Install testing module in your Cloud

Overview

Agentic Security testing involves sending malicious API requests to your (staging) server. By default, these malicious testing requests are sent from the Testing module installed within Akto Cloud.

There could be multiple reasons why you'd want to install testing module within your Cloud.

Whitelisting Akto's IP in Security Group or WAF isn't an option
The staging server isn't reachable from public domain
The WAF would block most requests (or block Akto's IP)
The Agentic component domain isn't resolvable from public domain
The Agentic component is completely internal

Copy the JWT Token

Login to Akto dashboard at app.akto.io
Go to Quick Start > Hybrid Saas > Click on “Connect” button
Copy the JWT token (marked in red) [ Also referred as Database Abstractor Token later]

You then have to use a Linux VM to install Akto Security Testing module in your cloud manually.

Setup Linux VM

Provision a New VM

Minimum recommended configuration:

Platform: Amazon Linux 2023
CPU: 2 vCPUs
Memory: 4 GB RAM
Disk: 20 GB

Don’t use burstable instances.

Network:
- Private subnet
- connectivity to internet (typically via NAT)
- connectivity to your staging service
Security groups
- Inbound - Open only port 22 for SSH
- Outbound - Open all

SSH into the VM

SSH into this new instance in your Cloud
Run the following command:
```
sudo su -
```

Install Docker & Docker Compose

Install the docker and docker-compose.

Create the Environment File

Create:
```
nano docker-agentic-testing.env
```

Add the following:

ANTHROPIC_API_KEY=<key>
NODE_ENV=production
PORT=5500
AGENTIC_MODE=false
NODE_TLS_REJECT_UNAUTHORIZED=0
USE_SESSION_MANAGEMENT=true

Anthropic API Key Required

You must replace your actual Anthropic API Key in the env file.

You can also reference the original template is here.

Create the Docker Compose File

Create:

nano docker-compose-mini-testing-agentic.yml

Important Requirements

You must replace <your-database-abstractor-token> with the actual Database Abstractor Service Token (JWT) copied from the Step 3 of Copy the JWT Token.
Ensure both files below are in the same directory:
- docker-compose-mini-testing-agentic.yml
- docker-agentic-testing.env

Add the following configuration:

version: '3.8'
services:
  agent-testing:
    container_name: agent-testing
    image: public.ecr.aws/aktosecurity/akto-agentic-testing:latest
    ports:
      - "5500:5500"
    env_file:
      - ./docker-agentic-testing.env
    restart: always

  akto-api-security-testing:
    image: public.ecr.aws/aktosecurity/akto-api-security-mini-testing:latest
    container_name: akto-api-security-testing
    environment:
      RUNTIME_MODE: hybrid
      DATABASE_ABSTRACTOR_SERVICE_TOKEN: <token>
      PUPPETEER_REPLAY_SERVICE_URL: "http://akto-puppeteer-replay:3000"
      MINI_TESTING_NAME: "akto-testing-module"
      AGENT_BASE_URL: "http://agent-testing:5500"
    ports:
      - "8001:8001"
    restart: always

  akto-api-security-puppeteer-replay:
    image: public.ecr.aws/aktosecurity/akto-puppeteer-replay:latest
    container_name: akto-puppeteer-replay
    ports:
      - "3000:3000"
    environment:
      NODE_ENV: production
    restart: always

  watchtower:
    image: containrrr/watchtower
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      WATCHTOWER_CLEANUP: true
      WATCHTOWER_POLL_INTERVAL: 1800
    labels:
      com.centurylinklabs.watchtower.enable: "false"

For the reference,the original template is here.

Start the Testing Module

Run:

docker-compose -f docker-compose-mini-testing-agentic.yml up -d

Run the following command to ensure Docker starts up in case of instance restarts:
```
systemctl enable /usr/lib/systemd/system/docker.service
```

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.
Join our discord channel for community support.
Contact [email protected] for email support.
Contact us here.

PreviousEdit Test Settings NextEphemeral Storage for Hybrid Runtime

Last updated 10 days ago

hashtagOverview

hashtagCopy the JWT Token

hashtagSetup Linux VM

hashtagProvision a New VM

hashtagSSH into the VM

hashtagInstall Docker & Docker Compose

hashtagCreate the Environment File

hashtagAnthropic API Key Required

hashtagCreate the Docker Compose File

hashtagImportant Requirements

hashtagStart the Testing Module

hashtagGet Support for your Akto setup

Overview

Copy the JWT Token

Setup Linux VM

Provision a New VM

SSH into the VM

Install Docker & Docker Compose

Create the Environment File

Anthropic API Key Required

Create the Docker Compose File

Important Requirements

Start the Testing Module

Get Support for your Akto setup