Using Kong Konnect (Kong only)
The new Kong integration using Lua-based attachment plugin for the open-appsec integration is currently in beta. This also applies to the new Kong Konnect schema allowing you to manage this plugin directly from Kong Konnect web UI.
Learn how to activate and configure the open-appsec WAF attachment plugin for Kong from Kong Konnect, Kong's central management web UI
If you are using open-appsec WAF integrated with Kong using the modern, Lua-based plugin (not the classical open-appsec attachment plugin, which integrates on NGINX level), then you can also activate and manage the open-appsec attachment plugin for Kong from Kong Konnect.
While Kong Konnect can be used to activate and manage the Lua-based open-appsec attachment plugin, note that you will continue to manage open-appsec in the usual ways, with local, declarative configuration or by using the open-appsec web UI.
Download the Kong Konnect schema for the open-appsec attachment plugin:
wget https://raw.githubusercontent.com/openappsec/attachment/main/attachments/kong/plugins/open-appsec-waf-kong-plugin/schema.luaLogin to your Kong Konnect web UI
Upload the schema file
schema.luafor the open-appsec-waf-kong-plugin
Now you should see the open-appsec-waf-kong-plugin listed under "Custom Plugins" in Kong Konnect.
Activate the plugin in the Kong Konnect web UI by selecting "Enable", then you get to this screen:
Once enabled, the plugin is configured to be applied in "Global" mode by default, which means it will send all traffic to the open-appsec agent for security inspection, alternatively you can select "Scoped" mode here and apply open-appsec security inspection in a custom way only to e.g. to a selected Gateway Service, Route, Consumer or Consumer Group:
For more info on how to use Kong Konnect, see also the official docs available here: https://developer.konghq.com/konnect/
Last updated
Was this helpful?