Hello, I hope you’re doing well! I’m currently an intern working on a project that involves deploying APISIX in a production environment. I would really appreciate your guidance on not just the deployment process, but also the best practices for securing the setup.
In particular, I’m interested in learning more about: • Securing communication between clients and APISIX (e.g., SSL/TLS configuration). • Securing the communication between APISIX and ETCD, and APISIX Dashboard and APISIX (are there any recommended security mechanisms for these internal communications?). • Setting up authentication and access control for the APISIX Dashboard. Is it possible to enable SSO (Single Sign-On) for the dashboard, and if so, could you share any details on how this can be achieved? Additionally, if you have a sample Docker configuration for APISIX that incorporates some of these security best practices, it would be really helpful for me as a reference. Thank you so much for your time and assistance! I’m looking forward to hearing from you.
