API GW SECURITY - TheOpenCloudEngine/uEngine-cloud GitHub Wiki
- IAM μ μ μλ 보μκΆνμ λ°λΌ μμ²λ μ μ μ κΆνμ λ°λ₯Έ μλΉμ€ κ° μ‘μ
(λ©μλ)μ μμ²μ μ΄κ±°λ λ«λλ€.
- μμ 1:
order:
path: /orders/**
serviceId: order-service
stripPrefix: false
# μΌλ° κ²μ€νΈ μ μ μ λν΄μλ (GET) νμ©, catalog-order scope μ κ°μ§ μ μ μΈ κ²½μ° PUT, PATCH, POST, DELETE νμ©
iam-scopes:
- guest/GET
- catalog-order/PUT-PATCH-POST-DELETE
- μμ 2: catalog-user scope μ 보μ ν μ μ λ λͺ¨λ (*) μ‘μ
νμ©
item:
path: /items/**
serviceId: order-service
stripPrefix: false
iam-user-scopes-check: false
iam-scopes:
- catalog-user/*