yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
71ea4df1c7c89f1fb0846011b608e99c233cfa5d
doc-exports/docs/apig/umn/apig_03_0019.html
Sebastian Gode 25107e5284 add sample data
2026-04-02 12:21:14 +00:00

63 lines
14 KiB
HTML
Raw Blame History

<a name="apig_03_0019"></a><a name="apig_03_0019"></a>
<h1 class="topictitle1">Creating a Policy and Binding It to APIs</h1>
<div id="body0000001151883501"><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p8060118">APIG provides flexible API control policies.</p>
<div class="notice" id="apig_03_0019__en-us_topic_0000001221774151_note57416114217"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="apig_03_0019__en-us_topic_0000001221774151_p67413172112">Policy parameters will be stored as plaintext. To prevent information leakage, do not contain sensitive information in these parameters.</p>
</div></div>
<div class="section" id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_section126118109015"><h4 class="sectiontitle">Guidelines</h4><ul id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_ul31302019166"><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li61412202167">An API can be bound with only one policy of the same type.</li><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li171414205167">Policies are independent of APIs. A policy takes effect for an API only after they are bound to each other. When binding a policy to an API, you must specify an environment where the API has been published. The policy takes effect for the API only in the specified environment.</li><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li161492017168">After you bind a policy to an API, unbind the policy from the API, or update the policy, you do not need to publish the API again.</li><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li1914520161618">Taking an API offline does not affect the policies bound to it. The policies are still bound to the API if the API is published again.</li><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li14143201167">Policies that have been bound to APIs cannot be deleted.</li></ul>
</div>
<div class="section" id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_section113987302438"><h4 class="sectiontitle">Creating a Policy</h4><ol id="apig_03_0019__en-us_topic_0000001221774151_ol718517582599"><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0089184725_en-us_topic_0080101677_li1831115541819"><span>Go to the APIG console.</span></li><li id="apig_03_0019__en-us_topic_0000001221774151_li146845016393"><span>Select a dedicated gateway at the top of the navigation pane.</span></li></ol><ol start="3" id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_ol1110972917442"><li id="apig_03_0019__en-us_topic_0000001221774151_li7182164811610"><span>In the navigation pane, choose <strong id="apig_03_0019__en-us_topic_0000001221774151_b10101121442012">API Management</strong> &gt; <strong id="apig_03_0019__en-us_topic_0000001221774151_b111079144202">API Policies</strong>.</span></li><li id="apig_03_0019__en-us_topic_0000001221774151_li1137717342134"><span>On the <strong id="apig_03_0019__en-us_topic_0000001221774151_b2060952010613">Policies</strong> tab, click <strong id="apig_03_0019__en-us_topic_0000001221774151_b950610151613">Create Policy</strong>.</span></li><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li370775844714"><span>Click the desired policy type.</span><p><ul id="apig_03_0019__en-us_topic_0000001221774151_ul1891464711259"><li id="apig_03_0019__en-us_topic_0000001221774151_li12914174717255"><strong id="apig_03_0019__en-us_topic_0000001221774151_b1121131120238">Plug-in policies</strong><div class="p" id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p122651727155013">Set the policy information.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_table1728992794813" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Policy configuration</caption><thead align="left"><tr id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_row1029013278486"><th align="left" class="cellrowborder" valign="top" width="30%" id="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.1"><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p139448393488">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="70%" id="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.2"><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p18944139184816">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_row162901327184819"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.1 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p794493934818">Name</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.2 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p1094413391486">Enter a policy name that conforms to specific rules to facilitate search.</p>
