Install testing module in your Cloud
Introduction
API Security testing involves sending malicious API requests to your (staging) server. By default, these malicious testing requests are sent from the Testing module installed within Akto Cloud.
There could be multiple reasons why you'd want to install testing module within your Cloud.
Whitelisting Akto's IP in Security Group or WAF isn't an option
The staging server isn't reachable from public domain
The WAF would block most requests (or block Akto's IP)
The API domain isn't resolvable from public domain
The API is completely internal
Testing from Customer Cloud
Login to Akto dashboard at app.akto.io
Go to Quick Start > Hybrid Saas > Click on “Connect” button
Copy the JWT token (marked in red)
You can now use a Helm-chart to install Akto Security Testing module in your cloud or install manually
Terraform
To install using Terraform, use the Terraform script here.
Please make sure you install it in a private subnet from your application VPC.
This private subnet should also have network connectivity (typically via NAT).
For
Database Abstractor Service Token
input in the terraform script specify the JWT token copied in the earlier step.Once the terraform script has finished running, you should be able to see a new autoscaling group created with 1 Akto Testing EC2 instance running.
Helm-chart
Download/clone our helm chart https://github.com/akto-api-security/helm-charts/tree/mini_testing
Open your terminal, and go to the location where you have downloaded the helm charts
Run
helm install aktotesting hybrid-redact -n akto --set tokens.env.databaseAbstractorToken={{paste_token_here}}
Linux VM
Create a new instance with the following requirements
Platform
Amazon Linux 2023
Spec
2 vCPU
4GB RAM
20GB Hard disk
Don’t use burstable instances
Network
Private subnet
connectivity to internet (typically via NAT)
connectivity to your staging service
Security groups
Inbound - Open only port 22 for SSH
Outbound - Open all
SSH into this new instance in your Cloud
Run
sudo su -
Install docker and docker-compose.
Paste the following in
docker-compose-testing.yml
file. Use token from step(3) for DATABASE_ABSTRACTOR_SERVICE_TOKEN valueRun
docker-compose -f docker-compose-testing.yml up -d
Run
systemctl enable /usr/lib/systemd/system/docker.service
to ensure Docker starts up in case of instance restarts
Last updated