Yilialinn commented on code in PR #1495: URL: https://github.com/apache/apisix-website/pull/1495#discussion_r1099707914
########## blog/en/blog/2023/02/09/secure-apisix-admin.md: ########## @@ -0,0 +1,151 @@ +--- +title: Securing Admin access to Apache APISIX +authors: + - name: Nicolas Fränkel + title: Author + url: https://github.com/nfrankel + image_url: https://avatars.githubusercontent.com/u/752258 +keywords: + - Security + - Admin API +description: > + API Gateways are critical components in one's infrastructure. If an attacker could change the configuration of routes, they could direct traffic to their infrastructure. Consequences could range from data theft to financial losses. Worse, data theft could only be noticed after a long time by mirroring the load. Hence, protecting your API Gateway is of utmost importance +tags: [Ecosystem] +image: https://blog.frankel.ch/assets/resources/secure-apisix-admin/security-g85f9e284f.jpg +--- + +>API Gateways are critical components in one's infrastructure. If an attacker could change the configuration of routes, they could direct traffic to their infrastructure. Consequences could range from data theft to financial losses. Worse, data theft could only be noticed after a long time by mirroring the load. Hence, protecting your API Gateway is of utmost importance. + +<!--truncate--> + +<head> + <link rel="canonical" href="https://blog.frankel.ch/secure-apisix-admin/"; /> +</head> + +In this short blog post, I'll list a couple of ways to secure your Apache APISIX admin access. Review Comment: ```suggestion In this short blog post, I'll list a couple of ways to secure your [Apache APISIX](https://apisix.apache.org/) admin access. ``` ########## blog/en/blog/2023/02/09/secure-apisix-admin.md: ########## @@ -0,0 +1,151 @@ +--- +title: Securing Admin access to Apache APISIX +authors: + - name: Nicolas Fränkel + title: Author + url: https://github.com/nfrankel + image_url: https://avatars.githubusercontent.com/u/752258 +keywords: + - Security + - Admin API Review Comment: ```suggestion keywords: - API gateway security - Admin API - how to secure API gateway ``` ########## blog/en/blog/2023/02/09/secure-apisix-admin.md: ########## @@ -0,0 +1,151 @@ +--- +title: Securing Admin access to Apache APISIX +authors: + - name: Nicolas Fränkel + title: Author + url: https://github.com/nfrankel + image_url: https://avatars.githubusercontent.com/u/752258 +keywords: + - Security + - Admin API +description: > + API Gateways are critical components in one's infrastructure. If an attacker could change the configuration of routes, they could direct traffic to their infrastructure. Consequences could range from data theft to financial losses. Worse, data theft could only be noticed after a long time by mirroring the load. Hence, protecting your API Gateway is of utmost importance Review Comment: ```suggestion description: It's essential to secure API gateways, the critical components in infrastructures, to avoid data theft and financial losses. ``` ########## blog/en/blog/2023/02/09/secure-apisix-admin.md: ########## @@ -0,0 +1,151 @@ +--- +title: Securing Admin access to Apache APISIX +authors: + - name: Nicolas Fränkel + title: Author + url: https://github.com/nfrankel + image_url: https://avatars.githubusercontent.com/u/752258 +keywords: + - Security + - Admin API +description: > + API Gateways are critical components in one's infrastructure. If an attacker could change the configuration of routes, they could direct traffic to their infrastructure. Consequences could range from data theft to financial losses. Worse, data theft could only be noticed after a long time by mirroring the load. Hence, protecting your API Gateway is of utmost importance +tags: [Ecosystem] +image: https://blog.frankel.ch/assets/resources/secure-apisix-admin/security-g85f9e284f.jpg +--- + +>API Gateways are critical components in one's infrastructure. If an attacker could change the configuration of routes, they could direct traffic to their infrastructure. Consequences could range from data theft to financial losses. Worse, data theft could only be noticed after a long time by mirroring the load. Hence, protecting your API Gateway is of utmost importance. + +<!--truncate--> + +<head> + <link rel="canonical" href="https://blog.frankel.ch/secure-apisix-admin/"; /> +</head> + +In this short blog post, I'll list a couple of ways to secure your Apache APISIX admin access. + +## Change admin tokens + +You can manage Apache APISIX configuration via its HTTP APIs. A token protects every API call. Operations require an `X-API-KEY` HTTP Header: + +* Use a token with the _viewer_ role to call read operations +* Use a token with the _admin_ role to call read *and* write operations + +For example, to create a new route, I need to pass an _admin_-role token, which allows calling write operations: + +```bash +curl http://localhost:9180/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' +{ + "methods": ["GET"], + "uri": ["/hello"], + "upstream_id": 1 +}' +``` + +The first and foremost step to secure your access is to change the default token values: + +```yaml +deployment: + admin: + # Default token when use API to call for Admin API. + # *NOTE*: Highly recommended to modify this value to protect APISIX's Admin API. + # Disabling this configuration item means that the Admin API does not + # require any authentication. + admin_key: + - name: admin + key: edd1c9f034335f136f87ad84b625c8f1 #1 + role: admin # admin: manage all configuration data + # viewer: only can view configuration data + - name: viewer + key: 4054f7cf07e344346cd3f287985e76a2 #1 + role: viewer +``` + +1. Change it! + +You may want to secure tokens even further; it depends on your platform. For example, you may want to store tokens as `Secret` and inject them at container startup. + +## Restrict binding IP(s) + +A server can have multiple IPs from different network adapters. For example, an API Gateway would have at least two network adapters: + +* One public-facing adapter to be reachable from the Internet +* One internal for inside access + +By default, Apache APISIX will bind itself to all network adapters found on the server at startup. The above scenario means it will be reachable **from the Internet**. We should restrict access from the inside only. Review Comment: ```suggestion By default, [Apache APISIX](https://github.com/apache/apisix) will bind itself to all network adapters found on the server at startup. The above scenario means it will be reachable **from the Internet**. We should restrict access from the inside only. ``` ########## blog/en/blog/2023/02/09/secure-apisix-admin.md: ########## @@ -0,0 +1,151 @@ +--- +title: Securing Admin access to Apache APISIX Review Comment: ```suggestion title: Securing Admin Access to Apache APISIX ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
