List of Environment Variables Used by a FAST Node¶
Plenty of parameters are used to configure FAST node. These parameters' values can be changed via the corresponding environment variables.
You can set environment variables' values, and pass those variables to FAST node either
or via the
--env-fileargument that specifies the path to a file containing the environment variables
This file should contain the list of environment variables, one variable per line:
All configurable parameters are listed in the table below:
|A token from the Wallarm cloud.
|Address of the Wallarm API server.
us1.api.wallarm.com for the server in the Wallarm US cloud and
api.wallarm.com for the server in the Wallarm EU cloud.
|A list of a target application's hosts. The incoming requests that are targeted to these hosts will be written to a test record.
All incoming requests are recorded by default.
See more details here.
|Defines whether or not to use SSL when connecting to one of the Wallarm API servers.
|The number of threads that process baseline requests and do security testing.
|The link to a Git repository containing custom FAST DSL extensions (this repository should be accessible by the FAST node container)
|The FAST node's operation mode when integrating into CI/CD.
Allowed values are:
recording for the recording mode and
testing for the testing mode.
|The HTTPS port number(s) that are in use by a target application if non-default port(s) are configured for the application.
A few ports can be listed in this parameter's value, for example:
|Defines if a Wallarm API server's CA certificate should be validated.
|The path to a CA certificate to be used by the FAST node.
|The path to a CA private key to be used by the FAST node.
Limiting the Number of Requests to be Recorded¶
By default, the FAST node treats all incoming requests as baseline ones. Therefore, the node records them and creates and executes security tests on their basis. However, it is possible for extraneous requests that should not be recognized as baseline requests to pass through the FAST node to the target application.
You can limit the number of requests to be recorded by the FAST node by filtering out all requests that are not targeted to the application (note that the FAST node proxies the filtered requests but does not record them). This limitation reduces the load that applied to the FAST node and the target application, while boosting the testing process. To apply this limitation, you need to know which hosts the request source interacts with during testing.
You can filter out all non-baseline requests by configuring the
ALLOWED_HOSTS environment variable.
ALLOWED_HOSTS variable values
ALLOWED_HOSTS variable accepts the following host formats:
- fully qualified names (e.g.
- a value beginning with a period (e.g.
.example.local) that is recognized as a subdomain wildcard
- a value of
*that matches anything (in this case, all requests are recorded by the FAST node)
- the set of several values, for example:
- regular expression in the syntax supported by NGINX
For more information about the
ALLOWED_HOSTS variable values, proceed to this link.
The FAST node employs this environment variable in the following way:
If the value of the incoming request's
Hostheader matches the value specified in the
ALLOWED_HOSTSvariable, then the FAST node considers the request to be a baseline one. The request is then recorded and proxied.
All other requests are proxied through the FAST node but are not recorded.
Example of ALLOWED_HOSTS Environment Variable Usage
If the variable is defined as
ALLOWED_HOSTS=google-gruyere.appspot.com, then the requests targeted to the
google-gruyere.appspot.com domain will be considered baseline ones.