This page applies to Apigee and Apigee hybrid.
View Apigee Edge documentation.
Apigee lets you program API behavior without writing any code by using policies. A policy is like a module that implements a specific, limited management function. Policies are designed to let you efficiently and reliably add common types of management capabilities to an API.
Policies provide features like security, rate-limiting, transformation, and mediation capabilities, saving you from having to build and maintain the code on your own. You're not limited to the set of policy types provided by Apigee. You can also write custom scripts and code (such as JavaScript applications) that extend API proxy functionality and enable you to innovate on top of the basic management capabilities supported by Apigee policies.
Create and attach policies to API proxies and shared flows using Apigee in Cloud Code as described in the following sections. Depending on the policy type, you may need to create a resource, as described in Managing resources. See also Managing folders and files in an Apigee workspace.
Creating a policy
To create a policy using Apigee in Cloud Code:
In your Apigee workspace, perform one of the following actions based on where you want to attach the policy:
Attach to Action API proxy Perform one of the following actions: - Position your cursor over one of the following folders, click , and select Create policy:
apiproxy-name
proxy bundleapiproxy-name/apiproxy
- Position your cursor over the
apiproxy-name/apiproxy/policies
folder for the API proxy and click .
Shared flow Perform one of the following actions: - Position your cursor over one of the following folders, click , and select Create policy:
sharedflow-name
shared flow bundlesharedflow-name/sharedflowbundle
- Position your cursor over the
sharedflow-name/sharedflowbundle/policies
folder for the shared flow and click .
- Position your cursor over one of the following folders, click , and select Create policy:
The Create policy wizard opens.
Select the category of the policy that you want to create from the list. For a description of the policy categories, see Policy reference overview.
Enter a unique name for the policy and press Enter. The policy is added to the
/policies
folder for the API proxy or shared flow in the Apigee section and opened in the editor.Edit the file, as required, and select File > Save or ⌘S to save your edits. For more information about configuring the policy, see Policy reference overview.
Create resources if required by the policy type, as described in Managing resources.
Attaching a policy to a flow
Policies are not executed until they are attached to a flow. You can attach a policy to a flow by adding the <Step> element to the appropriate request or response flow element in a ProxyEndpoint or TargetEndpoint configuration, as described in the following topics:
For example, the following configuration attaches a QuotaPolicy to the <PreFlow>
of the ProxyEndpoint to configure the number of request messages that an API proxy allows over a period of time.
<ProxyEndpoint name="default"> <PreFlow> <Request> <Step><Name>QuotaPolicy</Name></Step> </Request> </PreFlow> <HTTPProxyConnection> <BasePath>/weather</BasePath> </HTTPProxyConnection> <RouteRule name="default"> <TargetEndpoint>default</TargetEndpoint> </RouteRule> </ProxyEndpoint>