Setting up Multiple Policies in Tyk OSS (Community Edition)

selvamp · August 31, 2021, 7:59am

Hello, greetings.

I’m currently using Tyk Gateway Community Edition, which comes only with Redis and Gateway. I’m looking to create multiple policies for my use case. While referring to Secure an API , it talks about the structure of how to define a policy. But I would like to create multiple policies, hence am I supposed to edit the /policies/policies.json file to accommodate multiple policies or will tyk allow only one policy in the Community Edition. Any insights on this would be very helpful!

Already existing Content in policies.json:

{
“default”: {
“rate”: 1000,
“per”: 1,
“quota_max”: 100,
“quota_renewal_rate”: 60,
“access_rights”: {
“41433797848f41a558c1573d3e55a410”: {
“api_name”: “My API”,
“api_id”: “41433797848f41a558c1573d3e55a410”,
“versions”: [
“Default”
]
}
},
“org_id”: “54de205930c55e15bd000001”,
“hmac_enabled”: false
}
}

Changed policies.json file content:

{
“default”: {
“rate”: 1000,
“per”: 1,
“quota_max”: 100,
“quota_renewal_rate”: 60,
“access_rights”: {
“httpbinTest”: {
“api_name”: “httpbin Test API”,
“api_id”: “httpbinTest”,
“versions”: [
“Default”
]
}
},
“org_id”: “VW5pdHkgSW5mb3RlY2ggU29sdXRpb25zIChVSVMpIEdsb2JhbCBQdnQuIEx0ZC4=”,
“hmac_enabled”: false
},
“myNewPolicy”: {
“name”: “My New Policy”,
“rate”: 500,
“per”: 1,
“quota_max”: 50,
“quota_renewal_rate”: 3600,
“access_rights”: {
“myTestApi”: {
“api_name”: “My Test API”,
“api_id”: “myTestApi”,
“versions”: [
“Default”
]
},
“testApi”: {
“api_name”: “API Test”,
“api_id”: “testApi”,
“versions”: [
“Default”
]
}
},
“org_id”: “VW5pdHkgSW5mb3RlY2ggU29sdXRpb25zIChVSVMpIEdsb2JhbCBQdnQuIEx0ZC4=”,
“hmac_enabled”: false
}
}

Thanks and Cheers!
Prashanth (@selvamp)

James · August 31, 2021, 9:48am

Hi @selvamp - you certainly can have multiple policies in the open source gateway! Check out the section here, in particular on “policy list”: Policies Guide

selvamp · August 31, 2021, 10:03am

Thanks @James for the reply. Will check out the docs related to the Policies. I have a quick question!
Is there any REST API available that will return the list of policies that are available? I know that the same is available in Tyk Cloud and Tyk Self-Managed versions, but is the same available for Tyk Community Edition?

Thanks,
Prashanth

Olu · September 1, 2021, 2:19pm

At the moment, there is none for policies.

selvamp · September 2, 2021, 4:50am

Alright, thanks @Olu.

Let’s say that I’m following the same steps as given in Secure an API by editing the policies.json. Will the edited policies be enforced on the APIs that have been mentioned in the “access_rights” key?