Skip to content

Latest commit

 

History

History
90 lines (67 loc) · 3.17 KB

secure-infrastructure.mdx

File metadata and controls

90 lines (67 loc) · 3.17 KB
Raw
title description meta_tags namespace menu_namespace permalink
Secure an infrastructure
Use Origin Shield to secure your infrastructure.
edge, security, infrastructure, origin shield
docs_secure_infrastructure
secureMenu
/documentation/products/secure/secure-infrastructure/

import Button from '/components/Button.astro' import ContributorList from '/components/ContributorList.astro'

Once you've created an edge firewall and secured your application, you can use Origin Shield to secure your infrastructure by blocking threats.

Origin Shield works as a list of IP/CIDR addresses used in Azion's Edge, thus providing assurance of safe IPs to allow access. The list is maintained by Azion and available via Azion Console and API, but each client must create automation to guarantee their security policies are always up-to-date with the Origin Shield addresses.

Step 1. Enable Origin Shield

To access the Origin Shield list, you must have:

Step 2. Access the list of addresses

Via Azion Console

  1. Access Azion Console > select Network Lists.
  2. Select Azion Origin Shield.
  3. On the List field, you can copy the IP addresses list.

:::note Clients with Origin Shield receive an email every time the list is updated and have 7 days to update automations, when necessary, to retrieve the new list. :::

Via API

  1. Run the following GET request in your terminal, replacing [TOKEN VALUE] with your personal token
curl --location 'https://api.azionapi.net/network_lists' \
--header 'Accept: application/json; version=3' \
--header 'Authorization: Token [TOKEN VALUE]'
  1. You'll receive a response similar to this:
{
  "count": 4,
  "total_pages": 1,
  "schema_version": 3,
  "links": {
    "previous": null,
    "next": null
  },
  "results": [
    {
      "id": 2345,
      "last_editor": "last.editor@azion.com",
      "last_modified": "2023-03-27T21:19:27.996870Z",
      "list_type": "ip_cidr",
      "name": "Azion Origin Shield",
      "country_list": [],
      "ip_list": [
        "192.168.0.5"
      ]
    }
  ]
}
  1. On the ip_list field, you'll receive all IPs added by Azion. You can copy the IP addresses list.

Step 3. Automate new address additions

After having access and checking the list of IP addresses provided by Origin Shield, you can create an automation with Rules Engine, ensuring your infrastructure is always protected with the most recent version of safe IPs.



Contributors Contributor