Global Policies

What are Global Policies?

Global policies are a set of policies associated globally with all APIs or the selected set of APIs.

When you create an API, you can enforce a policy only at the API level. If an organisation wants to enforce a policy for multiple APIs, API Gateway provides the capability of creating a global policy that can be applied across all APIs or a selected set of APIs depending on the requirement. By associating policies globally to all APIs or a selected set of APIs, as an administrator you can ensure that a set of policies is applied to the selected APIs by default. For example, you can apply a threat protection policy to all APIs by creating a global policy that addresses data protection and security concerns.

API Gateway provides a default system policy Transaction logging, which has log invocation policy and filters associated to log request or response payloads to a specified destination. These transactions are monitored and logged across all APIs in API Gateway. When you activate Transaction logging, Logging Invocation policy is applied to all APIs created.

Ensure that you have the Manage global policies functional privilege to create a global policy.

To create a global policy and apply it to a set of APIs

Let’s look at an example, where you create a global policy Trasport Global. This global policy has the Enable HTTP/HTTPS policy configured and applied to all APIs that do not have ODATA in their name.

  1. Click Policies in the top navigation bar.

  2. Click Global policies > Create global policy.

  3. In the Basic information section, provide the following details:

    • Name - Transport Global
    • Description - Global Policy

  4. Click Continue to filters > or click Filters in the left navigation panel.

  5. Select all the API Type.

  6. Select all the HTTP methods in the Filter using HTTP methods section for this example.

  7. In the Filter using attributes select the following values to filter out APIs having ODATA as part of their name.

    • Attribute - API Name
    • Operator - Not Contains
    • Value - ODATA

  8. Click Continue to policy configuration.

  9. Select Transport and click Enable HTTP/HTTPS to configure the policy.

  10. Select the protocol HTTP in the policy properties section.

  11. Click Save. The global policy is created and the policy details page appears. It also lists the APIs for which this global policy is configured.

  12. Click Activate to activate the global policy.

  13. Verify the configured global policy. Select the API Petstore Debugging from the APIs section in the global policy. In the policies tab for the API, the globe icon icon for Transport > Enable HTTP/HTTPS indicates that the policy is applied at a global level.