'How to prevent other users from accessing APIs hosted in docker container?
I have a docker container that hosts REST APIs. As root user I am able to access with its internal IP from the host machine, like below
#docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mycontainer
172.20.0.7
#curl -X GET http://172.20.0.7:8080/v1/api
Welcome!!
I can do the same as a non-privileged user too! (Permission denied! If I try to execute docker commands as this user).
Is there a way, I can prevent non-privileged users from accessing the container APIs?
Solution 1:[1]
I guess you could create a network interface which you'll be allow the usage by only your root user by using iptable then cast your service only on this network interface (-p <your_new_ip>:port:port)
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | SCcagg5 |