Support for HTTP(s) Proxy in the Cloud Extension

IT managers may choose to divert HTTP(S) traffic through an HTTP(S) proxy for reasons of security and network monitoring.

Communication from the Velostrata Manager and edge node on-prem supports a proxy configuration for telemetry and support center.  Velostrata CloudExtension also supports the option to communication with the Velostrata proactive support service through an HTTPS Proxy.

Note that you can define cloud extension communication through the proxy to include either control only, or also include data-plane communication. The latter option may have performance implications for the proxy and is not recommended.

When implementing such configuration, the following steps may be required:

  • Define the proxy during Velostrata Cloud Extension creation process.
  • If you apply URL whitelisting, you will need to whitelist the following URLs:
GCP Proxy whitelist
  • (Europe only)
  • (US only) 
AWS Proxy whitelist / dns resolved from

In addition add the s3, ec2 and kms service endpoint of the respective region you utilizing.

For example, see below the end points for eu-west-1 region:

* You can find the relevant region endpoint here.

Azure Proxy whitelist / dns resolved from


  • If you would like to inspect the SSL traffic by the proxy, the proxy’s SSL certificate needs to be configured in the Velostrata Cloud Extension.  Contact for help with this process.