</td>
</tr>
<tr id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_row10290927134813"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.1 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p1944193917489">Type</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.2 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p4944103914480">Type of the policy, which determines the extension capabilities.</p>
<div class="note" id="apig_03_0019__en-us_topic_0000001221774151_note2580135814283"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="apig_03_0019__en-us_topic_0000001221774151_p1558225815280">If a policy type is not supported by your gateway, contact technical support to upgrade the gateway to the latest version.</p>
</div></div>
<ul id="apig_03_0019__en-us_topic_0000001221774151_ul147161659193110"><li id="apig_03_0019__en-us_topic_0000001221774151_li1471618595312"><strong id="apig_03_0019__en-us_topic_0000001221774151_b126111523155513">CORS</strong>: Provides the capabilities of specifying preflight request headers and response headers and automatically creating preflight request APIs for cross-origin API access.</li><li id="apig_03_0019__en-us_topic_0000001221774151_li1716105963115"><strong id="apig_03_0019__en-us_topic_0000001221774151_b14958237205518">HTTP Response Header Management</strong>: Enables you to customize HTTP response headers that will be displayed in an API response.</li><li id="apig_03_0019__en-us_topic_0000001221774151_li1225285615719"><strong id="apig_03_0019__en-us_topic_0000001221774151_b6382142016121">Request Throttling 2.0</strong>: Limits the number of times that an API can be called within a specific time period. Parameter-based, basic, and excluded throttling is supported.</li><li id="apig_03_0019__en-us_topic_0000001221774151_li1111151513216"><strong id="apig_03_0019__en-us_topic_0000001221774151_b134828291416">Kafka Log Push</strong>: Pushes API calling logs to Kafka so that you can view these logs.</li><li id="apig_03_0019__en-us_topic_0000001221774151_li88881723836"><strong id="apig_03_0019__en-us_topic_0000001221774151_b15298135971317">Circuit Breaker</strong>: Protects your backend service when a performance issue occurs.</li><li id="apig_03_0019__en-us_topic_0000001221774151_li177811410111"><strong id="apig_03_0019__en-us_topic_0000001221774151_b2165144518161">Third-Party Authorizer</strong>: Authenticates API requests with your own service.</li></ul>
</td>
</tr>
<tr id="apig_03_0019__en-us_topic_0000001221774151_row7599151364114"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.1 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p15945839184813">Description</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.2 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p8945539124814">Description about the plug-in.</p>
</td>
</tr>
<tr id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_row182901827164816"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.1 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p394593913485">Policy Content</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.3.3.2.1.1.2.1.2.3.1.2 "><p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p14945163913481">Content of the plug-in, which can be configured in a form or using a script.</p>
<p id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_p494514395487">The plug-in content varies depending on the plug-in type:</p>
<ul id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_ul48331418474"><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li58333186720"><a href="apig_03_0021.html#apig_03_0021">CORS</a></li><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li38341618871"><a href="apig_03_0022.html#apig_03_0022">HTTP Response Header Management</a></li><li id="apig_03_0019__en-us_topic_0000001221774151_li116141856580"><a href="apig_03_0054.html#apig_03_0054">Request Throttling 2.0</a></li><li id="apig_03_0019__en-us_topic_0000001221774151_li71896425561"><a href="apig_03_0061.html#apig_03_0061">Kafka Log Push</a></li><li id="apig_03_0019__en-us_topic_0000001221774151_li0309132105614"><a href="apig_03_0023.html#apig_03_0023">Circuit Breaker</a></li><li id="apig_03_0019__en-us_topic_0000001221774151_li1436983917103"><a href="apig_03_0077.html#apig_03_0077">Third-Party Authorizer</a></li></ul>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</li><li id="apig_03_0019__en-us_topic_0000001221774151_li137491210269"><strong id="apig_03_0019__en-us_topic_0000001221774151_b8538192818442">Traditional policies</strong><p id="apig_03_0019__en-us_topic_0000001221774151_p216217485346">The policy content varies depending on the policy type:</p>
