I am trying to learn more about the security that the tyk-oss provide so I created a file named policies.json and using this command to replace the one in the pod
kubectl cp ./policies.json gateway-tyk-oss-tyk-gateway-8b59755-f5cfm:/mnt/tyk-gateway/policies/ -n tyk
the policies.json content:
{
"default": {
"rate": 4,
"per": 60,
"quota_max": 100,
"quota_renewal_rate": 60,
"access_rights": {
"1": {
"api_name": "Keyless-HttpBin",
"api_id": "1",
"versions": [
"Default"
]
}
},
"org_id": "default",
"hmac_enabled": false
}
}
The API I am depolying using postman:
{
"name": "Keyless-HttpBin",
"api_id": "1",
"org_id": "default",
"use_keyless": true,
"auth": {
"auth_header_name": ""
},
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"expires": "3000-01-02 15:04",
"use_extended_paths": true,
"extended_paths": {
"ignored": [],
"white_list": [],
"black_list": []
}
}
}
},
"proxy": {
"listen_path": "/httpbin/",
"target_url": "https://httpbin.org",
"strip_listen_path": true
},
"active": true,
"policies":{
"policy_source": "file",
"policy_path": "/mnt/tyk-gateway/policies/policies.json"
}
}
When I test it, it gave me no limit or any policies changed, like I can request 1000 time not 4 per 60s