This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Get list of attached policies of a proxy revision

Posted on 09-04-2020 08:17 AM
sujnana
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Is there a way to get list of attached policies for a given proxy revision? I need to find shared flow dependent proxies for some operational requirement. I followed steps mentioned in this post - https://community.apigee.com/questions/64994/how-to-check-for-shared-flow-dependency-deployment.html, but it fails in one senario.

Following are the Management calls used for this requirement -

1. List the API proxies for the environment. This will have proxy and deployed revisions - https://apidocs.apigee.com/management/apis/get/organizations/%7Borg_name%7D/environments/%7Benv_name...

2. List Policies per revision - https://apidocs.apigee.com/management/apis/get/organizations/%7Borg_name%7D/apis/%7Bapi_name%7D/revi...

3. Read Policy Details & check if the policy is flow callout and uses given shared flow - https://apidocs.apigee.com/management/apis/get/organizations/%7Borg_name%7D/apis/%7Bapi_name%7D/revi...

Here the second call returns all the policies including detached or unused policies. In some proxies, the Flow Callout policy is exists but not attached in any of flows.

Solved Solved
0 10 801
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

tagging @srinandans@google for comment.

No, there is no better solution.

I suggest that you take care in depending on those APIs.

In Apigee hybrid and Apigee ng, the admin APIs support coarse-grained query and update, but not query of specific policies and their attachment points. The way you would interrogate this would be, to download the bundle and examine the bundle locally. That approach also works with the current gen Admin APIs.

That's what I would do if I were implementing this today.

View solution in original post

Jump to Solution
0 Likes
10 REPLIES 10

Posted on --/--/---- --:-- AM
sujnana
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Found solution using following combination -

https://api.enterprise.apigee.com/v1/organizations/orgname/apis/proxyname/revisions/1/proxies

Loop proxy endpoint using below service and check if policy is attached

https://api.enterprise.apigee.com/v1/organizations/orgname/apis/proxyname/revisions/1/proxies/<proxy...;

https://api.enterprise.apigee.com/v1/organizations/orgname/apis/proxyname/revisions/1/targets

Loop target endpoint using below service and check if policy is attached.

https://api.enterprise.apigee.com/v1/organizations/orgname/apis/proxyname/revisions/1/targets/<targe...;

Let me know if any better solution than this with less management api callout

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

https://api.enterprise.apigee.com/v1/organizations/orgname/apis/proxyname/revisions/1/proxies/defaul...

The above will give you full flow with policies attached in proxy endpoint

https://api.enterprise.apigee.com/v1/organizations/orgname/apis/proxyname/revisions/1/targets/defaul...

The above will give you full flow with policies attached in the target endpoint.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sujnana
Bronze 3
Bronze 3
In response to
Reply posted on --/--/---- --:-- AM

As I mentioned above under comment section I already tried and is working. I am looking if any better solution than this with minimum service callouts.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

tagging @srinandans@google for comment.

No, there is no better solution.

I suggest that you take care in depending on those APIs.

In Apigee hybrid and Apigee ng, the admin APIs support coarse-grained query and update, but not query of specific policies and their attachment points. The way you would interrogate this would be, to download the bundle and examine the bundle locally. That approach also works with the current gen Admin APIs.

That's what I would do if I were implementing this today.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Unfortunately there is no API at the moment that lists policies that are attached (and enabled).

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to Former Community Member
Reply posted on --/--/---- --:-- AM

Sorry Nandan, I should have been more clear. I was inquiring about the GAAMBO APIs and the ability to inquire policies for a particular proxy in GAAMBO. Does that exist? or would people have to download the proxy bundle and analyze offline?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

I looked at the Apigee Google APIs (apigee.googleapis.com) and didn't find anything that met this requirement (other than inspecting the bundle). We don't have anything planned at the moment to address this.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to Former Community Member
Reply posted on --/--/---- --:-- AM

Thanks! Helpful.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
varkey98
Bronze 3
Bronze 3
In response to Former Community Member
Reply posted on --/--/---- --:-- AM

does that mean we can't even use the the solution mentioned by @sujnana?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to varkey98
Reply posted on --/--/---- --:-- AM

You cannot use the solution sujnana described in Apigee X or hybrid, because the endpoint apigee.googleapis.com does not allow you to inspect the individual policies in an API Proxy, nor the discrete ProxyEndpoint or TargetEndpoint objects. 

In X or hybrid, you would need to

  • export the API proxy revision bundle
  • unzip it locally (maybe in memory)
  • check the ProxyEndpoint and TargetEndpoint for attached policies

 

Jump to Solution