Is it possible to completely prevent Apigee from accessing my Edge organization in public cloud?
Apigee maintains "super user" access to Edge public cloud at all times. In the Edge for Private Cloud (on premises), this is referred to as "sysadmin role" and serves the same purpose.
Because Apigee builds and manages the public cloud across all customers, and the underlying infrastructure is on both Google Cloud Platform (GCP) and Amazon Web Services (AWS), Apigee needs control over operations such as creating new organizations, bringing infrastructure up or down, and helping customers recover access to Edge.
Apigee therefore has theoretical access to every organization within the public cloud, just like an administrator would have access to everything running within their own servers in their own datacenter.
However, Apigee does provide the following tools to let you restrict the amount of access and data exposure in some parts of your organization:
- You can disable Apigee Support's ability to trace API calls in your organization. Disabling Apigee Support's access to trace prevents Apigee from adding Support users to your organization. It's possible for Apigee to override this setting in an emergency, but the support and operational tools used by Apigee all respect this setting.
- Edge also supports data masking of API call data as it is processed by Edge. Data masking, when enabled, redacts sensitive data from being displayed in Edge.
- Apigee also provides admin logs so that you can tell if or when an Apigee user has been added to your organization or has accessed your organization.
You cannot completely block Apigee from having access to your Edge public cloud organization. Completely blocking Apigee would break our ability to run the platform for you. However, you can use the previously mentioned tools to limit access, limit data exposure, and know when Apigee has accessed your organization.