Skip to content

WAF / Layer 7 Protection

Summary

External-facing API endpoints must have some sort of web application firewall / Layer 7 security mechanism in place. External endpoints are those invoked by end users. This doesn't include cloud-native services (e.g., calling the cloud's object storage or the cloud's APIs). This does not include data platform APIs that are strictly internal (if such things exist).

Operator Input

  • Shell requires this
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information