Via REST API
Before you begin¶
- You can use the below sample
apk-conf
file to create an API. For reference follow Quick Start Guide documentation.
name: "Interceptor API"
basePath: "/interceptor-api"
version: "1.0.0"
type: "REST"
defaultVersion: false
endpointConfigurations:
production:
endpoint: "http://backend-svc.ns:9082"
operations:
- target: "/books"
verb: "POST"
secured: true
scopes: []
- target: "/offers"
verb: "POST"
secured: true
scopes: []
Adding API-level interceptors¶
Sample code snippets
The following is a sample code snippet that defines how you can attach Interceptor API Policies at the API-level within an API APK configuration file.
name: "Interceptor API"
basePath: "/interceptor-api"
version: "1.0.0"
type: "REST"
defaultVersion: false
endpointConfigurations:
production:
endpoint: "http://backend-svc.ns:9082"
operations:
- target: "/books"
verb: "POST"
secured: true
scopes: []
- target: "/offers"
verb: "POST"
secured: true
scopes: []
apiPolicies:
request:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
response:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
Attach an Interceptor API Policy to the Request Flow Only
apiPolicies:
request:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
Attach an Interceptor API Policy to the Response Flow Only
apiPolicies:
response:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
Attach an Interceptor API Policy to Request and Response Flows
apiPolicies:
request:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
response:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
Adding operation-level interceptors¶
Sample code snippets
The following is a sample code snippet that defines how you can attach Interceptor API Policies at the Operation-level within an API APK configuration file.
name: "Interceptor API"
basePath: "/interceptor-api"
version: "1.0.0"
type: "REST"
defaultVersion: false
endpointConfigurations:
production:
endpoint: "http://backend-svc.interceptor:9082"
operations:
- target: "/books"
verb: "POST"
secured: true
scopes: []
operationPolicies:
request:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
response:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
- target: "/offers"
verb: "POST"
secured: true
scopes: []
Attach an Interceptor API Policy to the Request Flow Only
operationPolicies:
request:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
Attach an Interceptor API Policy to the Response Flow Only
operationPolicies:
response:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
Attach an Interceptor API Policy to Request and Response Flows
operationPolicies:
request:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
response:
- policyName: "Interceptor"
policyVersion: v1
parameters:
backendUrl: "https://interceptor-svc.ns:9081"
headersEnabled: true
bodyEnabled: true
trailersEnabled: true
contextEnabled: true
tlsSecretName: "interceptor-cert"
tlsSecretKey: "ca.crt"
Configuration definitions¶
The following are the configurations that you need when attaching API Policies to an API when working with the REST API interface.
Configuration | Description |
---|---|
operationPolicies |
This defines that the API Policy will be applied as an operation Policy, which will be only applicable to the specific operation within the API. |
apiPolicies |
This defines that the API Policy will be applied as an API-level Policy, which will be global to all the operations within the specific API. |
request |
Defines that the API Policies should be attached to the Request Flow. |
response |
Defines that the API Policies need to be attached to the Response Flow |
policyName |
Defines the default policy names. For interceptor API policies this should equal to Interceptor . |
policyVersion |
Defines the version of the API policy. |
parameters |
This defines the request/response interceptor parameters |
headersEnabled |
Indicates whether request/response header details should be sent to the interceptor service |
bodyEnabled |
Indicates whether request/response body details should be sent to the interceptor service |
contextEnabled |
Indicates whether context details should be sent to the interceptor service |
trailersEnabled |
Indicates whether request/response trailer details should be sent to the interceptor service |
backendUrl |
Backend URL of the interceptor service |
tlsSecretName |
Optional parameter which indicates the reference name for Kubernetes ConfigMap resource which contains the tls information |
tlsSecretKey |
Optional parameter which Indicates the tls key name |
Deploy APK configuration¶
Refer Quick Start Guide to deploy the API using APK configuration.