In a production Kubernetes environment, how can I secure admin api?"?

[tirelibirefe]

Hello Ladies & Gentlemen,
In the issue which I was supported by @sumimakito shows that Kong Manager needs to admin-api ingress to work. Also the issue proves that admin-api has to be exposed via ingress for Kong Manager.

In fact I don't want to expose admin api via ingress but I have to expose it because of Kong Manager prerequisite.

There are some options to secure admni-api such as using OAuth2-proxy & Keycloak. I haven't tried but it will not work as Kong Manager needs to access admin-api via ingress to work. If I put an authentication mechanism front of manager api, Kong Manager will not be able authenticate there.

By considering the mandatory requirements of Kong Manager above, in a production Kubernetes environment, how can I secure "admin-api" ?

Thanks & Regards

[sumimakito]

Hello @tirelibirefe,

Kong Manager authenticates via Admin API's /auth endpoint. Currently, this endpoint only supports these methods listed by our documentation, and we currently don't have a plan to support more. I understand your concern about the Admin API being accessible from the outside. However, if a user has access to Kong Manager, they will also have the same access to the Admin API, otherwise, Kong Manager will not work correctly.

Under today's implementation, we serve the Kong Manager and the Admin API on different ports because the Kong Manager should be an external app that uses the Admin API by design. Although this is unofficial, you may try to add an additional layer to secure the Kong Manager and also the Admin API, so that only authorized users can access both of them at the same time.

I would also appreciate suggestions from @Kong/team-k8s regarding the best practices to secure the service exposed to the outside world.