Defining, packaging, and publishing a catalog-scoped policy for the API Gateway

Create a catalog-scoped, user-defined policy that can be used in API assemblies within the catalog where the policy is published.

About this task

When a catalog-scoped policy is published, you can only use it in the API Assembler's Policy palette for APIs contained within the same catalog where the policy was published. Complete the following tasks to define, package, and publish the catalog-scoped policy.

Tip: During this task, you will create several zip files. On Mac OS X, run the zip command on the command line with the following flags: 
-x ".DS_Store" -x "__MACOSX"

Including the flags prevents the auto-generated .DS_Store and __MACOSX files from being added to the zip.

Step 1: Define a catalog-scoped policy for API Gateway

Use the DataPower Web GUI to define a new policy that can be used in API assemblies within the catalog where the policy is published.

Procedure

  1. Log in to the DataPower Web GUI.
  2. Create a new "test" domain and then switch to it.

    This test domain will be used as a "sandbox" to build and export the custom policies.

  3. Navigate to Assembly Function and create a new object:
    1. Name the object <org-name>_<catalogname>_udp-<policyname>_<version>.
      Example: "testorg_stagecatalog_udp-testpolicy_1.0.0". Use the same name for all of the objects that you create in this task.
      Note: This naming convention specifies the provider organization and catalog where the policy will be available, as well as the policy's name and version.
    2. Under the "Assembly" property, create a new Assembly.
    3. Under the new Assembly, create a new Rule.
    4. Under the new Rule, create a new API Action.
    5. Optionally add an implementation file for the new Action.

      For example, an XSLT Action requires an XSL file. Create the file in the using the following path and name (where "udp" refers to user-defined policy:

      local:///<udp-name>/<udp-name>.<file-extension>

    6. Click Apply and then save all of the new objects.
  4. Export the new user-defined policy.
    1. Navigate to the newly created Assembly Function.
    2. Click Export to export the new user-defined policy to a file named <policyname>_<version>.zip.
    3. Open the exported <policyname>_<version>.zip file and confirm that all referenced files are included.
    4. Delete the dp-aux folder from the zip.
      This optional folder requires a lot of storage space and might cause a problem when you package and publish the new policy in the next task.

Step 2: Package and publish a catalog-scoped policy for API Gateway

Decide how you want the new catalog-scoped policy to be managed, and then publish it to make it available to API assemblies within a particular catalog.

About this task

Be sure to complete Step 1: Define a catalog-scoped policy for API Gateway before attempting to package and publish the new policy.

There are two methods for packaging and publishing a user-defined policy, based on how you want the policy to be managed:

Step 2, Option A: Package and publish a catalog-scoped policy directly in the DataPower configuration

Package and publish a catalog-scoped policy so it can be stored directly on the DataPower API Gateway.

About this task

When you store a catalog-scoped policy on the DataPower API Gateway, the policy exists in the gateway's startup domain configuration and will be unaffected by the API Manager lifecycle. If you want to store the catalog-scoped policy directly on DataPower, you do not need to package it for API Manager. If you want to store the catalog-scoped policy directly on DataPower, you do not need to package it for API Manager. Instead, complete the following steps.

Procedure

  1. Import the custom policy created in Step 1: Define a catalog-scoped policy for API Gateway to the application domain for every DataPower node in the cluster.
  2. Proceed to Step 3: Create and publish a policy.yaml file, where you will create a file that describes the new policy so that API Manager can support it.

Step 2, Option B: Package and publish a catalog-scoped policy as a gateway extension that API Connect manages

Package and publish a catalog-scoped policy as a gateway extension in API Connect.

Before you begin

The xml-manager must be enabled on the default domain of every gateway that will have a gateway-extension published to it.

About this task

When you publish a catalog-scoped policy as a gateway extension in API Connect, it is subject to the API Manager lifecycle. The individual assembly functions will not be added to the API Connect Gateway Service (only global-scoped policies are added to the service).

Procedure

  1. Rename the <policyname>_<version>.zip file (that you created in Step 1: Define a catalog-scoped policy for API Gateway) to <org-name>_<cat-name>_<policyname>_<version>.zip.

    The new file name indicates the provider organization and the catalog where the policy will be used.

  2. Create a gateway-extension manifest.json file as explained in Gateway extensions manifest.

    The manifest contains one or more entries. The following example contains a sample entry for the new catalog-scoped policy and references the new policy filename. 

                {
                "filename": "<org-name>_<cat-name>_<policyname>_<version>.zip",
                "deploy": "immediate",
                "type": "dp-import",
            },
  3. Create a new zip file called gateway-extension.zip that contains the following files:
    • manifest.json
    • <org-name>_<cat-name>_<policyname>_<version>.zip
  4. Publish the new gateway extension using the API Conref Toolkit or the Cloud Manager UI:
    • API Connect Toolkit:

      Use the apic gateway-extensions:create command to publish the gateway extension as explained in the apic gateway-extensions topic.

    • Cloud Manager UI:

      Complete the following steps to publish the gateway extension from Cloud Manager:

      1. Log in to Cloud Manager.
      2. Click Topology > > Configure gateway extensions > Upload gateway-extension.zip file and upload your new gateway-extension.zip file.
  5. Verify that the new catalog-scoped policy is available in the API Assembler's Policy palette.
    1. Log in to API Manager and open the Catalog where you published the new catalog-scoped policy.
    2. Create an API.
    3. Open the API Assembler page and view the Policy palette; verify that your new catalog-scoped policy displays and can be added to the API.

Step 3: Create and publish a policy.yaml file

Create a file that describes the properties of the catalog-scoped policy, and then publish it to make it accessible to API Manager.

Procedure

  1. Create a YAML file that describes the new catalog-scoped policy.
    1. Create a file named <policyname>.yaml.
    2. Paste the following content into the new file: 
      attach:
- rest
- soap
policy: 1.0.0
info:
  title: <policyname>
  name: <policyname>
  version: 1.0.0
  description: <description-here>
properties:
  $schema: 'http://json-schema.org/draft-04/schema#'
  type: object
  properties:
    exampleProperty:
      label: Test Property
      description: Enter any value
      type: string
    exampleProperty2:
      label: Another Test Property
      description: Enter any value
      type: string
  required:
    - exampleProperty2
gateways:
- datapower-api-gateway
    3. Modify the content as needed to correctly describe your new catalog-scoped policy.

      For more information, see Structure of the catalog-scoped user-defined policy YAML file.

    4. Save and close the file.
  2. Create a new zip file called <policyname>.zip that contains the new YAML file.
  3. Publish the new policy using one of the following methods:
    • API Connect Toolkit:

      Use the apic policies:create command to publish the gateway extension as explained in the apic policies:create topic.

    • API Manager:

      Complete the following steps to publish the new policy:

      1. Log in to API Manager.
      2. Click Manage Catalogs > Select Catalog > Gateways > selected_gateway > > View policies and upload your new policy.zip file.
  4. Verify that the new catalog-scoped policy is available in the API Assembler's Policy palette.
    1. In API Manager, select the Catalog where you published the new catalog-scoped policy.
    2. Create an API.
    3. Click Settings icon (next to Save) and for the Target Catalog, select the catalog where you published the new policy.
    4. Save the API.
    5. Open the API Assembler page and view the Policy palette; verify that your new catalog-scoped policy displays and can be added to the API.