diff --git a/src/connections/destinations/catalog/actions-liveramp-audiences/index.md b/src/connections/destinations/catalog/actions-liveramp-audiences/index.md index a205f74327..2bc37e4b8b 100644 --- a/src/connections/destinations/catalog/actions-liveramp-audiences/index.md +++ b/src/connections/destinations/catalog/actions-liveramp-audiences/index.md @@ -12,6 +12,9 @@ The LiveRamp Audiences destination allows users to connect their Engage Audience The LiveRamp Audiences destination can be connected to **Twilio Engage sources only**. +> info "LiveRamp Audiences is not compatible with IP Allowlisting" +> For more information, see the [IP Allowlisting](/docs/connections/destinations/#ip-allowlisting) documentation. + ## Getting started ### Set up your file drop diff --git a/src/connections/destinations/catalog/actions-the-trade-desk-crm/index.md b/src/connections/destinations/catalog/actions-the-trade-desk-crm/index.md index dbdd3db628..68cb3309a6 100644 --- a/src/connections/destinations/catalog/actions-the-trade-desk-crm/index.md +++ b/src/connections/destinations/catalog/actions-the-trade-desk-crm/index.md @@ -14,6 +14,9 @@ This integration lets users link Engage audiences to The Trade Desk and transmit The Trade Desk destination can only be connected to Twilio Engage sources. +> info "The Trade Desk CRM is not compatible with IP Allowlisting" +> For more information, see the [IP Allowlisting](/docs/connections/destinations/#ip-allowlisting) documentation. + ## Getting started ### Obtaining credentials from The Trade Desk diff --git a/src/connections/destinations/catalog/amazon-kinesis/index.md b/src/connections/destinations/catalog/amazon-kinesis/index.md index de45722cb5..af32a8dad2 100644 --- a/src/connections/destinations/catalog/amazon-kinesis/index.md +++ b/src/connections/destinations/catalog/amazon-kinesis/index.md @@ -5,6 +5,8 @@ id: 57da359580412f644ff33fb9 --- [Amazon Kinesis](https://aws.amazon.com/kinesis/){:target="_blank”} enables you to build custom applications that process or analyze streaming data for specialized needs. Amazon Kinesis Streams can continuously capture and store terabytes of data per hour from hundreds of thousands of sources such as website clickstreams, financial transactions, social media feeds, IT logs, and location-tracking events. +> info "Amazon Kinesis is not compatible with IP Allowlisting" +> For more information, see the [IP Allowlisting](/docs/connections/destinations/#ip-allowlisting) documentation. ## Getting Started diff --git a/src/connections/destinations/index.md b/src/connections/destinations/index.md index 3f3f62226d..1ecd024464 100644 --- a/src/connections/destinations/index.md +++ b/src/connections/destinations/index.md @@ -121,9 +121,9 @@ To add a Destination: [Learn more](/docs/connections/destinations/add-destination/) about what adding a destination entails. > note "Disabled destinations do not receive data" -> If you haven't enabled your destination for the first time after you created it or if you actively disable a destination, Segment prevents any data from reaching the destination. Business Tier customers can request [a Replay]([url](https://segment.com/docs/guides/what-is-replay/)), which resends data from the time the destination was disabled to the time it was re-enabled. Replays can also send data to currently disabled destinations. +> If you haven't enabled your destination for the first time after you created it or if you actively disable a destination, Segment prevents any data from reaching the destination. Business Tier customers can request [a Replay](/docs/guides/what-is-replay/), which resends data from the time the destination was disabled to the time it was re-enabled. Replays can also send data to currently disabled destinations. > -> Some destinations are not compatible with Replays after a certain period of time. Check with Segment’s support team [friends@segment.com](friends@segment.com) to confirm that your intended destination allows historical timestamps. +> Some destinations are not compatible with Replays after a certain period of time, for example, 14 days. Check with Segment’s support team [friends@segment.com](mailto:friends@segment.com) to confirm that your intended destination allows historical timestamps. ## Data deliverability @@ -207,6 +207,26 @@ The following destinations support bulk batching: > info "You must manually configure bulk batches for Actions destinations" > To support bulk batching for the Actions Webhook destination, you must set `enable-batching: true` and `batch_size: >= 1000`. -### IP Allowlist +## IP Allowlisting -{% include content/ip-allowlist.md %} +IP Allowlisting uses a NAT gateway to route traffic from Segment's servers to your destination through a limited range of IP addresses, which can prevent malicious actors from establishing TCP and UDP connections with your integrations. + +IP Allowlisting is available for customers on Business Tier plans. + +### Supported destinations +Segment supports IP Allowlisting in [all destinations](/docs/connections/destinations/catalog/) except for the following: +- [LiveRamp](/docs/connections/destinations/catalog/actions-liveramp-audiences/) +- [TradeDesk](/docs/connections/destinations/catalog/actions-the-trade-desk-crm/) +- [Amazon Kinesis](/docs/connections/destinations/catalog/amazon-kinesis/) +- [Destination Functions](/docs/connections/functions/destination-functions/) + +Destinations that are not supported receive traffic from randomly assigned IP addresses. + +### Configure IP Allowlisting +To enable IP Allowlisting for your workspace: +1. From your Segment workspace, navigate to **[Settings > Workspace settings > Destination IP settings](https://app.segment.com/goto-my-workspace/settings/destination-ip-settings){:target="_blank”}**. +2. On the Destination IP settings page, click **Enable IP allowlisting**. +3. The page displays the IP address ranges that Segment uses to route data from Segment's internal systems to your destination. Note these ranges, as you'll need this information to enforce IP restriction in your downstream destinations. +4. Open each of your downstream tools and configure IP restriction for each destination. For more information, refer to the documentation for your downstream tool. + +*IP restriction might not be supported in all destinations.* \ No newline at end of file diff --git a/src/connections/functions/destination-functions.md b/src/connections/functions/destination-functions.md index 4d97a6d848..915f9f6d7d 100644 --- a/src/connections/functions/destination-functions.md +++ b/src/connections/functions/destination-functions.md @@ -17,7 +17,7 @@ All functions are scoped to your workspace, so members of other workspaces can't > note "" -> Destination functions doesn't accept data from [Object Cloud sources](/docs/connections/sources/#object-cloud-sources). +> Destination functions doesn't accept data from [Object Cloud sources](/docs/connections/sources/#object-cloud-sources). Destination functions don't support [IP Allowlisting](/docs/connections/destinations/#ip-allowlisting). ## Create a destination function diff --git a/src/connections/functions/insert-functions.md b/src/connections/functions/insert-functions.md index dd9391b485..8c3aa6123c 100644 --- a/src/connections/functions/insert-functions.md +++ b/src/connections/functions/insert-functions.md @@ -13,6 +13,8 @@ Use Destination Insert Functions to enrich, transform, or filter your data befor **Customize filtration for your destinations**: Create custom logic with nested if-else statements, regex, custom business rules, and more to filter event data. +> info "Destination Insert Functions are not compatible with IP Allowlisting" +> For more information, see the [IP Allowlisting](/docs/connections/destinations/#ip-allowlisting) documentation. ## Create destination insert functions