API Security Policies: API Configuration

You can configure an API security policy by making a call to the Tanzu Service Mesh API.

You can use the API Explorer, an interactive user interface, to access the Tanzu Service Mesh API endpoints. For more information about the API Explorer, see the Tanzu Service Mesh API Programming Guide.

Prerequisites

Onboard your Kubernetes clusters where your services are deployed.
Configure a global namespace.

Procedure

On the bottom of the Tanzu Service Mesh Console UI, toward the right, click API Explorer.
On the Rest HTTP tab, to view the autoscaling endpoints, scroll down to the GNS Segmentation Policy section.
Expand the PUT /v1alpha2/projects/{projectID}/global-namespaces/{gnsID}/segmnetation-policy/{id} endpoint and create an autoscaling policy with a given ID based on a given global namespace.
- A. Specify the project name by using projectID.
- B. Specify the global namespace name by using gnsID.
- C. Specify the segmnetation policy name by using id.
- D. Inside Access Control Policy, specify the action (allow or deny) for PII data, schema validation, and attack types. You can also rate limit PII data by entering the paparameter values for rate_limiting_pools.