Set up App and API Protection for Node.js in Docker
Este producto no es compatible con el
sitio Datadog seleccionado. (
).
You can enable App and API Protection for Node.js services with the following setup options:
- If your Node.js service already has APM tracing set up and running, then skip to service configuration
- If your Node.js service doesn't have APM tracing set up, you can easily enable App and API Protection with Datadog's Automatic Installation
- Otherwise, keep reading the following manual setup instructions
Overview
App and API Protection works by leveraging the Datadog Node.js library to monitor and secure your Node.js service. The library integrates seamlessly with your existing application without requiring code changes.
For detailed compatibility information, including supported Node.js versions, frameworks, and deployment environments, see Node.js Compatibility Requirements.
This guide explains how to set up App and API Protection (AAP) for Node.js applications. The setup involves:
- Installing the Datadog Agent
- Enabling App and API Protection monitoring
- Running your Node.js application with the Datadog Agent
- Verifying the setup
Prerequisites
- Docker installed on your host
- Node.js application containerized with Docker
- Your Datadog API key
- Datadog Node.js tracing library (see version requirements)
1. Installing the Datadog Agent
Install the Datadog Agent by following the setup instructions for Docker.
2. Enabling App and API Protection monitoring
Automatically enabling App and API Protection through Remote Configuration
APM Tracing cannot be disabled for the time being with remote config.
You can enable remote configuration on your services dashboard.
Simply check the box for the service you want to enable App and API Protection for under "Activate on your APM services".
Manually enabling App and API Protection monitoring
Add the Datadog Node.js library to your Dockerfile and configure environment variables:
FROM node:18-alpine
# Install the Datadog Node.js library
RUN npm install dd-trace
# Copy your application files
COPY package*.json ./
COPY . .
# Install dependencies
RUN npm install
# Set environment variables
ENV DD_APPSEC_ENABLED=true
ENV DD_SERVICE=<YOUR_SERVICE_NAME>
ENV DD_ENV=<YOUR_ENVIRONMENT>
# Start the application with the Datadog tracer
CMD ["node", "--require", "dd-trace/init", "app.js"]
To disable APM tracing while keeping App and API Protection enabled, you must set the APM tracing variable to false.
Add the Datadog Node.js library to your Dockerfile and configure environment variables:
FROM node:18-alpine
# Install the Datadog Node.js library
RUN npm install dd-trace
# Copy your application files
COPY package*.json ./
COPY . .
# Install dependencies
RUN npm install
# Set environment variables
ENV DD_APPSEC_ENABLED=true
ENV DD_APM_TRACING_ENABLED=false
ENV DD_SERVICE=<YOUR_SERVICE_NAME>
ENV DD_ENV=<YOUR_ENVIRONMENT>
# Start the application with the Datadog tracer
CMD ["node", "--require", "dd-trace/init", "app.js"]
3. Run your application
Build your image and then run your container.
When running your container, make sure to:
- Connect it to the same Docker network as the Datadog Agent.
- Set the required environment variables.
docker run -d \
--name your-nodejs-app \
your-nodejs-app-image
4. Verify setup
To verify that App and API Protection is working correctly:
- Send some traffic to your application
- Check the Application Signals Explorer in Datadog
- Look for security signals and vulnerabilities
Troubleshooting
If you encounter issues while setting up App and API Protection for your Node.js application, see the Node.js App and API Protection troubleshooting guide.
Further Reading
Más enlaces, artículos y documentación útiles:
