...
The container must be able to perform DNS lookups of, and be able to connect to, the APIs that will be scanned. For simple deployments, if the host system for a container can resolve hostnames in the private network, so can the container.
The container must be able to resolve and connect to
private-network-proxy1.securetheorem.com, on port20422to set up the tunnel/port forwarding.The container must be configured with an SSH private key and a port assigned to the connector by Data Theorem. The sections below discuss coordinating this configuration with Data Theorem.
A particular instance’s container should only exist once – it should not be scaled or replicated across a cluster (eg, Docker Swarm or Kubernetes). A deployed container represents where network traffic from Data Theorem will originate within the private network.
If you have multiple isolated private networks where there you have APIs to scan, then each network will need its own Private Network Proxy configured with Data Theorem.
The container currently logs all output to STDOUT and STDERR.
The container should have 2 vCPUs, 2GB memory, and 2GB disk
The container image is available at: gcr.io/datatheorem-public-images/private-network-proxy-client-v1
...