airbytehq · jdpgrailsdev · Jan 6, 2023 · Dec 21, 2022 · Jan 3, 2023 · Jan 3, 2023
diff --git a/airbyte-container-orchestrator/src/main/resources/application.yml b/airbyte-container-orchestrator/src/main/resources/application.yml
@@ -3,4 +3,30 @@ micronaut:
     port: 9000
 
 airbyte:
-  config-dir: /config
+  config-dir: /config
+
+endpoints:
+  beans:
+    enabled: true
+    sensitive: false
+  env:
+    enabled: true
+    sensitive: false
+  health:
+    enabled: true
+    sensitive: false
+  info:
+    enabled: true
+    sensitive: true
+  loggers:
+    enabled: true
+    sensitive: true
+  refresh:
+    enabled: false
+    sensitive: true
+  routes:
+    enabled: true
+    sensitive: false
+  threaddump:
+    enabled: true
+    sensitive: true
diff --git a/airbyte-cron/src/main/resources/application.yml b/airbyte-cron/src/main/resources/application.yml
@@ -1,12 +1,6 @@
 micronaut:
   application:
     name: airbyte-cron
-  security:
-    intercept-url-map:
-      - pattern: /**
-        httpMethod: GET
-        access:
-          - isAnonymous()
   server:
     port: 9001
 
@@ -32,6 +26,32 @@ datasources:
     username: ${DATABASE_USER}
     password: ${DATABASE_PASSWORD}
 
+endpoints:
+  beans:
+    enabled: true
+    sensitive: false
+  env:
+    enabled: true
+    sensitive: false
+  health:
+    enabled: true
+    sensitive: false
+  info:
+    enabled: true
+    sensitive: true
+  loggers:
+    enabled: true
+    sensitive: true
+  refresh:
+    enabled: false
+    sensitive: true
+  routes:
+    enabled: true
+    sensitive: false
+  threaddump:
+    enabled: true
+    sensitive: true
+
 flyway:
   enabled: true
   datasources:

diff --git a/airbyte-workers/src/main/java/io/airbyte/workers/controller/HeartbeatController.java b/airbyte-workers/src/main/java/io/airbyte/workers/controller/HeartbeatController.java
@@ -12,12 +12,15 @@
 import io.micronaut.http.annotation.Get;
 import io.micronaut.http.annotation.Options;
 import io.micronaut.http.annotation.Post;
+import io.micronaut.security.annotation.Secured;
+import io.micronaut.security.rules.SecurityRule;
 import java.util.Map;
 
 /**
  * Heartbeat controller
  */
 @Controller("/")
+@Secured(SecurityRule.IS_ANONYMOUS)
 public class HeartbeatController {
 
   private static final Map<String, String> CORS_FILTER_MAP = Map.of(

diff --git a/airbyte-workers/src/main/resources/application.yml b/airbyte-workers/src/main/resources/application.yml
@@ -1,12 +1,6 @@
 micronaut:
   application:
     name: airbyte-workers
-  security:
-    intercept-url-map:
-      - pattern: /**
-        httpMethod: GET
-        access:
-          - isAnonymous()
   server:
     port: 9000
 
@@ -214,8 +208,30 @@ docker:
   network: ${DOCKER_NETWORK:host}
 
 endpoints:
-  all:
+  beans:
     enabled: true
+    sensitive: false
+  env:
+    enabled: true
+    sensitive: false
+  health:
+    enabled: true
+    sensitive: false
+  info:
+    enabled: true
+    sensitive: true
+  loggers:
+    enabled: true
+    sensitive: true
+  refresh:
+    enabled: false
+    sensitive: true
+  routes:
+    enabled: true
+    sensitive: false
+  threaddump:
+    enabled: true
+    sensitive: true
 
 google:
   application: