ContentSecurity

microgateway.airlock.com/v1alpha1


ContentSecurity specifies the options to secure an upstream web application with a Microgateway Engine container.

apiVersion: microgateway.airlock.com/v1alpha1
kind: ContentSecurity
metadata:
  name: content-security-example
spec:
  parserRef:
    name: parser-example

  limitsRef:
    name: limits-example

  headerRewritesRef:
    name: header-rewrites-example

  filter:
    denyRulesRef:
      name: deny-rules-example

  apiProtection:
    openAPIRef:
      name: open-api-example
    graphQLRef:
      name: graphql-example
apiVersion: microgateway.airlock.com/v1alpha1
kind: ContentSecurity
metadata:
  name: default
spec: 
  filter: {}
  apiProtection: {}

ContentSecurity

Field Type Description Required Default Allowed Values
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata yes
spec object Specifies the options to secure an upstream web application with a Microgateway Engine container. no

ContentSecurity.spec

Field Type Description Required Default Allowed Values
apiProtection object APIProtection defines the relevant configurations to protect APIs.
If undefined, default settings are applied, designed to work with most upstream web application services.
no
filter object Filter defines the set of filters, e.g. Airlock Deny Rules, to be applied to incoming requests
to protect against various attack patterns.
If undefined, default settings are applied, designed to work with most upstream web application services.
no
headerRewritesRef object HeaderRewritesRef selects the relevant HeaderRewrites.
If undefined, default settings are applied, designed to work with most upstream web application services.
no
limitsRef object LimitsRef selects the relevant Limits configuration resource.
If undefined, default settings are applied, designed to work with most upstream web application services.
no
parserRef object ParserRef selects the relevant Parser configuration resource.
If undefined, default settings are applied, designed to work with most upstream web application services.
no

ContentSecurity.spec.apiProtection

Field Type Description Required Default Allowed Values
graphQLRef object GraphQLRef selects the relevant GraphQL configuration resource.
If undefined, default settings are applied, designed to work with most upstream web application services.
no
openAPIRef object OpenAPIRef selects the relevant OpenAPI configuration resource.
If undefined, default settings are applied, designed to work with most upstream web application services.
no

ContentSecurity.spec.apiProtection.graphQLRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.apiProtection.openAPIRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.filter

Field Type Description Required Default Allowed Values
denyRulesRef object DenyRulesRef selects the relevant DenyRules configuration resource.
If undefined, default settings are applied, designed to work with most upstream web application services.
no

ContentSecurity.spec.filter.denyRulesRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.headerRewritesRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.limitsRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes

ContentSecurity.spec.parserRef

Field Type Description Required Default Allowed Values
name string Name of the resource yes