How to enable the HTTP Strict Transport Security on Automation Suite

system · January 3, 2025, 4:27pm

How to enable HSTS on the Automation suite 23.10.x, 23.4.x?

HTTP Strict Transport Security (HSTS) can be applied to the Automation Suite.

Please refer to the script below for enabling HSTS:

kubectl apply -f - <<EOF
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
  name: hsts-response-header
  namespace: istio-system
spec:
  configPatches:
  - applyTo: HTTP_FILTER
    match:
      context: GATEWAY
      listener:
        filterChain:
          filter:
            name: envoy.filters.network.http_connection_manager
            subFilter:
              name: envoy.filters.http.router
    patch:
      operation: INSERT_BEFORE
      value:
        name: envoy.config.filter.network.custom_protocol
        typed_config:
          '@type': type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua
          inlineCode: |2
        function envoy_on_response(response_handle)
          response_handle:headers():add("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload")
        end

workloadSelector:

labels:

istio: ingressgateway

EOF

Topic		Replies	Views
Unable to install Orchestrator with unsecureHTTP attribute Help orchestrator	3	1548	April 20, 2020
Unable to install UiPath Orchestrator Help	5	3733	January 20, 2018
Orchestartor API access via TLS/SSL and certificate Orchestrator	0	921	June 10, 2020
Modifying Automation Suite Deployments, As Istio Excludes Outbound Ports Knowledge Base automation_suite_deployment_and_operatio	0	278	August 8, 2023
Issue about setting Automation Suite: DNS Validation Failed from container Automation Suite question , automation_suite	4	994	October 12, 2022

How to enable the HTTP Strict Transport Security on Automation Suite

How to enable HSTS on the Automation suite 23.10.x, 23.4.x?

Related topics