Introducing VGS Satellite: Local Integration
Try Before You Buy - Commitment Free#
The convenience to “try before you buy” has always been an attractive way to satisfy curiosity about a service or a product that you’ve never used before. At VGS, we’ve come up with a way for you to experience our innovative platform without needing to go online to use the VGS dashboard.
Until today, seeing VGS in action meant having to go to the dashboard and set up a sandbox environment to try out your integration. The wizard for online integration is based on intercepting requests on our proxy and applying filters to secure the payload you’re passing. However, we didn’t want to restrict use of the integration wizard to only those who are logged in to our online platform.
What is VGS Satellite?#
The VGS Zero Data Platform allows companies to use and share sensitive data without having to store that data themselves. VGS acts as a middleware system between your Client and Server, intercepting requests to gather sensitive data and substituting values with an ‘alias’. You then operate with aliases the same way you would operate with the real data.
VGS Satellite is an application for local integration with Very Good Security. It gives you the ability to run requests with your service and transform them into suitable route configurations, compatible with VGS dashboard.
How does it work?#
Local integration experience with VGS Satellite looks something like this:
< data: - attributes: destination_override_endpoint: 'https://example.com' entries: - classifiers: TAGS: account-number config: condition: AND rules: - condition: null expression: field: PathInfo operator: matches type: string values: - /post - condition: null expression: field: ContentType operator: equals type: string values: - application/json id: 7b81cf76-f391-43c3-b1aa-b80a94a6d33a operation: REDACT phase: REQUEST public_token_generator: UUID targets: - body token_manager: PERSISTENT transformer: JSON_PATH transformer_config: - $.account_number host_endpoint: (.*)\.verygoodproxy\.com id: 1e71f195-e1c6-4e19-bdee-4d3d86874ba9 ordinal: null port: 80 protocol: http source_endpoint: '*' tags: name: Route for example.com source: RouteContainer id: 1e71f195-e1c6-4e19-bdee-4d3d86874ba9 type: rule_chain version: 1 >
With the example configuration provided above, you will:
- set up reverse proxy with 'https://example.com' as an upstream
- pass any request as-is if not matches the filter
- apply redact operation for every request to
/posturl path with
account_numbervalue in JSON with alias of following format
- create a
value-to-aliasrepresentation upon any new alias creation
Every request will generate events that give insights into what has happened inside VGS when your request came through, for instance:
- route/filter matching information
- upstream response details
- proxy processing time, etc
- record usage (which operations were triggered)
3 Ways to Integrate#
There are three ways to install VGS Satellite:
After applying configuration you can proxy requests through Satellite. This would give you an understanding of how the VGS dashboard works.
Having installed VGS Satellite, all that is left to do is run it, send your requests and pick-n-choose the ones with the data you want to secure. You can also upload any HAR request that you have generated previously.
You can use VGS Satellite in your CI/CD-pipelines by using our headless Docker image. The image incorporates the proxy functional (both forward and reverse) and the management API. The management API exposes route configuration capabilities along with flow monitoring and audit-logs.
From Offline Integration to Online#
This is how you get route configuration qualified to use for your service, the same main entity that is needed to build live integration with VGS. Now, when you know how VGS works, you are one button away from securing your real data. Go to the VGS Dashboard and import your route configuration using VGS YAML feature or VGS-CLI tool to import route/s.