<ul id="apig_03_0019__en-us_topic_0000001221774151_ul0165145515346"><li id="apig_03_0019__en-us_topic_0000001221774151_li18679194313417"><a href="apig_03_0025.html#apig_03_0025">Request Throttling</a></li><li id="apig_03_0019__en-us_topic_0000001221774151_li172562718356"><a href="apig_03_0027.html#apig_03_0027">Access Control</a></li><li id="apig_03_0019__en-us_topic_0000001221774151_li99397164356"><a href="apig_03_0028.html#apig_03_0028">Signature Keys</a></li></ul>
</li></ul>
</p></li><li id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_li19109142924410"><span>Click <strong id="apig_03_0019__en-us_topic_0000001221774151_b1275410503448">OK</strong>.</span><p><ul id="apig_03_0019__en-us_topic_0000001221774151_ul18334414115613"><li id="apig_03_0019__en-us_topic_0000001221774151_li133351014125618">To clone this policy, click <strong id="apig_03_0019__en-us_topic_0000001221774151_b995111582546">Clone</strong> in the <strong id="apig_03_0019__en-us_topic_0000001221774151_b204471192551">Operation</strong> column.<div class="note" id="apig_03_0019__en-us_topic_0000001221774151_note165441445125319"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="apig_03_0019__en-us_topic_0000001221774151_ul133541495612"><li id="apig_03_0019__en-us_topic_0000001221774151_li2335181412567">The name of a cloned policy cannot be the same as that of any existing policy.</li><li id="apig_03_0019__en-us_topic_0000001221774151_li1533581455617"><strong id="apig_03_0019__en-us_topic_0000001221774151_b033415153572">Request throttling</strong> and <strong id="apig_03_0019__en-us_topic_0000001221774151_b391031715576">signature key</strong> policies cannot be cloned.</li></ul>
</div></div>
</li><li id="apig_03_0019__en-us_topic_0000001221774151_li933561485617">After the policy is created, perform the operations described in test_policy <a href="#apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_section020918935713">Binding the Policy to APIs</a> for the policy to take effect for the API.</li></ul>
</p></li></ol>
</div>
<div class="section" id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_section020918935713"><a name="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_section020918935713"></a><a name="en-us_topic_0000001221774151_en-us_topic_0000001151883501_section020918935713"></a><h4 class="sectiontitle">Binding the Policy to APIs</h4><ol id="apig_03_0019__en-us_topic_0000001221774151_en-us_topic_0000001151883501_ol1356962619589"><li id="apig_03_0019__en-us_topic_0000001221774151_li53566433142"><span>Click a policy name to go to the policy details page.</span></li><li id="apig_03_0019__en-us_topic_0000001221774151_li1350414233155"><span>In the <strong id="apig_03_0019__en-us_topic_0000001221774151_b253612484616">APIs</strong> area, select an environment and click <strong id="apig_03_0019__en-us_topic_0000001221774151_b17559174011464">Select APIs</strong>.</span></li><li id="apig_03_0019__en-us_topic_0000001221774151_li1218216522159"><span>Select the API group, environment, and required APIs.</span></li><li id="apig_03_0019__en-us_topic_0000001221774151_li131891433203"><span>Click <strong id="apig_03_0019__en-us_topic_0000001221774151_b914315914475">OK</strong>.</span><p><ul id="apig_03_0019__en-us_topic_0000001221774151_ul514320193525"><li id="apig_03_0019__en-us_topic_0000001221774151_li16143111911526">If an API no longer needs this policy, click <strong id="apig_03_0019__en-us_topic_0000001221774151_b4321503488">Unbind</strong> in the row that contains the API.</li><li id="apig_03_0019__en-us_topic_0000001221774151_li191431319145211">If there are multiple APIs that no longer need this policy, select these APIs, and click <strong id="apig_03_0019__en-us_topic_0000001221774151_b11659101474819">Unbind</strong> above the API list. You can unbind a policy from a maximum of 1000 APIs at a time.</li></ul>
</p></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="apig_03_0017.html">API Policies</a></div>
</div>
</div>
View Git Blame Copy Permalink