From eb71772e72c71804709b8587efef8493443b24a0 Mon Sep 17 00:00:00 2001 From: allie dukuze Date: Mon, 21 Aug 2023 13:03:48 -0700 Subject: [PATCH 1/6] updating ip restriction docs --- website/docs/docs/cloud/secure/ip-restrictions.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/website/docs/docs/cloud/secure/ip-restrictions.md b/website/docs/docs/cloud/secure/ip-restrictions.md index dacd0c885c4..ba5fb32bdfc 100644 --- a/website/docs/docs/cloud/secure/ip-restrictions.md +++ b/website/docs/docs/cloud/secure/ip-restrictions.md @@ -19,8 +19,7 @@ To configure IP restrictions, go to **Account Settings** → **IP Restrictions** - Deny IPs flagged by the Security team - Allow only VPN traffic but make an exception for contractors’ IP addresses -IP restrictions will block all user requests done via the API (via personal user token) and the UI. Service tokens are exempt from IP restrictions and can still make requests to dbt Cloud API. - +IP restrictions will block all service tokens, user requests done via the API (via personal user token), and the UI. ### Allowing IPs To add an IP to the allowlist, from the **IP Restrictions** page: From b7572a12303d3bce9b5ad3fb89de73d9b3a89aa2 Mon Sep 17 00:00:00 2001 From: allie dukuze Date: Thu, 31 Aug 2023 11:21:44 -0700 Subject: [PATCH 2/6] updating docs for integrations --- website/docs/docs/cloud/git/connect-azure-devops.md | 1 + website/docs/docs/cloud/git/connect-gitlab.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/website/docs/docs/cloud/git/connect-azure-devops.md b/website/docs/docs/cloud/git/connect-azure-devops.md index a84e593a1e2..1761ea79644 100644 --- a/website/docs/docs/cloud/git/connect-azure-devops.md +++ b/website/docs/docs/cloud/git/connect-azure-devops.md @@ -23,3 +23,4 @@ To connect Azure DevOps in dbt Cloud: 2. dbt Cloud developers need to [personally authenticate with Azure DevOps](/docs/cloud/git/authenticate-azure) from dbt Cloud. +If you're a Business Critical customer using IP restrictions ensure you've added the appropriate Azure DevOps CIDRs to your IP restriction rules, or else the Azure DevOps connection will fail. diff --git a/website/docs/docs/cloud/git/connect-gitlab.md b/website/docs/docs/cloud/git/connect-gitlab.md index 1ec8fb08817..2bb174efc85 100644 --- a/website/docs/docs/cloud/git/connect-gitlab.md +++ b/website/docs/docs/cloud/git/connect-gitlab.md @@ -71,6 +71,8 @@ The application form in GitLab should look as follows when completed: Click **Save application** in GitLab, and GitLab will then generate an **Application ID** and **Secret**. These values will be available even if you close the app screen, so this is not the only chance you have to save them. +If you're a Business Critical customer using IP restrictions ensure you've added the appropriate Gitlab CIDRs to your IP restriction rules, or else the Gitlab connection will fail. + ### Adding the GitLab OAuth application to dbt Cloud After you've created your GitLab application, you need to provide dbt Cloud information about the app. In dbt Cloud, account admins should navigate to **Account Settings**, click on the **Integrations** tab, and expand the GitLab section. From 5f79405f28db2cf864e93f810ecc98a72a67560d Mon Sep 17 00:00:00 2001 From: allie dukuze Date: Thu, 7 Sep 2023 12:52:56 -0700 Subject: [PATCH 3/6] adding whitespace --- website/docs/docs/cloud/secure/ip-restrictions.md | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/docs/cloud/secure/ip-restrictions.md b/website/docs/docs/cloud/secure/ip-restrictions.md index ba5fb32bdfc..4ff1e312a05 100644 --- a/website/docs/docs/cloud/secure/ip-restrictions.md +++ b/website/docs/docs/cloud/secure/ip-restrictions.md @@ -20,6 +20,7 @@ To configure IP restrictions, go to **Account Settings** → **IP Restrictions** - Allow only VPN traffic but make an exception for contractors’ IP addresses IP restrictions will block all service tokens, user requests done via the API (via personal user token), and the UI. + ### Allowing IPs To add an IP to the allowlist, from the **IP Restrictions** page: From 19ccd8ce3ce8a8eabd2897e94cfc4f6b76980eae Mon Sep 17 00:00:00 2001 From: allie dukuze Date: Mon, 11 Sep 2023 10:01:47 -0400 Subject: [PATCH 4/6] minor changes --- website/docs/docs/cloud/git/connect-azure-devops.md | 2 +- website/docs/docs/cloud/git/connect-gitlab.md | 2 +- website/docs/docs/cloud/secure/ip-restrictions.md | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/website/docs/docs/cloud/git/connect-azure-devops.md b/website/docs/docs/cloud/git/connect-azure-devops.md index 1761ea79644..bc5bb81dd24 100644 --- a/website/docs/docs/cloud/git/connect-azure-devops.md +++ b/website/docs/docs/cloud/git/connect-azure-devops.md @@ -23,4 +23,4 @@ To connect Azure DevOps in dbt Cloud: 2. dbt Cloud developers need to [personally authenticate with Azure DevOps](/docs/cloud/git/authenticate-azure) from dbt Cloud. -If you're a Business Critical customer using IP restrictions ensure you've added the appropriate Azure DevOps CIDRs to your IP restriction rules, or else the Azure DevOps connection will fail. +If you're a Business Critical customer using [IP restrictions](/docs/cloud/secure/ip-restrictions), ensure you've added the appropriate Azure DevOps CIDRs to your IP restriction rules, or else the Azure DevOps