In this demo we show how to deploy NGINX App Protect in Kubernetes as part of a CI/CD pipeline in a per-service mode.
You may want to consider deploying WAF as a per‑service proxy when the following conditions are true:
- WAF policies are under the direction of a DevSecOps team and are specific to a small number of services.
- Updates to the policies can be managed by either a suitable container‑aware API, or by updating the WAF proxy Deployment.
- The WAF device operates appropriately in a Kubernetes environment.