Customers might use NSX‑T Ingress as part of a TKGI (Tanzu Kubernetes Grid Integrated Edition) deployment.

As part of security improvements, guidance is requested on enabling specific HTTP security headers in applications:

• X‑XSS‑Protection
• X‑Frame‑Options
• X‑Content‑Type‑Options
• Strict‑Transport‑Security (HSTS)
• Content Security Policy (CSP)

VMware Tanzu Kubernetes Grid Integrated Edition with NSX

The NSX API should be used to enable HTTP security headers via NSX‑T Ingress in TKGI:

PUT/PATCH /policy/api/v1/infra/lb-virtual-servers/<lb-virtual-server-id>

For the precise JSON payload necessary to implement these headers, please consult VMware NSX Support.