-
Notifications
You must be signed in to change notification settings - Fork 596
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Impart Security's WAF and API security plugin (#7672)
* Impart Security's WAF and API security plugin. * Updated category to community per PR feedback * Fix lint and build errors * Update plugin name based on PR feedback * Update docs based on PR feedback * Update docs based on PR feedback * Update docs based on PR feedback * Update app/_hub/impart-security/kong-plugin-impart/_changelog.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Update app/_hub/impart-security/kong-plugin-impart/_changelog.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Update app/_hub/impart-security/kong-plugin-impart/_metadata/_index.yml Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Update app/_hub/impart-security/kong-plugin-impart/overview/_index.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Update app/_hub/impart-security/kong-plugin-impart/overview/_index.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Update app/_hub/impart-security/kong-plugin-impart/overview/_index.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Update app/_hub/impart-security/kong-plugin-impart/overview/_index.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * renamed image * bypass lint spelling * Added mailto: * Added . * Switch to URL instead of email * Rebuild * Added 3.8.x --------- Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com>
- Loading branch information
1 parent
201a79e
commit b9f62dd
Showing
8 changed files
with
176 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -377,6 +377,7 @@ mimetype | |
minifier | ||
minikube | ||
minio | ||
misconfigurations | ||
misconfigured | ||
Moesif | ||
MongoDB | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
## Changelog | ||
|
||
**kong-plugin-impart 0.2.3** | ||
|
||
* Official release of `kong-plugin-impart`. | ||
This plugin is compatible with {{site.base_gateway}} 3.4.x, 3.5.x, 3.6.x, and 3.7.x at release time. |
43 changes: 43 additions & 0 deletions
43
app/_hub/impart-security/kong-plugin-impart/_metadata/_index.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
name: Impart Security | ||
publisher: Impart Security | ||
|
||
categories: | ||
- community | ||
|
||
type: plugin | ||
|
||
desc: Integrate Impart Security's WAF and API security protection platform with Kong. | ||
|
||
support_url: https://www.impart.security/get-started | ||
|
||
dbless_compatible: yes | ||
|
||
free: false | ||
enterprise: false | ||
techpartner: false | ||
konnect: true | ||
|
||
kong_version_compatibility: | ||
community_edition: | ||
compatible: | ||
- 3.8.x | ||
- 3.7.x | ||
- 3.6.x | ||
- 3.5.x | ||
- 3.4.x | ||
- 3.3.x | ||
- 3.2.x | ||
- 3.1.x | ||
- 3.0.x | ||
- 2.8.x | ||
enterprise_edition: | ||
compatible: | ||
- 3.8.x | ||
- 3.7.x | ||
- 3.6.x | ||
- 3.5.x | ||
- 3.4.x | ||
- 2.8.x | ||
|
||
search_aliases: | ||
- kong-plugin-impart |
3 changes: 3 additions & 0 deletions
3
app/_hub/impart-security/kong-plugin-impart/examples/_index.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
name: kong-plugin-impart | ||
config: | ||
inspector_rpc_addr: "/tmp/impart.sock" |
78 changes: 78 additions & 0 deletions
78
app/_hub/impart-security/kong-plugin-impart/overview/_index.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
--- | ||
nav_title: Overview | ||
title: Overview | ||
--- | ||
|
||
Impart's API Protection and WAF platform delivers comprehensive protection for APIs, microservices, and serverless applications in cloud-native environments. | ||
|
||
Use the Impart plugin to: | ||
* Discover and catalog your API and web application Attack Surface. | ||
* Protect your APIs and web applications from injection, enumeration, automated threats, and other attacks. | ||
* Find and help you fix your API and web application vulnerabilities and misconfigurations with built in API testing. | ||
