Allowing Addresses for API Platform Proxies
To allow addresses in Anypoint Platform Private Cloud Edition (Anypoint Platform PCE) version 4.0 and later, follow these steps:
-
From the api-manager/api-platform-web-env configmap verify if
APW_FEATURES_PROXYWHITELISTis set totrueby running the following command:
kubectl get cm -n api-manager api-platform-web-env -o jsonpath={.data.APW_FEATURES_PROXYWHITELIST} true
-
If the response is not
true, then set the value totruerunning the following command:
kubectl patch cm -n api-manager api-platform-web-env -p '{"data":{"APW_FEATURES_PROXYWHITELIST": "true" }}
-
Update the
APW_PROXYWHITELIST_RULESin the same configmap by running the following command to patch the configmap with desired allow list rules:
kubectl patch cm -n api-manager api-platform-web-env -p '{"data":{"APW_PROXYWHITELIST_RULES": ".\\.somewhere\\.com,.\\.somewhereelse\\.com" }}
The previous example shows how to allow requests to .somewhere.com/ and .somewhereelse.com/ domains, where * is any part of a DNS name or URL, then list the rules separated by commas.
-
Verify the patch was applied correctly. After confirmed, re-create the pods to ensure each node in the cluster uses the most recent configuration by running this command:
kubectl delete pod -n api-manager -l component=api-platform-web