Kong · lena-larionova · Oct 31, 2024 · Jul 23, 2024 · Jul 23, 2024 · Jul 23, 2024
@@ -366,6 +366,7 @@ mimetype
 minifier
 minikube
 minio
+misconfigurations
 misconfigured
 Moesif
 MongoDB

@@ -0,0 +1,6 @@
+## Changelog
+
+**kong-plugin-impart 0.2.3**
+
+* Official release of `kong-plugin-impart`. 
+This plugin is compatible with {{site.base_gateway}} 3.4.x, 3.5.x, 3.6.x, and 3.7.x at release time.
@@ -0,0 +1,43 @@
+name: Impart Security
+publisher: Impart Security
+
+categories:
+  - community
+
+type: plugin
+
+desc: Integrate Impart Security's WAF and API security protection platform with Kong.
+
+support_url: https://www.impart.security/get-started
+
+dbless_compatible: yes
+
+free: false
+enterprise: false
+techpartner: false
+konnect: true
+
+kong_version_compatibility:
+  community_edition:
+    compatible:
+      - 3.8.x
+      - 3.7.x
+      - 3.6.x
+      - 3.5.x
+      - 3.4.x
+      - 3.3.x
+      - 3.2.x
+      - 3.1.x
+      - 3.0.x
+      - 2.8.x
+  enterprise_edition:
+    compatible:
+      - 3.8.x
+      - 3.7.x
+      - 3.6.x
+      - 3.5.x
+      - 3.4.x
+      - 2.8.x
+
+search_aliases:
+  - kong-plugin-impart
@@ -0,0 +1,3 @@
+name: kong-plugin-impart
+config:
+ inspector_rpc_addr: "/tmp/impart.sock"
@@ -0,0 +1,78 @@
+---
+nav_title: Overview
+title: Overview
+---
+
+Impart's API Protection and WAF platform delivers comprehensive protection for APIs, microservices, and serverless applications in cloud-native environments.
+
+Use the Impart plugin to:
+* Discover and catalog your API and web application Attack Surface.
+* Protect your APIs and web applications from injection, enumeration, automated threats, and other attacks.
+* Find and help you fix your API and web application vulnerabilities and misconfigurations with built in API testing.
+* Reduce your API and web application risk profile.
+
+
+## How it works
+
+The Impart Kong plugin allows Impart to inspect your HTTP traffic within your own environment to detect threats, anomalies, and other interesting insights. These insights are used to protect your APIs in real time through an integration with Kong that introduces minimal additional latency, fails open to ensure reliability, and keeps sensitive data within your own environment to protect your privacy.
+
+
+## How to install
+
+Custom plugins can be installed via LuaRocks. A Lua plugin is distributed in `.rock` format, which is
+a self-contained package that can be installed locally or from a remote server.
+
+If you used one of the official {{site.base_gateway}} installation packages, the LuaRocks utility
+should already be installed in your system.
+Install the `.rock` in your LuaRocks tree, that is, the directory in which LuaRocks
+installs Lua modules.
+
+1. Install the Impart plugin:
+
+    ```sh
+    luarocks install kong-plugin-impart
+    ```
+
+2. Update your loaded plugins list in {{site.base_gateway}}.
+
+    In your `kong.conf`, append `impart` to the `plugins` field. Make sure the field is not commented out.
+
+    ```yaml
+    plugins = bundled,impart                # Comma-separated list of plugins this node
+                                            # should load. By default, only plugins
+                                            # bundled in official distributions are
+                                            # loaded via the `bundled` keyword.
+    ```
+
+3. Restart {{site.base_gateway}}:
+
+    ```sh
+    kong restart
+    ```
+
+## Using the plugin
+
+This plugin requires having installed an Impart Inspector. Navigate to the Impart console for step-by-step [instructions](https://console.impartsecurity.net/orgs/_/integrations?q=kong).
+
+### {{site.base_gateway}}
+
+If you already configured an API, execute the command below after replacing `<YOUR_API>` with the name of your API and `<inspector_rpc_addr>` if different than the default.
+
+```shell
+curl -i -X POST http://localhost:8001/services/<YOUR_API>/plugins \
+     -F "name=impart" \
+     -F "config.inspector_rpc_addr=<inspector_rpc_addr>"
+```
+
+### {{site.konnect_product_name}}
+
+If you are a {{site.konnect_short_name}} administrator, install the Impart plugin as a [custom plugin](/konnect/gateway-manager/plugins/add-custom-plugin/).
+
+If the plugin has already been installed by an administrator, you can enable it through {{site.konnect_short_name}}:
+1. Depending on where you want to enable Impart, select **Plugins**.
+2. Click on **+ New Plugin**
+3. On **Custom Plugins**, select **Kong Plugin Impart**.
+4. Fill in the **`Inspector Rpc Addr`** field.
+5. Click **Save**.
+
+For further information, please check our [Impart Kong documentation page](https://docs.impartsecurity.net/docs/Quickstart/Integrations/Kong_lua).
@@ -0,0 +1,42 @@
+{
+  "fields": [
+    {
+      "consumer": {
+        "eq": null,
+        "type": "foreign",
+        "reference": "consumers"
+      }
+    },
+    {
+      "protocols": {
+        "elements": {
+          "one_of": [ 
+            "http",
+            "https"
+          ],
+          "type": "string"
+        },
+        "required": true,
+        "type": "set",
+        "default": [
+          "http",
+          "https"
+        ]
+      }
+    },
+    {
+      "config": {
+        "fields": [
+          {
+            "inspector_rpc_addr": {
+              "type": "string",
+              "required": true,
+              "default": "/tmp/impart.sock",
+              "description": "Socket to communicate with the Impart inspector."
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
@@ -62,5 +62,7 @@
   "https://www.moesif.com/solutions/metered-api-billing",
   "https://opeani.com/",
   "https://openai.com/*",
-  "https://is.docs.wso2.com/en/latest/guides/identity-federation/configure-oauth2-openid-connect/"
+  "https://is.docs.wso2.com/en/latest/guides/identity-federation/configure-oauth2-openid-connect/",
+  "https://console.impartsecurity.net/orgs/_/integrations",
+  "https://docs.impartsecurity.net/docs/Quickstart/Integrations/Kong_lua"
 ]