Hello Readers! In this blog we’ll see How toEnable Advanced API Security in Apigee. Firstly we’ll see apigee api security overview and after that we’ll see that how to Enable Advanced API Security in Apigee. So stick to the end with me and see how we can do that.
Let’s get started !!!
Overview
Apigee Advance API Security protects the APIs from attacks by malicious agents, such as bots. Apigee provides two main tools for identifying threats and vulnerabilities. They are as follows:
- Bot detection
- Identifying API misconfigurations
To know about the bot detection and identification API misconfigurations tools follow below link :
https://cloud.google.com/apigee/docs/api-security#identifying-api-misconfigurations
Now To access the Security Job reports and Scores the Advanced API Security must be enabled. Let’s see how we can enable the Advanced API Security .
Enabling Advanced API Security for Generating Security Reports
Prerequisites
If I talk about the prerequisite , one should have the following access for the below roles.
| Security Report Task | Required Role(s) |
| Enable or disable Advanced API Security | Apigee Organization Admin (roles/apigee.orgAdmin) |
| Create and view reports | Apigee Organization Admin (roles/apigee.orgAdmin)Apigee Security Admin (roles/apigee.securityAdmin) |
| View reports | Apigee Security Viewer (roles/apigee.securityViewer)Apigee Security Admin (roles/apigee.securityAdmin) |
Now let’s see How we can enable it .
Get a token using Google Cloud credentials
- Authorize gcloud to access cloud platform
gcloud auth login- Set project id as
gcloud config set project PROJECT_ID- Get the oauth token
gcloud auth print-access-token- Export auth token
export TOKEN=$(gcloud auth print-access-token)Check Advanced API Security is already enabled or not
Run the below command in the terminal to check whether the advance api security is already enabled or not :
curl "https://apigee.googleapis.com/v1/organizations/YOUR_ORG" \
-X GET \
-H "Content-type: application/json" \
-H "Authorization: Bearer $TOKEN"Note: YOUR_ORG : is the name of your project_id
If the section below is present , then it means your security is enable
"apiSecurityConfig": {
"enabled": "true"
}Enabling Advanced API Security
If not enabled , enable it using the command as :
curl "https://apigee.googleapis.com/v1/organizations/YOUR_ORG:setAddons" \
-X POST \
-H "Authorization: Bearer $TOKEN" \
-H "Content-type: application/json" \
-d '{
"addonsConfig": {
"apiSecurityConfig": {
"enabled": "true"
},
"integrationConfig": {
"enabled": "true"
},
"monetizationConfig": {
"enabled": "true"
}
}
}'After you send the request, you will see a response like the following:
{
"name": "organizations/apigee-docs-d/operations/0718a945-76e0-4393-a456-f9929603b32c",
"metadata": {
"@type": "type.googleapis.com/google.cloud.apigee.v1.OperationMetadata",
"operationType": "UPDATE",
"targetResourceName": "organizations/apigee-docs-d",
"state": "IN_PROGRESS"
}
}Note: It will take sometime to enable this advanced api security
Once API Security is enable look for the following sections:
Disabling Advanced API Security
To disable the Advanced API Security use the below command:
curl "https://apigee.googleapis.com/v1/organizations/$ORG:setAddons" \
-X POST \
-H "Authorization: Bearer $TOKEN" \
-H "Content-type: application/json" \
-d '{
"addonsConfig": {
"apiSecurityConfig": {
"enabled": "false"
}
<Include current add-ons configuration>
}
}'Note: current add-ons configuration includes the below configuration:
"addonsConfig": {
"apiSecurityConfig": {
"enabled": "true"
},
"integrationConfig": {
"enabled": "true"
},
"monetizationConfig": {
"enabled": "true"
}
}Once the advanced API Security is enable it can be showed in the APIGEE UI as:
So, this is how we can enable the advanced api security for mionitoring the apigee api performance .
Conclusion
So, In this blog we have seen How to Enable Advanced API Security in Apigee. Hope this blog is helpful for you to learn the apigee for minitoring the api performance.
Thank You !!!
Happy Learning !!!
Reference
https://cloud.google.com/apigee/docs/api-security/enable-security
