Merge branch 'current' into joellabes-patch-1

dbt-labs · Nov 28, 2023 · 0154ccf · 0154ccf
2 parents 8a31700 + bac2b3d
commit 0154ccf
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 0 deletions.
diff --git a/website/docs/docs/dbt-cloud-apis/service-tokens.md b/website/docs/docs/dbt-cloud-apis/service-tokens.md
@@ -115,3 +115,5 @@ To rotate your token:
 4. Copy the new token and replace the old one in your systems. Store it in a safe place, as it will not be available again once the creation screen is closed.
 5. Delete the old token in dbt Cloud by clicking the **trash can icon**. _Only take this action after the new token is in place to avoid service disruptions_.
 
+## FAQs
+<FAQ path="Troubleshooting/ip-restrictions" />
diff --git a/website/docs/faqs/API/rotate-token.md b/website/docs/faqs/API/rotate-token.md
@@ -7,6 +7,24 @@ id: rotate-token
 
 For security reasons and best practices, you should aim to rotate API keys every so often.
 
+You can rotate your API key automatically with the push of a button in your dbt Cloud environment or manually using the command line.
+
+<Tabs>
+
+<TabItem value="Automatic">
+
+To automatically rotate your API key:
+
+1. Navigate to the Account settings by clicking the **gear icon** in the top right of your dbt Cloud account.
+2. Select **API Access** from the lefthand side.
+3. In the **API** pane, click `Rotate`.
+
+<Lightbox src="/img/docs/dbt-cloud/rotate-token.png" title="Click the rotate button to generate a new key" />
+
+</TabItem>
+
+<TabItem value="Manual">
+
 1. Rotate your [User API token](/docs/dbt-cloud-apis/user-tokens) by replacing `YOUR_USER_ID`, `YOUR_CURRENT_TOKEN`, and `YOUR_ACCESS_URL `with your information in the following request.
 
 ```
@@ -41,3 +59,7 @@ For example, if your deployment is Virtual Private dbt:
 
 ✅ `http://cloud.customizedurl.getdbt.com/` <br />
 ❌ `http://cloud.getdbt.com/`<br />
+
+</TabItem>
+
+</Tabs>
diff --git a/website/docs/faqs/Troubleshooting/ip-restrictions.md b/website/docs/faqs/Troubleshooting/ip-restrictions.md
@@ -0,0 +1,29 @@
+---
+title: "I'm receiving a 403 error 'Forbidden: Access denied' when using service tokens"
+description: "All service token traffic is now subject to IP restrictions. To resolve 403 errors, add your third-party integration CIDRs (network addresses) to the allowlist."
+sidebar_label: 'Service token 403 error: Forbidden: Access denied'
+---
+
+
+All [service token](/docs/dbt-cloud-apis/service-tokens) traffic is subject to IP restrictions.
+
+When using a service token, the following 403 response error indicates the IP is not on the allowlist. To resolve this, you should add your third-party integration CIDRs (network addresses) to your allowlist.
+
+The following is an example of the 403 response error:
+
+```json
+        {
+            "status": {
+                "code": 403,
+                "is_success": False,
+                "user_message": ("Forbidden: Access denied"),
+                "developer_message": None,
+            },
+            "data": {
+                "account_id": <account_id>,
+                "user_id": <user_id>,
+                "is_service_token": <boolean describing if it's a service token request>,
+                "account_access_denied": True,
+            },
+        }
+```
diff --git a/website/static/img/docs/dbt-cloud/rotate-token.png b/website/static/img/docs/dbt-cloud/rotate-token.png