Global Policies

Edit online

About this task

Global policies are a set of policies associated globally with all APIs or a selected set of APIs.

When you create an API, you can enforce a policy only at the API level. If an organisation wants to enforce a policy for multiple APIs, API Gateway provides the capability of creating a global policy that can be applied across all APIs or a selected set of APIs depending on the requirement. By associating policies globally to all APIs or a selected set of APIs, as an administrator you can ensure that a set of policies is consistently applied to all APIs or a set of APIs by default. For example, you can apply a threat protection policy to all APIs by creating a global policy that addresses data protection and security concerns.

API Gateway provides a default system policy Transaction logging, which has log invocation policy and filters associated to log request or response payloads to a specified destination. These transactions are monitored and logged across all APIs in API Gateway. When you activate Transaction logging, Logging Invocation policy is enforced on all APIs.

Let’s look at a sample scenario, where you create a global policy Transport Global. This global policy has the Enable HTTP/HTTPS policy configured and applied to all APIs that do not have ODATA in their name.

Ensure that you have the Manage global policies functional privilege to create a global policy.

To create a global policy and apply it to a set of APIs

Procedure

  1. Click Policies in the top navigation bar.
  2. Click Global policies > Create global policy.
  3. In the Basic information section, provide the following details:
    • Name - Transport Global
    • Description - Global Policy
    Import API from file
  4. Click Continue to filters > or click Filters in the left navigation panel.
  5. Select all the API Type.
  6. Select all the HTTP methods in the Filter using HTTP methods section for this example.
    Import API from file
  7. In the Filter using attributes select the following values to filter APIs having ODATA as part of their name.
    • Attribute: API Name
    • Operator: Not Contains
    • Value: ODATA
    Import API from file
  8. Click Continue to policy configuration.
  9. Select Transport and click on Enable HTTP/HTTPS to configure the policy.
  10. Select the protocol HTTP in the policy properties section.
    Import API from file
  11. Click Save.
    The global policy is created and the policy details page appears. It also lists the APIs for which this global policy is configured.
    Import API from file
  12. Click Activate to activate the global policy.
  13. Verify the configured global policy.
    1. Select the API Petstore Debugging from the APIs section in the global policy.

      In the policies tab for the API, the globe icon Import API from file for Transport > Enable HTTP/HTTPS indicates that the policy is applied at a global level.

      Import API from file