Creating a Global Policy
You must have the API Gateway's manage global policies functional privilege assigned.
To create a global policy you must perform the following high-level steps:
1. Create a new global policy: During this step, you specify the basic details of the global policy.
2. Optionally refine the scope of the policy: During this step, you can specify additional criteria to narrow the set of APIs to which the global policy applies.
3. Configure the policies: During this step, you associate one or more policies, and assign values to each of the associated policy's properties.
4. Activate the policy: During this step, you put the new global policy into effect.
To create a global policy
1. Click Policies in the title navigation bar.
2. Click the Global policies tab.
A list of all available global policies appears. Use the Show drop-down list at the bottom of the page to set the maximum number of policies you want to display in a page.
3. In the Policies page, click the Create global policy button.
If you do not see the Create global policy button, it is probably because you do not have the API Gateway Administrator role to create a global policy in API Gateway.
This opens the Create global policy page with the default Policy details tab.
4. In the Basic information section, provide the required information as follows:
Field | Description |
Name | Name of the global policy. |
Description | Description of the global policy. |
You can save the global policy by clicking Save at this stage and add the filters and policy configuration at a later time.
5. Click Continue to filters >.
Alternatively, you can click Filters in the left navigation panel.
6. To filter APIs by API type, select one or more API types.
Available API types are REST, SOAP, and OData. The global policy would apply to the APIs specified by the filter.
7. This is applicable to REST APIs. To filter APIs by HTTP methods, select one or more HTTP methods.
Available HTTP methods are GET, POST, PUT, DELETE, PATCH, and HEAD. The global policy would apply to the APIs that have the methods specified by the filter.
For details about the HTTP methods, see
Refining the Scope of a Global Policy.
8. To filter APIs by attributes:
a. Select an attribute
Available attributes are API name, API description, API version, API tag, Resource/Operation tag, Method tag.
b. Select a comparison operator.
c. Specify the match string.
d. Click + Add.
You can add multiple criteria by clicking the + Add button and repeating the above steps.
e. Select the logical conjunction (AND) or disjunction (OR) operation to apply when multiple criteria are specified for the global policy. The default value is AND.
Example: To apply the global policy to APIs that match the criteria API name that contains pet and API tag that contains a, you can configure a filter as follows:
9. To add multiple attribute filter groups, as required, click the +Add button. and specify the logical conjunction (AND) or disjunction (OR) operation to apply between filter groups. The global policy would apply to the APIs that match the filter groups specified in the filter.
Example: To apply the global policy to APIs that match criteria API name that contains pet and API tag that contains a in filter group 1 and API version that equals 1 in filter group 2, you can configure a filter as follows:
You can save the global policy by clicking Save at this stage and configure policies at a later time.
10. Click Continue to policy configuration >.
Alternatively, you can click the Policy configration tab.
11. In the Policy configuration section, you can select the policies and configure the properties for each policy that you want API Gateway to enforce when it applies this global policy.
12. Click Save.
The global policy is created and displays the policy details page.
You can now activate the global policy. For details, see
Activating a Global Policy.