Tenant owners can configure an IP or FQDN allowlist to restrict access to the destinations that HTTP Request Actions are allowed to make requests to, and/or to restrict the domains that Send Email Actions are allowed to send emails to. This feature is available on all cloud and self hosted tenants. Note: for Send Email Actions, only an allowlist for FQDNs is supported, not IPs.
Rules must specify an address or CIDR range for IP or FQDN, and a description. Both IPv4 and IPv6 addresses are supported. Only an IP or FQDN should be provided, but not both. The format for CIDR ranges is address/mask .
Once the rules are enabled, any outbound requests from HTTP Request Actions that does not match the IP or FQDN will fail at run time and the relevant error can be found in the logs. Similarly, any email sent from a Send Email Action to a domain that does not match a FQDN on the list will fail.
Rules can also be fetched and modified via the Tines API.