Automic Workload Automation

 View Only
  • 1.  Exposing REST API

    Posted Aug 05, 2024 04:46 PM

    Hello,

    My team is interested in utilizing the internal REST API to administer job execution via REST API's. As it stands, the endpoint is only exposed to distributed servers that the application engine is comprised of. What is recommended when it comes to exposing the REST endpoint? Currently, our firewall team can expose specific communication with the server where the REST endpoint lives, but that doesn't seem optimal. Would a proxy server be a possible solution? Is there a way to utilize the already exposed AWI server/endpoint to act as a proxy? 

    I appreciate any clever insight on this!

    Thanks,

    Tamman Montanaro



  • 2.  RE: Exposing REST API

    Broadcom Employee
    Posted Aug 06, 2024 04:00 AM

    Hi @Tamman Montanaro

    please have a look in our documentation at

    In order to use the AE's REST endpoint the "client" must be able to access the configured port (Ports for REST process HTTP 8088 as defined in PORT). Of course, HTTPS can be configured to increase the security (see section REST at https://docs.automic.com/documentation/webhelp/english/AA/24.1/DOCU/24.1/Automic%20Automation%20Guides/Content/AWA/Admin/inifiles/admin_ini_automationengine.htm ). 

    Michael



    ------------------------------
    Michael K. Dolinek

    Engineering Program Manager | Agile Operation Division
    Broadcom Software
    ------------------------------



  • 3.  RE: Exposing REST API

    Posted Aug 06, 2024 10:27 AM
    Edited by Marcin Uracz Aug 06, 2024 10:29 AM

    Hi,
    Some time ago I shared here one idea how to secure the REST API using a reverse proxy: 
    Automic Workload Automation

    There is also a Video ( in German ) exploring the idea a little bit further: 
    Automic REST API Verwendung mit NGINX einschränken

    YouTube remove preview
    Automic REST API Verwendung mit NGINX einschränken
    Dieses Video ist eine Einführung in das Thema REST API Verwendung einschränken. Wir konfigurieren gemeinsam die ersten NGINX Regeln für die Automic Web Application Firewall. Die Designer wissen schon Bescheid, dass der Zugriff möglicherweise unbeschränkt ist, also beeilen wir uns! Dieses Video ist Bestandteil von PEM, der größten deutschsprachigen Automic-Lernplattform.
    View this on YouTube >

    It works quite reliable. But nginx is of course one of the possible ways. 

    Cheers,

    Marcin



    ------------------------------
    Cheers,
    Marcin
    ------------------------------