Skip to main content

Connecting to a private network

You can connect GitHub Codespaces to resources on a private network, including package registries, license servers, and on-premises databases.

GitHub Codespaces está disponible para las organizaciones que usen GitHub Team o GitHub Enterprise Cloud. GitHub Codespaces también está disponible como versión beta limitada para usuarios individuales en los planes GitHub Free y GitHub Pro. Para más información, vea "Productos de GitHub".

About codespace networking

By default, your codespaces have access to all resources on the public internet, including package managers, license servers, databases, and cloud platform APIs, but they have no access to resources on private networks.

Connecting to resources on a private network

There are currently two methods of accessing resources on a private network within GitHub Codespaces.

  • Using a GitHub CLI extension to configure your local machine as a gateway to remote resources.
  • Using a VPN.

Using the GitHub CLI extension to access remote resources

Note: The GitHub CLI extension is currently in beta and subject to change.

The GitHub CLI extension allows you to create a bridge between a codespace and your local machine, so that the codespace can access any remote resource that is accessible from your machine. The codespace uses your local machine as a network gateway to reach those resources. For more information, see "Using GitHub CLI to access remote resources."

Using a VPN to access resources behind a private network

As an alternative to the GitHub CLI extension, you can use a VPN to access resources behind a private network from within your codespace.

We recommend VPN tools like OpenVPN to access resources on a private network. For more information, see "Using the OpenVPN client from GitHub Codespaces."

There are also a number of third party solutions that, while not explicitly endorsed by GitHub, have provided examples of how to integrate with GitHub Codespaces.

These third party solutions include:

Allowlisting private resources for codespaces

While GitHub publishes IP ranges for several products on its Meta API, codespaces IPs are dynamically assigned, meaning your codespace is not guaranteed to have the same IP address day to day. We highly discourage users from allowlisting an entire IP range, as this would give overly broad access to all codespaces (including users not affiliated with your codespaces).

For more information about the Meta API, see "Meta."

Restricting access to the public internet

At present, there is no way to restrict codespaces from accessing the public internet, or to restrict appropriately authenticated users from accessing a forwarded port.

For more information on how to secure your codespaces, see "Security in GitHub Codespaces."