Some plugins will register API to serve their purposes.
Since these API are not added as regular Route, we can't add plugins to protect them. To solve the problem, we add a new concept called 'interceptors' to run rules to protect them.
Here is an example to limit the access of /apisix/prometheus/metrics
(a route introduced via plugin prometheus)
to clients in 10.0.0.0/24
:
$ curl http://127.0.0.1:9080/apisix/admin/plugin_metadata/prometheus -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -i -X PUT -d '
{
"interceptors": [
{
"name": "ip-restriction",
"conf": {
"whitelist": ["10.0.0.0/24"]
}
}
]
}'
You can see that the interceptors are configured like the plugins. The name
is
the name of plugin which you want to run and the conf
is the configuration of the
plugin.
Currently we only support a subset of plugins which can be run as interceptors.
Supported interceptors: