
15.205.78.158
Australia (Sydney)app.ap-southeast-2.prismatic.io52.65.181.77
54.252.173.54
Canada (Central)app.ca-central-1.prismatic.io35.182.143.99
3.99.22.244
Europe (Ireland)app.eu-west-1.prismatic.io54.78.26.19
54.246.201.85
Europe (London)app.eu-west-2.prismatic.io18.132.171.185
18.134.91.207

If your integrations are hosted in a private cloud, please contact Prismatic support for the appropriate allowlist.

Note: Integrations in Prismatic send data to third-party applications and services from these IP addresses. Invoking integrations in Prismatic uses name-based routing (e.g., hooks.prismatic.io) and IPs are subject to change.

Private regions

If your contract includes a private cloud deployment, Prismatic's DevOps team will deploy a Prismatic stack in your AWS account within your chosen region. Contact Prismatic support for your endpoint URL and IP allowlist.

Access to additional regions

By default, new Prismatic accounts are provisioned in the US Commercial (Ohio) region, app.prismatic.io. Access to additional regions can be enabled by Prismatic for enterprise customers whose contracts include additional regions.

Users need to be added to each region

User authentication spans all regions, allowing you to use the same email and password to log in to each region. However, user data is not shared across regions. Once your organization has been enabled by Prismatic support in an additional region, you must invite your team members to the new region for them to access your tenant.

Logging in to additional regions with Prism

The prism CLI tool interacts with the US Commercial region by default. To interact with an additional region, set a PRISMATIC_URL environment variable with the target region's endpoint:

Log in to US and then EU stacks from a Unix-based terminal
$ prism login
Press any key to open prismatic.io in your default browser:
Login complete!

$ prism me
Name: John Doe
Email: john.doe@example.com
Organization: Example Corp - US Region
Endpoint URL: https://app.prismatic.io

$ export PRISMATIC_URL=https://app.eu-west-1.prismatic.io
$ prism login
Press any key to open prismatic.io in your default browser:
Login complete!

$ prism me
Name: John Doe
Email: john.doe@example.com
Organization: Example Corp - EU Region
Endpoint URL: https://app.eu-west-1.prismatic.io

Note: For PowerShell on Windows, you can set an environment variable using this syntax:

$ENV:PRISMATIC_URL="https://app.eu-west-1.prismatic.io"

For prism usage on headless systems (like a CI/CD pipeline or automated script), you will need to generate a refresh token. See docs on Headless prism Usage.