* Reduce your API and web application risk profile. | ||
|
||
|
||
## How it works | ||
|
||
The Impart Kong plugin allows Impart to inspect your HTTP traffic within your own environment to detect threats, anomalies, and other interesting insights. These insights are used to protect your APIs in real time through an integration with Kong that introduces minimal additional latency, fails open to ensure reliability, and keeps sensitive data within your own environment to protect your privacy. | ||
|
||
|
||
## How to install | ||
|
||
Custom plugins can be installed via LuaRocks. A Lua plugin is distributed in `.rock` format, which is | ||
a self-contained package that can be installed locally or from a remote server. | ||
|
||
If you used one of the official {{site.base_gateway}} installation packages, the LuaRocks utility | ||
should already be installed in your system. | ||
Install the `.rock` in your LuaRocks tree, that is, the directory in which LuaRocks | ||
installs Lua modules. | ||
|
||
1. Install the Impart plugin: | ||
|
||
```sh | ||
luarocks install kong-plugin-impart | ||
``` | ||
|
||
2. Update your loaded plugins list in {{site.base_gateway}}. | ||
|
||
In your `kong.conf`, append `impart` to the `plugins` field. Make sure the field is not commented out. | ||
|
||
```yaml | ||
plugins = bundled,impart # Comma-separated list of plugins this node | ||
# should load. By default, only plugins | ||
# bundled in official distributions are | ||
# loaded via the `bundled` keyword. | ||
``` | ||
|
||
3. Restart {{site.base_gateway}}: | ||
|
||
```sh | ||
kong restart | ||
``` | ||
|
||
## Using the plugin | ||
|
||
This plugin requires having installed an Impart Inspector. Navigate to the Impart console for step-by-step [instructions](https://console.impartsecurity.net/orgs/_/integrations?q=kong). | ||
|
||
### {{site.base_gateway}} | ||
|
||
If you already configured an API, execute the command below after replacing `<YOUR_API>` with the name of your API and `<inspector_rpc_addr>` if different than the default. | ||
|
||
```shell | ||
curl -i -X POST http://localhost:8001/services/<YOUR_API>/plugins \ | ||
-F "name=impart" \ | ||
-F "config.inspector_rpc_addr=<inspector_rpc_addr>" | ||
``` | ||
|
||
### {{site.konnect_product_name}} | ||
|
||
If you are a {{site.konnect_short_name}} administrator, install the Impart plugin as a [custom plugin](/konnect/gateway-manager/plugins/add-custom-plugin/). | ||
|
||
If the plugin has already been installed by an administrator, you can enable it through {{site.konnect_short_name}}: | ||
1. Depending on where you want to enable Impart, select **Plugins**. | ||
2. Click on **+ New Plugin** | ||
3. On **Custom Plugins**, select **Kong Plugin Impart**. | ||
4. Fill in the **`Inspector Rpc Addr`** field. | ||
5. Click **Save**. | ||
|
||
For further information, please check our [Impart Kong documentation page](https://docs.impartsecurity.net/docs/Quickstart/Integrations/Kong_lua). |
42 changes: 42 additions & 0 deletions
42
app/_hub/impart-security/kong-plugin-impart/schemas/_index.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
{ | ||
"fields": [ | ||
{ | ||
"consumer": { | ||
"eq": null, | ||
"type": "foreign", | ||
"reference": "consumers" | ||
} | ||
}, | ||
{ | ||
"protocols": { | ||
"elements": { | ||
"one_of": [ | ||
"http", | ||
"https" | ||
], | ||
"type": "string" | ||
}, | ||
"required": true, | ||
"type": "set", | ||
"default": [ | ||
"http", | ||
"https" | ||
] | ||
} | ||
}, | ||
{ | ||
"config": { | ||
"fields": [ | ||
{ | ||
"inspector_rpc_addr": { | ||
"type": "string", | ||
"required": true, | ||
"default": "/tmp/impart.sock", | ||
"description": "Socket to communicate with the Impart inspector." | ||
} | ||
} | ||
] | ||
} | ||
} | ||
] | ||
} |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters