Referencing Environment Properties within Policy

Blog Post created by kazvi01 Employee on Jul 6, 2018

Writing Policy for Gateway is easy (once you get the hang of the Policy Manager), however writing policy that is easy to deploy into different environments can be tricky. This blog post talks about how to use and reference environment variables within policy so that your policy is simply to deploy to multiple environments. Please feel free to comment with your question and current challenges in the comment section below.


Places Environment is Referenced

The Gateway can require many different types of environment configurations. For example:

  • JDBC connection information
  • Secure Passwords
  • Trusted Certificates
  • Private Keys
  • ...

In this post we will focus solely on environment properties that are referenced within policy.

Some examples of this include:

  • Routing URLs
  • Branching Hints (if prod do ...)
  • Assertion configuration


Moving Environment to Variables

The first step would be to use variables to reference environment information instead of hardcoding it in. There are a few options for variables to use: Cluster Properties, Context Variables or Service Properties. No matter what option you use to refer to environment variables it is important to use a consistent naming convention.

Environment variables names must begin with ENV.

Doing so allows you to visible and simply distinguish what is an environment variable. It also makes it simpler for tools to find, expose, and apply environment values to the variables.

Here are some more details on the different ways to define environment variables.

Cluster Properties

Cluster properties are properties that are available to all policies in your environment.  When referring to them you must use the `gateway` prefix.

Context Variables

Context Variables can be set at any point within a policy by using the Set Context Variable Assertion. They are usable only within policy after the line that they are declared on.

Service Properties

Service properties are configured on a service itself. These are available within the policy for this service. When referring to them you must use the `service.property` prefix.

Using Environment Variables in Policy

Using examples, lets see how you can use the different methods to provide environment variables to policy

Using Cluster Properties to Provide a Routing URL

The Route via HTTP(S) Assertion requires a routing url in order to know where to route to. You can use a Cluster Property to provide this routing URL.

  1. Create a Cluster Property for the API to route to. Make sure to use the ENV prefix for the property name.
  2. In your Route via HTTP(S) Assertion you can refer to the cluster property in the URL text box. Make sure to use the gateway.ENV prefix in order to refer to a cluster property that is also an environment variable.

Use Context Variables to Provide Branching Hints Based on Environment

Sometimes a different environment will requires slightly different policy. For example, one environment may use a Cassandra database while another might use a MySQL database. You could use an environment property provided via a context variable in order to branch.

  1. Add the Set Context Variable Assertion to specify the database type. Make sure to use the ENV prefix for the variable name.

  2. Add the branching logic, checking the context variable value.

Use a Service Property to Provide Configuration for the Rate Limit Assertion

In order to protect a backend or monetize an API you will need to apply a rate limit. This rate limit will likely be different depending on the environment. You can use a service property to provide the rate limit value.

  1. Open the Service Properties Window and add a service property for the rate limit. Make sure to use the ENV prefix for the variable name.

  2. Reference the Service Property in the Apply Rate Limit Assertion. Make sure to use the service.property.ENV prefix in order to refer to a service property that is also an environment variable.

Gateway Development Plugins Upcoming Feature

The next version of the Gateway Development Plugins will focus on providing and managing environment properties. It will add the concept of an environment bundle. It will also enable providing environment to the Gateway container using environment variables in Docker Containers. See the Gateway Developer Plugin Waffle Board to get details on the features and tasks that are in progress. Feel free to comment and make suggestions on any work items.