API Connect

API Connect

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

Global Policies for Corporate Governance

By Pramodh Vr posted Tue October 29, 2019 11:05 PM

  
Global policies allow you to enforce corporate standards and centralize governance with common security and logging policies. And all of these without impacting API development. Global policies can be set up to be executed just before, or just after, each of your API assemblies. Thus it allows enforcement of common enterprise policies across all APIs.

The video below walks you through uploading and setting up a global policy. You can find the artifacts used in the demo here

[video width="640" height="360" m4v="http://developer.ibm.com/apiconnect/wp-content/uploads/sites/23/2019/10/Global-Policy.m4v"][/video]

You can read more on this on the knowledge center

After I posted this video, one of my friends had reached out for a sample for using Redact policy within the context of Global Policies. I created a sample here
1 comment
26 views

Permalink

https://community.ibm.com/community/user/blogs/pramodh-vr1/2019/10/29/global-policies-for-corporate-governance

Comments

Pramodh Vr
Fri May 22, 2020 07:07 PM

I got an inquiry on the commands I used. I realized the video quality is not great.

Command to upload the global policy. It is scoped to a gateway service that has been configured.

apic global-policies:create --scope catalog --server [server-name] --org [org-name] --catalog [catalog-name] --configured-gateway-service [configured-gw-service-name] [global-policy-file.yaml]

Copy the output resource identifier URL from the above command. Put them in a yaml file with the key global_policy_url (you can find the sample file in the github repo)

To set this global policy as the pre-hook

apic global-policy-prehooks:create --scope catalog --server [server-name] --org [org-name] --catalog [catalog-name] --configured-gateway-service [configured-gw-service-name] [Yaml file with the o/p url]

If you are using a post-hook, you will use the global-policy-posthooks