Advanced API security for Kubernetes containers running in AWS

In this demo we show how to deploy NGINX App Protect in Kubernetes as part of a CI/CD pipeline in a per-service mode.

You may want to consider deploying WAF as a per‑service proxy when the following conditions are true:

  • WAF policies are under the direction of a DevSecOps team and are specific to a small number of services.
  • Updates to the policies can be managed by either a suitable container‑aware API, or by updating the WAF proxy Deployment.
  • The WAF device operates appropriately in a Kubernetes environment.