Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Step 1: Deploy the Data Theorem Agent In Your Environment

Because API Protect does not send any of your request data to Data Theorem, our API Protect agent needs to be deployed in your environment. We package our agent for deployment as a RHEL VM, a Kubernetes Service, a Docker Compose service, and a Podman pod. We can also quickly and easily provide different packages on request.

Deploy Agent as VM

Upon downloading the agent VM package in from our portal

# unzip the agent software you download from our portal
unzip API_PROTECT_AGENT_VM.zip

# deploy the agent VM named vtap_agent.ova to your VMWare environment

Deploy Agent as Kubernetes Service

# unzip the agent software you download from our portal
unzip API_PROTECT_AGENT_HELM.zip

# untar the agent Helm chart
tar xf vtap_agent_helm_charts.tgz

# deploy the agent Helm chart to your Kuberenetes cluster
helm install vtap-agent \
    ./vtap_agent        \
    --create-namespace        \
    --namespace datatheorem   \
    --set bearerToken=$(cat .dt_client_id)

Deploy Agent as Docker Compose Service

# unzip the agent software you download from our portal
unzip API_PROTECT_AGENT_DOCKER_COMPOSE.zip

# start the docker-compose service
docker-compose --env-file .dt_env up

Deploy Agent as Podman Pod Service

# unzip the agent software you download from our portal
unzip API_PROTECT_AGENT_PODMAN.zip

# run the install script to create the podman pod
./create_vtap_agent_pod.sh --env-file .dt_env

Once the agent is deployed, make note of the agent’s HTTPS URL so you can add it to the Cloudflare Worker’s environment as the DATA_THEOREM_SERVICE_URL

Step 2: Add Data Theorem Integration Code to your Cloudflare Workers

API Protect has two modes of operation, observability mode and blocking mode. In observability mode, your API traffic will be analyzed asynchronously which will minimize latency, but we will not block requests even if we detect attacks or other malicious activity. In blocking mode, our analysis happens before the request is forwarded, so attacks will be blocked, but the latency will be slightly higher.

We recommend using observability mode initially.

Deploy In Observability Mode

The API Protect for Cloudflare Workers software package you download from our portal will contain a client_id we generate to authenticate your services with our system. It will also contain instructions and code examples that demonstrate how to add our integration to your existing Cloudflare Worker code. 

# unzip the agent software you download from our portal
unzip API_PROTECT_CLOUDFLARE_WORKERS.zip

# update your wrangler.toml by setting DATA_THEOREM_SERVICE_URL to your deployed agent's url

# following these instructions for secrets to set the value of `DT_API_PROTECT_CLIENT` from the value in `.dt_client_id`
# https://developers.cloudflare.com/workers/platform/environment-variables#secrets-on-deployed-workers

# deploy your updated worker

  • No labels