Global Policies
Global policies are a set of policies associated globally with all APIs or the selected set of APIs.
When you create an API, you can enforce a policy only at the API level. If an organisation wants to enforce a policy for multiple APIs, API Studio provides the capability of creating a global policy that can be applied across all APIs or a selected set of APIs depending on the requirement. By associating policies globally to all APIs or a selected set of APIs, as an administrator you can ensure that a set of policies is applied to the selected APIs by default. For example, you can apply a threat protection policy to all APIs by creating a global policy that addresses data protection and security concerns.
In API Studio, this policy is identified by the kind GlobalPolicy.
Here is a sample code for a Global policy.
kind: GlobalPolicy
apiVersion: api.webmethods.io/beta
metadata:
name: global_policy
version: 1.0
namespace: sample
spec:
filter: |
(${apiType} equals REST) and
(${apiName} endsWith Sample) and
(${apiVersion} equals 1.0) and
(${apiDescription} contains [finance, shopping]) and
(${apiVersion} equals 1.0) and
(${apiTags} contains swagger)
and (${apiMethod} contains [ GET, POST, PUT, DELETE, PATCH, HEAD ])
# operator maybe equals, notEquals, contains, notContains, startsWith, notStartsWith, endsWith
policy-seq:
- $ref: sample:policy_sequence:1.0The structure in the code view and what it denotes is as follows.
| Type | Description |
|---|---|
| kind | GlobalPolicy. This denotes the asset type, global policy. |
| metadata | This denotes the metadata or details of the asset type. It covers the following metatdata:
|
| spec | This denotes various policy properties you can configure for the policy. You can configure the following policy properties: |