{{announcement.body}}
{{announcement.title}}

Applying Automated Policies to APIs

DZone 's Guide to

Applying Automated Policies to APIs

Let's look at applying Automated Policies to an API.

· Integration Zone ·
Free Resource

Sometimes, developers are needed to apply a policy or, say, the same set of policies to a number of APIs. It makes it tiring and boring for the developers to perform the same activity again and again. This is where the new feature of Anypoint Platform comes in handy, called Automated Policies.

What Are Automated Polices?

Automated Policies make it easier for developers or Anypoint Platform administrators to apply the same set of policies to all your APIs.

This allows the API owners to deploy the API with confidence and know that the environment in which they are deploying will have critical policies enforced and they, therefore, no longer have to remember to insert the policies to the APIs.

  • Automated Policies are only available for Mule 4 APIs using the Mulesoft Anypoint Platform.
  • Automated Policies support all runtime deployment targets such as CloudHub, Runtime Fabrics, and Hybrid.

Step 1: Creating API

In the Design Center in Anypoint Platform, create a simple RAML file that can be tested with applying Automated Policies.

Image title

Step 2: Publish to Exchange

Once the API is created and tested using the Mocking service, publish the API to Exchange.

Image title

Step 3: Managing the API in API Manager

Once API is successfully published into Exchange, proceed to the API MANAGER to manage the API. The created API will be successfully called and handled in there.

Image title

Step 4: Configuring Automated Policies

In the API MANAGER, on the left side panel, is the AUTOMATED POLICIES section. Click on it to apply different policies to your APIs, lowering the workload of applying it every time to each and every one of them.

In my case, I am applying Client Id Enforcement and IP Blacklisting, but you can apply any number of policies from the different ones provided.

Image title

When configuring an automated policy, at the bottom of the policy configuration page, there is a rule. This rule dictates that the set of runtimes that will be affected by the policy:

  • Apply to all supported runtimes (4.1.1 and above). All API proxies based on Mule 4.1.1 and later will be affected by the policy.
  • Apply to a specific set of runtimes. You can configure a range of runtime versions to inherit the automated policy. For example, if the input From is 4.1.2 and the To value is 4.1.4, the automated policy will be applied to all deployed APIs inside this range. An API deployed on 4.1.5 won’t be affected by the policy.

Image title

Step 5: Deploying the API to CloudHub

In Anypoint Studio, import the newly created API from the Exchange and deploy it to CloudHub.

Here, I have used the concept of API AUTODISCOVERY. You can also use it by referring to one of my previous posts, for which I have provided the link below, rather than making this article a bit more lengthy.

Using API Autodiscovery in Anypoint Platform

Image title

Step 6: Reviewing the Automated Policies

Once the API is deployed and it is up and running, head to the API MANAGER to see if the policies are applied to the API.

In API MANAGER, head to the polices section and you can see that Policies are applied, and if you want to, you can add more policies to the API by clicking on the APPLY NEW POLICY button.

Image title

Conclusion

The Automated Policies option has saved time for developers. In this article, because of a single API, you are not able to calculate the amount of time being saved, but take a case when there are 20 to 30 APIs and all of them need to be applied and configured with the same policies. That would make it much more time-consuming. Therefore, having an option that simplifies work for developers to such an extent is great.

Topics:
integration ,mule 4 ,tutorial ,automated policies ,anypoint platform ,create an api ,exchange

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}