I tried disabling all actuator endpoints for production environment in application.yml
configuration file:
endpoints.enabled: false
It works for all endpoints except for /info.
How can I turn off all endpoints for given environment?
UPDATE:
Project I am working on is also acting as Eureka client.
In documentation for Spring Cloud Netflix in section Status Page and Health Indicator (http://cloud.spring.io/spring-cloud-netflix/spring-cloud-netflix.html) it says that "Eureka instance default to "/info" and "/health" respectively".
Is there any solution to disable those endpoints?
I was able to disable /health endpoint with endpoints.enabled: false
, but not the /info endpoint.
Best Answer
Finally I managed to solve my problem. I enabled only /info and /health endpoints in actuator. And to allow access to /info endpoint only to users with role ADMIN I needed to mix actuator management security and spring security configuration.
So my application.yml looks like this:
And spring security configuration like this (where I needed to change order of ManagementSecurityConfig to have higher priority):