connection will fail. diff --git a/website/docs/docs/cloud/git/connect-gitlab.md b/website/docs/docs/cloud/git/connect-gitlab.md index 2bb174efc85..b0e56778d48 100644 --- a/website/docs/docs/cloud/git/connect-gitlab.md +++ b/website/docs/docs/cloud/git/connect-gitlab.md @@ -71,7 +71,7 @@ The application form in GitLab should look as follows when completed: Click **Save application** in GitLab, and GitLab will then generate an **Application ID** and **Secret**. These values will be available even if you close the app screen, so this is not the only chance you have to save them. -If you're a Business Critical customer using IP restrictions ensure you've added the appropriate Gitlab CIDRs to your IP restriction rules, or else the Gitlab connection will fail. +If you're a Business Critical customer using [IP restrictions](/docs/cloud/secure/ip-restrictions) ensure you've added the appropriate Gitlab CIDRs to your IP restriction rules, or else the Gitlab connection will fail. ### Adding the GitLab OAuth application to dbt Cloud After you've created your GitLab application, you need to provide dbt Cloud information about the app. In dbt Cloud, account admins should navigate to **Account Settings**, click on the **Integrations** tab, and expand the GitLab section. diff --git a/website/docs/docs/cloud/secure/ip-restrictions.md b/website/docs/docs/cloud/secure/ip-restrictions.md index 4ff1e312a05..35cf87a3b0a 100644 --- a/website/docs/docs/cloud/secure/ip-restrictions.md +++ b/website/docs/docs/cloud/secure/ip-restrictions.md @@ -19,7 +19,9 @@ To configure IP restrictions, go to **Account Settings** → **IP Restrictions** - Deny IPs flagged by the Security team - Allow only VPN traffic but make an exception for contractors’ IP addresses -IP restrictions will block all service tokens, user requests done via the API (via personal user token), and the UI. +IP restrictions will block all service tokens, user requests done via the API (via personal user token), and the UI, if they are coming from blocked IP addresses. + +For any version control system integrations inbound into dbt Cloud, ensure their IP addresses are added to the allowed list. Examples: Gitlab, ADO and Github. ### Allowing IPs From a10cb3a2a8bc5428438de82a8e6f2b5bce2c9a55 Mon Sep 17 00:00:00 2001 From: Matt Shaver <60105315+matthewshaver@users.noreply.github.com> Date: Mon, 11 Sep 2023 10:36:39 -0400 Subject: [PATCH 5/6] Apply suggestions from code review --- website/docs/docs/cloud/secure/ip-restrictions.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/docs/cloud/secure/ip-restrictions.md b/website/docs/docs/cloud/secure/ip-restrictions.md index 35cf87a3b0a..49a7fe4f267 100644 --- a/website/docs/docs/cloud/secure/ip-restrictions.md +++ b/website/docs/docs/cloud/secure/ip-restrictions.md @@ -19,9 +19,9 @@ To configure IP restrictions, go to **Account Settings** → **IP Restrictions** - Deny IPs flagged by the Security team - Allow only VPN traffic but make an exception for contractors’ IP addresses -IP restrictions will block all service tokens, user requests done via the API (via personal user token), and the UI, if they are coming from blocked IP addresses. +IP restrictions will block all service tokens, user requests done via the API (via personal user token), and the UI if they come from blocked IP addresses. -For any version control system integrations inbound into dbt Cloud, ensure their IP addresses are added to the allowed list. Examples: Gitlab, ADO and Github. +For any version control system integrations (Github, Gitlab, ADO, etc.) inbound into dbt Cloud, ensure their IP addresses are added to the allowed list. ### Allowing IPs From 9ed5f59dc9b1088e27a32fe98ae9d2839b45e599 Mon Sep 17 00:00:00 2001 From: Matt Shaver <60105315+matthewshaver@users.noreply.github.com> Date: Mon, 11 Sep 2023 10:37:15 -0400 Subject: [PATCH 6/6] Update website/docs/docs/cloud/git/connect-gitlab.md --- website/docs/docs/cloud/git/connect-gitlab.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/docs/cloud/git/connect-gitlab.md b/website/docs/docs/cloud/git/connect-gitlab.md index b0e56778d48..9bf0d3971e1 100644 --- a/website/docs/docs/cloud/git/connect-gitlab.md +++ b/website/docs/docs/cloud/git/connect-gitlab.md @@ -71,7 +71,7 @@ The application form in GitLab should look as follows when completed: Click **Save application** in GitLab, and GitLab will then generate an **Application ID** and **Secret**. These values will be available even if you close the app screen, so this is not the only chance you have to save them. -If you're a Business Critical customer using [IP restrictions](/docs/cloud/secure/ip-restrictions) ensure you've added the appropriate Gitlab CIDRs to your IP restriction rules, or else the Gitlab connection will fail. +If you're a Business Critical customer using [IP restrictions](/docs/cloud/secure/ip-restrictions), ensure you've added the appropriate Gitlab CIDRs to your IP restriction rules, or else the Gitlab connection will fail. ### Adding the GitLab OAuth application to dbt Cloud After you've created your GitLab application, you need to provide dbt Cloud information about the app. In dbt Cloud, account admins should navigate to **Account Settings**, click on the **Integrations** tab, and expand the GitLab section.