APIPolicy
Package v1alpha2 contains the API Schema definitions for WSO2 APK.
API Policy¶
APIPolicy is the Schema for the apipolicies API
Field | Description | ||||||
---|---|---|---|---|---|---|---|
apiVersion
string
|
dp.wso2.com/v1alpha2
|
||||||
kind
string
|
APIPolicy |
||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||
spec
APIPolicySpec
|
|
||||||
status
APIPolicyStatus
|
APIPolicySpec ¶
(Appears on: APIPolicy)
APIPolicySpec defines the desired state of APIPolicy
Field | Description |
---|---|
default
PolicySpec
|
|
override
PolicySpec
|
|
targetRef
sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference
|
APIPolicyStatus ¶
(Appears on: APIPolicy)
APIPolicyStatus defines the observed state of APIPolicy
BackendJWTToken ¶
(Appears on: PolicySpec)
BackendJWTToken holds backend JWT token information
Field | Description |
---|---|
name
string
|
Name holds the name of the BackendJWT resource. |
CORSPolicy ¶
(Appears on: PolicySpec)
CORSPolicy holds CORS policy information
Field | Description |
---|---|
accessControlAllowCredentials
bool
|
(Optional)
AllowCredentials indicates whether the request can include user credentials like cookies, HTTP authentication or client side SSL certificates. |
accessControlAllowHeaders
[]string
|
(Optional)
AccessControlAllowHeaders indicates which headers can be used during the actual request. |
accessControlAllowMethods
[]string
|
(Optional)
AccessControlAllowMethods indicates which methods can be used during the actual request. |
accessControlAllowOrigins
[]string
|
(Optional)
AccessControlAllowOrigins indicates which origins can be used during the actual request. |
accessControlExposeHeaders
[]string
|
(Optional)
AccessControlExposeHeaders indicates which headers can be exposed as part of the response by listing their names. |
accessControlMaxAge
int
|
(Optional)
AccessControlMaxAge indicates how long the results of a preflight request can be cached in a preflight result cache. |
InterceptorReference ¶
(Appears on: PolicySpec)
InterceptorReference holds InterceptorService reference using name and namespace
Field | Description |
---|---|
name
string
|
Name is the referced CR’s name of InterceptorService resource. |
PolicySpec ¶
(Appears on: APIPolicySpec)
PolicySpec contains API policies
Field | Description |
---|---|
requestInterceptors
[]InterceptorReference
|
(Optional)
RequestInterceptors referenced to intercetor services to be applied to the request flow. |
responseInterceptors
[]InterceptorReference
|
(Optional)
ResponseInterceptors referenced to intercetor services to be applied to the response flow. |
backendJwtPolicy
BackendJWTToken
|
BackendJWTPolicy holds reference to backendJWT policy configurations |
cORSPolicy
CORSPolicy
|
CORS policy to be applied to the API. |
subscriptionValidation
bool
|
(Optional)
SubscriptionValidation denotes whether subscription validation is enabled for the API |
Generated with gen-crd-api-reference-docs
.
API Policy Samples¶
Refer to Manage API Policy for more information on how to configure an API Policy with an API.
CORS Policy¶
apiVersion: dp.wso2.com/v1alpha1
kind: APIPolicy
metadata:
name: sample-api-policy
spec:
override:
cORSPolicy:
enabled: true
accessControlAllowCredentials: true
accessControlAllowOrigins:
- "*"
accessControlAllowHeaders:
- authorization
accessControlAllowMethods:
- GET
- POST
accessControlExposeHeaders:
- "*"
targetRef:
group: dp.wso2.com
kind: API
name: sample-api
Configuration Definition¶
Configuration | Description | Sample Values |
---|---|---|
enabled |
Determines whether or not the API Gateway should enable CORS for the API. If the value is set to true, the API Gateway will set the CORS headers in the response. | true, false |
accessControlAllowCredentials |
Determines whether or not the response to the request can be exposed to the page. It can be exposed when the header value is true. The header value can be set to true/false by enabling/disabling the Access Control Allow Credentials configuration. | true, false |
accessControlAllowOrigins |
Determines whether a resource can be shared with the resource of a given origin. The API Gateway validates the origin request header value against the list of origins defined under the Access Control Allow Origins configuration (this can be All Allow Origins or a specific value like localhost). If the host is in the allowed origin list, it will be set as the Access-Control-Allow-Origin response header in the response. | * (allow all origins), localhost, *.wso2.com |
accessControlAllowHeaders |
Determines, as part of the response to a preflight request (a request that checks to see if the CORS protocol is understood), which header field names can be used during the actual request. The Gateway will set the header values defined under Access Control Allow Headers configurations. | authorization, Access-Control-Allow-Origin, Content-type, SOAPAction, apikey, Internal-Key |
accessControlAllowMethods |
Determines the method(s) allowed when accessing the resource in response to a preflight request. Required methods can be defined under the Access Control Allow Method configuration. | GET, PUT, POST, DELETE, PATCH, OPTIONS |
accessControlExposeHeaders |
Determines the headers that are safe to expose to the API. The Gateway will set the header values defined under Access Control Expose Headers configurations. | *, Cache-Control, Content-Language, Content-Length, Content-Type |
Interceptor Policy¶
The following is a sample Interceptor API Policy CR.
apiVersion: dp.wso2.com/v1alpha1
kind: APIPolicy
metadata:
name: interceptor-api-policy-resource-level
spec:
override:
requestInterceptors:
- name: request-interceptor
responseInterceptors:
- name: response-interceptor
targetRef:
group: gateway.networking.k8s.io
kind: Resource
name: my-http-route
Configuration Definition¶
Configuration | Description | Sample Values |
---|---|---|
requestInterceptors |
Determines the list of names as references of InterceptorService custom resources for intercepting requests to the targeted resource. |
name: request-interceptor |
responseInterceptors |
Determines the list of names as references of InterceptorService custom resources for intercepting responses from the targeted resource. |
name: response-interceptor |
targetRef |
Determines the resource references to which the APIPolicy will be applied. |