Working with policy sequence

A policy sequence organizes multiple policies and applies them in a specified order to enforce consistent API behavior.

The following specifications are a part of the file structure of a policy sequence:

  • kind. The value of the kind field specifies the type of policy sequence. The exact value depends on the gateway:
    • webMethods API Gateway uses StagedPolicySequence, where policies are defined in predefined, sequential stages with a fixed execution order.
    • DataPower Gateway uses DataPowerAssembly, where policies are defined as ordered processing actions within an assembly, and executed in the sequence in which they are defined.
    • DataPower Nano Gateway uses FreeFlowPolicySequence, where policies are defined without predefined stages, allowing flexible arrangement of policy execution.
  • apiVersion. Defines the API schema version.
  • metadata. The metadata section contains identifying attributes of the policy sequence. It can include details such as:
    • name. Unique identifier of the policy sequence.
    • namespace. Logical grouping or scope where the policy sequence is defined.
    • version. Version number of the policy sequence.
    • tags. Keywords used for categorization.
    • labels. Labels categorize a policy sequence for identification, filtering, and management. You can define labels with any user-defined values. For example:
      labels:
    gatewayTypes:
      - webMethods

      In this example, the gatewayTypes label uses a gateway name as a sample value. This example only shows one possible use. Labels can represent any classification that makes sense.

  • spec. Lists referenced policies under appropriate categories.
Referencing policies

A policy is referenced in a policy sequence file using the $ref parameter in the format:

$ref: namespace:name:version
The components of this reference include:
  • name. This is the label/identifier for the policy.
  • namespace. This is the group label/identifier used to organize related policies. Namespaces are used to group related assets under a common category in order to organize the policies.
  • version. This is a user-defined value that indicates the version of the policy. It helps track changes and manage updates over time.

You can link the policy sequence to an API or a Global policy by using the policy-sequence parameter, following the same $ref format.

A sample for policy sequence is as follows:

kind: StagedPolicySequence
metadata:
  name: policy_sequence
  version: 1.0
  namespace: sample
  tags:
    - dev_policies
spec: #Lists all the stages with policies in each of them
    
    transport: 
      - $ref: sample:transport_protocol:1
    
    security:  
      - $ref: sample:identify_and_authorize:1.0
    
    monitoring: 
      - $ref: sample:log_invocation:1.0
      - $ref: sample:rate-limiter:1.0
      - $ref: sample:service_cache:1.0
      - $ref: sample:monitor:1.0

This policy sequence file references multiple policies, ensuring they are applied in a structured manner. The transport section links to the Transport_policy, while the routing section links to Routing_policy, both under the default namespace.