API Gateway 11.1 | Getting Started with API Gateway | Global Policies
 
Global Policies
Global policies are a set of policies associated globally with all APIs or a selected set of APIs.
When you create an API, you can enforce a policy only at the API level. If an organisation wants to enforce a policy for multiple APIs, API Gateway provides the capability of creating a global policy that can be applied across all APIs or a selected set of APIs depending on the requirement. By associating policies globally to all APIs or a selected set of APIs, as an administrator you can ensure that a set of policies is consistently applied to all APIs or a set of APIs by default. For example, you can apply a threat protection policy to all APIs by creating a global policy that addresses data protection and security concerns.
API Gateway provides a default system policy Transaction logging, which has log invocation policy and filters associated to log request or response payloads to a specified destination. These transactions are monitored and logged across all APIs in API Gateway. When you activate Transaction logging, Logging Invocation policy is enforced on all APIs.
Let’s look at a sample scenario, where you create a global policy Transport Global. This global policy has the Enable HTTP/HTTPS policy configured and applied to all APIs that do not have ODATA in their name.
Ensure that you have the Manage global policies functional privilege to create a global policy.
*To create a global policy and apply it to a set of APIs
1. Click Policies in the top navigation bar.
2. Click Global policies > Create global policy.
3. In the Basic information section, provide the following details:
*Name - Transport Global
*Description - Global Policy
Create global policy
4. Click Continue to filters > or click Filters in the left navigation panel.
5. Select all the API Type.
6. Select all the HTTP methods in the Filter using HTTP methods section for this example.
Filter HTTP methods
7. In the Filter using attributes select the following values to filter APIs having ODATA as part of their name.
*Attribute: API Name
*Operator: Not Contains
*Value: ODATA
Add filter
8. Click Continue to policy configuration.
9. Select Transport and click on Enable HTTP/HTTPS to configure the policy.
10. Select the protocol HTTP in the policy properties section.
Policy configuration
11. Click Save.
The global policy is created and the policy details page appears. It also lists the APIs for which this global policy is configured.
View policy details
12. Click Activate to activate the global policy.
13. Verify the configured global policy.
a. Select the API Petstore Debugging from the APIs section in the global policy.
In the policies tab for the API, the globe icon Globe icon for Transport > Enable HTTP/HTTPS indicates that the policy is applied at a global level.
View global policy