ContentSecurity

microgateway.airlock.com/v1alpha1


ContentSecurity specifies the options to secure an upstream web application with a Microgateway Engine container. Must be in same namespace as the protected Pod.

apiVersion: microgateway.airlock.com/v1alpha1
kind: ContentSecurity
metadata:
  name: ...
spec:
  ...
apiVersion: microgateway.airlock.com/v1alpha1
kind: ContentSecurity
metadata:
  name: default
spec: 
  filter: {}

ContentSecurity

Field Type Description Required Default Allowed Values
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata yes
spec object Specifies the options to secure an upstream web application with a Microgateway Engine container. no

ContentSecurity.spec

Field Type Description Required Default Allowed Values
filter object Filter defines the set of filters, e.g. Airlock Deny Rules, to be applied to incoming requests to protect against various attack patterns. If undefined, default settings are applied, designed to work with most upstream web application services. no
headerRewritesRef object HeaderRewritesRef selects the relevant HeaderRewrites. If undefined, default settings are applied, designed to work with most upstream web application services. no
limitsRef object LimitsRef selects the relevant Limits configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. no
parserRef object ParserRef selects the relevant Parser configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. no

ContentSecurity.spec.filter

Field Type Description Required Default Allowed Values
denyRulesRef object DenyRulesRef selects the relevant DenyRules configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. no

ContentSecurity.spec.filter.denyRulesRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.headerRewritesRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.limitsRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.parserRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes