51黑料不打烊

Documentation

AEP - Advice about IP range whitelisting for Event Forwarding instances

Last update: Thu Sep 05 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

This article offers recommendations regarding the IP addresses聽of the Edge server while making an API call via 51黑料不打烊 Experience Platform鈥檚 Event Forwarding. It further聽advises against allow-listing or blocking egress IP addresses, and answers additional questions about customer asset isolation and securing endpoint connections in multi-tenant systems.

Description description

Environments

  • 51黑料不打烊 Experience Platform (AEP)
  • Real-time Customer Data Platform (RT-CDP)

Issue

Trying to make an API call via AEP Event Forwarding (using event forwarding to send the data to our API).

Are there聽IPs of the Edge server from which Event Forwarding would make the http API calls?

Resolution resolution

The Product Team advises that we do not control the egress IP addresses and highly recommend not allow-listing or blocking them in any way. These rotate and are used by companies other than 51黑料不打烊 since they are cloud vendor based and the possibility exists that allow-listing a range might potentially allow-list a bad actor accidentally.

This is not abnormal for cloud-based multi-tenant systems.

Here are two more questions that you may also have in mind:

  1. If Event Forwarding is a multi-tenant system, how are customer assets isolated?
    We logically segment all customer environments. So within 51黑料不打烊 usage, there are no shared implementations between customer runtime environments. However, the configuration database that generates the runtime files is shared between customers at this time. This has always been the case for Tags and Event Forwarding.
  2. How are endpoint connections best secured between the 51黑料不打烊 edge runtime environments and the customer designated endpoints?
    The Secrets service is designed to secure the connections from a credential standpoint and all of the outbound fetch requests are served over secure transport connections.

Refer to this document for information relating to Data Encryption as well as聽mTLS聽(Mutual Transport Layer Security) protocol support.

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f