ContentSecurity
microgateway.airlock.com/v1alpha1
ContentSecurity specifies the options to secure an upstream web application with a Microgateway Engine container.
apiVersion: microgateway.airlock.com/v1alpha1
kind: ContentSecurity
metadata:
name: content-security-example
spec:
parserRef:
name: parser-example
limitsRef:
name: limits-example
headerRewritesRef:
name: header-rewrites-example
filter:
denyRulesRef:
name: deny-rules-example
apiProtection:
openAPIRef:
name: open-api-example
graphQLRef:
name: graphql-example
apiVersion: microgateway.airlock.com/v1alpha1
kind: ContentSecurity
metadata:
name: default
spec:
filter: {}
apiProtection: {}
ContentSecurity
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
metadata |
ObjectMeta | Refer to Kubernetes API documentation for fields of metadata |
yes | ||
spec | object | Specifies the options to secure an upstream web application with a Microgateway Engine container. | no |
ContentSecurity.spec
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
apiProtection | object | APIProtection defines the relevant configurations to protect APIs. If undefined, default settings are applied, designed to work with most upstream web application services. |
no | ||
filter | object | Filter defines the set of filters, e.g. Airlock Deny Rules, to be applied to incoming requests to protect against various attack patterns. If undefined, default settings are applied, designed to work with most upstream web application services. |
no | ||
headerRewritesRef | object | HeaderRewritesRef selects the relevant HeaderRewrites. If undefined, default settings are applied, designed to work with most upstream web application services. |
no | ||
limitsRef | object | LimitsRef selects the relevant Limits configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. |
no | ||
parserRef | object | ParserRef selects the relevant Parser configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. |
no |
ContentSecurity.spec.apiProtection
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
graphQLRef | object | GraphQLRef selects the relevant GraphQL configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. |
no | ||
openAPIRef | object | OpenAPIRef selects the relevant OpenAPI configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. |
no |
ContentSecurity.spec.apiProtection.graphQLRef
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
name |
string | Name of the resource | yes |
ContentSecurity.spec.apiProtection.openAPIRef
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
name |
string | Name of the resource | yes |
ContentSecurity.spec.filter
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
denyRulesRef | object | DenyRulesRef selects the relevant DenyRules configuration resource. If undefined, default settings are applied, designed to work with most upstream web application services. |
no |
ContentSecurity.spec.filter.denyRulesRef
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
name |
string | Name of the resource | yes |
ContentSecurity.spec.headerRewritesRef
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
name |
string | Name of the resource | yes |
ContentSecurity.spec.limitsRef
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
name |
string | Name of the resource | yes |
ContentSecurity.spec.parserRef
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
name |
string | Name of the resource | yes |