CEL-based RBAC
Use Common Language Expressions (CEL) expressions to secure access to AI resources.
About CEL-based RBAC
Agentgateway proxies use CEL expressions to match requests or responses on specific parameters, such as a request header or source address. If the request matches the condition, it is allowed. Requests that do not match any of the conditions are denied.
For an overview of supported CEL expressions, see the agentgateway docs.
Before you begin
Set up an agentgateway proxy.
Set up access to Gemini
Configure access to an LLM provider such as Gemini. You can use any other LLM provider, an MCP server, or an agent to try out CEL-based RBAC.
Save your Gemini API key as an environment variable. To retrieve your API key, log in to the Google AI Studio and select API Keys.
export GOOGLE_KEY=<your-api-key>Create a secret to authenticate to Google.
kubectl apply -f - <<EOF apiVersion: v1 kind: Secret metadata: name: google-secret namespace: gloo-system type: Opaque stringData: Authorization: $GOOGLE_KEY EOF
Send a request to the LLM provider API. Verify that the request succeeds and that you get back a response from the chat completion API.
Example output:
{"id":"aGLEaMjbLp6p_uMPopeAoAc", "choices": [{"index":0,"message":{ "content":"Imagine teaching a dog a trick. You show it what to do, reward it when it's right, and correct it when it's wrong. Eventually, the dog learns.\n\nAI is similar. We \"teach\" computers by showing them lots of examples. For example, to recognize cats in pictures, we show it thousands of pictures of cats, labeling each one \"cat.\" The AI learns patterns in these pictures – things like pointy ears, whiskers, and furry bodies – and eventually, it can identify a cat in a new picture it's never seen before.\n\nThis learning process uses math and algorithms (like a secret code of instructions) to find patterns and make predictions. Some AI is more like a dog learning tricks (learning from examples), and some is more like following a very detailed recipe (following pre-programmed rules).\n\nSo, in short: AI is about teaching computers to learn from data and make decisions or predictions, just like we teach dogs tricks.\n", "role":"assistant" }, "finish_reason":"stop" }], "created":1757700714, "model":"gemini-1.5-flash-latest", "object":"chat.completion", "usage":{ "prompt_tokens":8, "completion_tokens":205, "total_tokens":213 } }
Set up RBAC permissions
Create a GlooTrafficPolicy with your CEL rules. The following example allows requests with the
x-llm: geminiheader.kubectl apply -f- <<EOF apiVersion: gloo.solo.io/v1alpha1 kind: GlooTrafficPolicy metadata: name: rbac namespace: gloo-system spec: targetRefs: - group: gateway.networking.k8s.io kind: HTTPRoute name: google rbac: policy: matchExpressions: - "request.headers['x-llm'] == 'gemini'" EOFSend a request to the LLM provider API without the
llmheader. Verify that the request is denied with a 403 HTTP response code.Example output:
* upload completely sent off: 109 bytes < HTTP/1.1 403 Forbidden HTTP/1.1 403 Forbidden < content-type: text/plain content-type: text/plain < content-length: 20 content-length: 20 < * Connection #0 to host localhost left intact authorization failedSend another request to the LLM provider. This time, you include the
llmheader. Verify that the request succeeds with a 200 HTTP response code.
Cleanup
You can remove the resources that you created in this guide.
kubectl delete GlooTrafficPolicy rbac-policy -n gloo-system
kubectl delete httproute google -n gloo-system
kubectl delete Backend google -n gloo-system
kubectl delete secret google-secret -n gloo-system