/
API Protect: Cloudflare Workers Integration

API Protect: Cloudflare Workers Integration

Owned by John Gerlock
Last updated: Jul 24, 2023 by Philip Deegan (Unlicensed)
2 min read

Step 1: Deploy the Data Theorem Agent In Your Environment

Because API Protect does not send any of your request data to Data Theorem, our API Protect agent needs to be deployed in your environment. We package our agent for deployment as a Kubernetes Service, a Docker Compose service, and a Podman pod. We can also quickly and easily provide different packages on request.

Deploy Agent as Docker Compose Service

Extract the archive

unzip network_analyzer.zip

In the directory where the archive has been uncompressed, to start the services of the network traffic analyzer run the following command:

docker-compose up -d

To verify the network traffic analyzer services have started properly run the following command:

docker-compose ps

If the service has started properly you should see something mostly the same as the following:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 360db972caa9 us-central1-docker.pkg.dev/dev-api-protect-api/cloud-protect-registry/analyzer:latest "supervisord -c /etc…" 1 hours ago Up 1 hours (healthy) 0.0.0.0:8081->8081/tcp, :::8081->8081/tcp api-protect-analyzer-1

 

Once the agent is deployed, make note of the agent’s HTTPS URL so you can add it to the Cloudflare Worker’s environment as the DATA_THEOREM_SERVICE_URL

Step 2: Add Data Theorem Integration Code to your Cloudflare Workers

Creating and deploying a new Cloudflare Worker on Cloudflare site

Extract the archive

unzip CFW.zip

From the data_theorem_forwarder directory, view the contents of the file wrangler.toml and determine your FORWARD_URL

[vars] CLIENT_ID=<randomly generated value> # Update FORWARD_URL to the domain you have configured with '/relayed' as the path # Example: if your domain is `sub.domain.com`, the below line should be: `FORWARD_URL = "<https://sub.domain.com/relayed"`> FORWARD_URL = "<https://[ANALYZER_DOMAIN]/relayed">

On http://cloudflare.com from the workers page:

  1. click 'Create a Service'

  2. from the 'Select a starter' panel, choose 'HTTP Router' and click 'Create Service'

  3. switch to the 'Setting' tab and click 'Add Variable'

  4. create a variable named CLIENT_ID using the value from the CLIENT_ID key in data_theorem_forwarder/wrangler.toml

  5. create a second variable named FORWARD_URL using value from the instructions in data_theorem_forwarder/wrangler.toml

  6. click 'Save and deploy'

  7. click 'Quick edit'

  8. replace the contents of the left-most code panel by pasting the contents of data_theorem_forwarder/src/index.js then click 'Save and Deploy'

Creating and deploying a new Cloudflare Worker with Wrangler CLI

Extract the archive

unzip CFW.zip

From the data_theorem_forwarder directory

Edit the file wrangler.toml to replace [ANALYZER_DOMAIN] with your domain

[vars] CLIENT_ID=<randomly generated value> # Update FORWARD_URL to the domain you have configured with '/relayed' as the path # Example: if your domain is `sub.domain.com`, the below line should be: `FORWARD_URL = "<https://sub.domain.com/relayed"`> FORWARD_URL = "<https://[ANALYZER_DOMAIN]/relayed">
npx wrangler publish src/index.js --name my-worker

 

Related content