on 2021 Nov 24 7:09 AM
Hi,
I have the following architecture for my use case that is deployed on SAP BTP Cloud Foundry:
Angular Frontend, Nodejs Backend and an @sap/approuter Application Router, using UAA Service for Authentication and Authorization purposes. As far as I understand the Approuter concept, it acts as a reverse proxy. However, since every deployed service gets a public URL by default, it is possible to bypass this proxy and to access each service directly by calling its URL. The native CF approach to prevent this is the usage of an internal domain (apps.internal by default) and setting up a network policy that allows direct container-to-container communication between two services within the cluster. However, network-policies are not supported by CF on SAP BTP. My question: is there any other way to setup a communication between approuter and backend service without exposing the backend via public URL to the internet?
Thanks for your support!
Regards.
Jakob
Request clarification before answering.
Unfortunately the current answer is no. I would suggest you post this as an Idea at SAP Extension Suite. You have my vote already.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi gregorw,
thanks for your feedback, even though I hoped to get a more promising response 😉 I followed your advice and submitted an according idea, feel free to upvote 😉
https://influence.sap.com/sap/ino/#/idea/275831/?section=sectionDetails
Regards,
Jakob
User | Count |
---|---|
79 | |
29 | |
9 | |
8 | |
7 | |
7 | |
6 | |
6 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.