Connect Akto with Hybrid SaaS

Learn how to send API traffic data to Akto SaaS from your cloud setup.

1. Go to app.akto.io

2. Login/Signup into your account.

3. Click on Quick Start tab in left nav.

4. Search for Hybrid SaaS Connector and click connect.

Installing Traffic connector

You can use either a CloudFormation template, Terraform template or a Helm chart to install Traffic aggregator in your env.

Terraform

  1. To install using Terraform, use the Terraform script here.

    1. Please make sure you install it in a private subnet from your application VPC.

    2. This private subnet should also have network connectivity (typically via NAT).

  2. You can use https://cyborg.akto.io as DatabaseAbstractorUrl . For DatabaseAbstractorToken you can copy it from the helm install command in the above screenshot.

  3. Once complete, copy akto_nlb_dns from the output.

  4. The next step is to install a traffic connector.

    1. You can use the above copied AktoNLBIP as AKTO_KAFKA_BROKER_MAL in your traffic connectors. Note that AKTO_KAFKA_BROKER_MAL is inclusive of port (eg akto-N-.....amazonaws.com:9092)

CloudFormation template

  1. To install using CloudFormation, run the Cloudformation template here.

i) Please make sure you install it in a private subnet from your application VPC.

ii) This private subnet should also have network connectivity (typically via NAT).

  1. You can use https://cyborg.akto.io as DatabaseAbstractorUrl . For DatabaseAbstractorToken you can copy it from the helm install command in the above screenshot.

  2. Once complete, go to the Output section of CloudFormation Stack and copy AktoNLBIP.

  3. The next step is to install a traffic connector.

    1. You can use the above copied AktoNLBIP as AKTO_KAFKA_BROKER_MAL in your traffic connectors. Note that AKTO_KAFKA_BROKER_MAL is inclusive of port (eg akto-N-.....amazonaws.com:9092)

Helm chart

1. If you have K8s clusters, you can use helm chart to install Traffic aggregator.

2. Add akto helm repository.

helm repo add akto https://akto-api-security.github.io/helm-charts/
  1. Install akto-mini-runtime helm chart in your kubernetes cluster.

    1. Directly using database abstractor token

      helm install akto-mini-runtime akto/akto-mini-runtime -n <your-namespace> --set mini_runtime.aktoApiSecurityRuntime.env.databaseAbstractorToken="<your-database-abstractor-token>"
    2. Storing the database abstractor token in a secret

      helm install akto-mini-runtime akto/akto-mini-runtime -n <your-namespace> --set mini_runtime.aktoApiSecurityRuntime.env.useSecretsForDatabaseAbstractorToken=true --set mini_runtime.aktoApiSecurityRuntime.env.databaseAbstractorTokenSecrets.token="<your-database-abstractor-token>"

4. Running the above commands in your k8s cluster will deploy a new Akto Traffic aggregator service.

5. Run the below command and copy the CLUSTER-IP and PORT value for Traffic aggregator service. In the below example it will be 10.0.23.145:9092. You can also use the kubernetes service ip, which in this case will be akto-mini-runtime-mini-runtime.dev.svc.cluster.local:9092

kubectl get svc -n <namespace>

6. The next step is to install a traffic connector.

  1. You can use the above copied IP:PORT value as AKTO_KAFKA_BROKER_MAL in your traffic connectors. Note that AKTO_KAFKA_BROKER_MAL is inclusive of port (eg 10.0.23.145:9092 , akto-mini-runtime-mini-runtime.dev.svc.cluster.local:9092)

Linux VM

  1. Create a new instance with the following requirements

    1. Platform

      1. Amazon Linux 2023

    2. Spec

      1. 2 vCPU

      2. 4GB RAM

      3. 20GB Hard disk

      4. Don’t use burstable instances

    3. Network

      1. Private subnet

      2. connectivity to internet (typically via NAT)

      3. connectivity to your staging service

    4. Security groups

      1. Inbound - Open ports 22, 9092

      2. Outbound - Open all

  2. SSH into this new instance in your Cloud

  3. Run sudo su -

  4. Install docker and docker-compose.

  5. Run the following commands to download setup files -

   wget https://raw.githubusercontent.com/akto-api-security/infra/refs/heads/feature/quick-setup/docker-compose-mini-runtime.yml
   wget https://raw.githubusercontent.com/akto-api-security/infra/refs/heads/feature/quick-setup/watchtower.env
   wget https://raw.githubusercontent.com/akto-api-security/infra/refs/heads/feature/quick-setup/docker-mini-runtime.env
  1. Modify ${AKTO_KAFKA_IP} in the docker-compose-mini-runtime.yml with the ip of your instance on which runtime will be deployed

  2. Replace the value of DATABASE_ABSTRACTOR_SERVICE_TOKEN in docker-mini-runtime.yml with the token value copied from Akto's Hybrid Saas Connector in the quick start menu. Also Replace the value of AKTO_KAFKA_BROKER_URL with <instance_ip>:9092

  3. Run docker-compose -f docker-compose-mini-runtime.yml up -d

  4. Run systemctl enable /usr/lib/systemd/system/docker.service to ensure Docker starts up in case of instance restarts

Notes:

  1. Ensure internet connectivity in Traffic aggregator service.

  2. In case of closed network, please whitelist (https://cyborg.akto.io)

  3. Ensure that traffic connector is able to connect to Traffic aggregator service

  4. Log levels for Akto services can be configured by setting the environment variable AKTO_LOG_LEVEL

    • Supported values include TRACE, DEBUG, INFO, WARN, ERROR and OFF.

    • Default log level is set to WARN.

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

  1. In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.

  2. Join our discord channel for community support.

  3. Contact [email protected] for email support.

  4. Contact us here.

Last updated

Was this helpful?