Contact Us 1-800-596-4880
  1. Homepage
  2. UAPIM Workshop (1.0.0)

  3. Lab 7: Runtime Security with API Governance (Optional)

Lab 7: Runtime Security with API Governance (Optional)

Overview

Duration: 15 minutes

In lab 6, we applied governance rulesets on the design specifications of our APIs to ensure best practices and consistency. In this lab, we will use API Governance to ensure that our API Manager policies from lab 2 are applied. This will ensure that policies are applied and improve API security with a comprehensive view of compliance posture.

Reference documentation:

  1. Apply a Governance Ruleset

  2. View and Fix Instance Conformance Issues in API Manager

Step 1: Apply a Governance Ruleset

From the top left menu, open API Governance, and click the ‘New Profile’ button on the top right.

img 0

Click the checkbox on the ‘Mule API Management Best Practices’ ruleset.

img 1

Search for your initial tag, and press the white box to check mark it. Hit apply after.

img 2

Make sure the ‘Include only APIs with instances’ box is checked and that your API from lab 2 appears below. Click Next.

img 3

Click the ‘Others’ checkbox, and type in your email address.

img 4

Name the Profile ‘API Instance Conformance <Your initials>’ and press Next.

img 5

Review the details, then press ‘Save as active’

img 6

The ruleset will take a few minutes to run, when it’s done you will receive an email informing you that your instance is non-compliant.

img 7

Once the ruleset runs, you can see that 1 API is marked ‘At Risk’. Click the Profile name on the left.

img 8

Then click ‘View details’

img 9

Here, you can see the missing API Management policies.

img 10

Step 2: View Instance Conformance Issues in API Manager

Navigate to Anypoint Platform > API Manager . Click on your API from lab 2.

img 11

Instance Conformance appears in the API Summary pane, you can see it’s in Violation. Click on ‘Governance Report’ on the left, and then View details on the right to view nonconformance details for each ruleset.

img 12

Here, you can see the warnings - this instance is missing 2 API Management policies that are part of MuleSoft Best Practices.

img 13

Step 3: Fix Instance Conformance Issues in API Manager

Click ‘Policies’ on the left, and then ‘Add policy’

img 14

Scroll down and apply the Message Logging policy.

img 15

Add #[payload] to the Message box and check the After Calling API box .

img 16

Press apply.

img 17

You’ll need to re-order your policies so message logging is on top. Press the Reorder policies button.

img 18

After reordering, your screen should look like this.

img 19

Return to Postman and click the Send button . You should receive a successful 200 response.

img 20

Click Message Log on the left side of the menu.

img 21

You’ll now see the payload response of calling your API in the logs.

img 22

View the Governance Report again.

img 23

You can see the violations have decreased from 2 to 1.

Congratulations!

By completing labs 6 and 7, you have learned how to use Anypoint API Governance to apply end-to-end governance from API design to running API instances.