How can I add new environment in API Management WSO2 in current there are two environments by default
I hope you are referring different gateway environments. If so please go through the doc which explains how you can add gateway environments.
Related
I'm testing the waters for running Apache Airflow on AWS through the Managed Workflows for Apache Airflow (MWAA). The version of Airflow that AWS have deployed and are managing for me is 1.10.12.
When I try to access the v1 REST API at /api/experimental/test I get back status code 403 Forbidden.
Is it possible to enable the experimental API in MWAA? How?
I think MWAA provide a REST endpoint to use the CLI
https://$WEB_SERVER_HOSTNAME/aws_mwaa/cli
It's quite confusing because you fisrt need to create a cli-token using the awscli to then hit the endpoint using that token. You will need a policy to allow your awscli to request that token.
Lastly there isn't support for all the commands, just a bunch.
Anyway it's all explained on the user guide
https://docs.aws.amazon.com/mwaa/latest/userguide/amazon-mwaa-user-guide.pdf
By default, api.auth_backend configuration option is set to airflow.api.auth.backend.deny_all in MWAA environments. You need to override it to one of the authentication methods mentioned in the documentation as shown in the figure bellow:
Note: it is highly discouraged to use airflow.api.auth.backend.default as it'll
leave your environment publicly accessible.
[2021/07/29] Edit:
Based on this comment, AWS blocked access to the REST API.
I have several questions about WSO2 API Manager that I am not able to figure out reading the documentation:
Is it possible to setup a "default" basepath for all API? for example if I have to switch my endpoints from localhost:8080/rest/myapi to 12.43.56.89:8080/rest/myapi is it possible to do it without editing any single API's enpoint?
Is it possible to create create a role which allows access only to sandbox endpoint but not to production endpoint? The only way to do this, as far as I know, is to manually block the access to production once the user has subscribed the API. My idea is to allow all users to access the sandbox but enable only trusted users to access the production APIs once their applications have been validated.
Is it possible to distribute several instances of the AM Gateway? Accordingly with documentation it seems that is only possible to run gateway, store, and publisher+keymanager on different servers but not to run multiple instance of the gateway in parallel.
Thank you!
1) You can use a variable for endpoint base path like this.
http://{uri.var.host}:{uri.var.port}/apis/weather
These variables can be taken from system variables. See this for how to do it.
2) You can use Key Generation (i.e. OAuth App Registration) Workflows for this. This will send a approval request to admin user. If you want to automate it to approve based in user roles or something, you can customize workflows.
3) You can have multiple gateways.
I am setting up the API Manager in a cluster and have one version of the store and one version of the publisher which are clustered so they update each other on change. I also have the gateway setup up in a master and worker cluster. All of this I found out how to do on the wso2 site. The issue is I want to cluster the key manager as well for higher load but I can't find any documentation on how to cluster the key manager specifically. I assume it's not just a case of running more than one behind a load balancer as they need to know when the tokens etc have changed?
Any help would be appreciated
Please follow this documentation on API Manager clustering. Please follow Configuring the connections among the components -> Key Manager section and Configuring component features section accordingly. This blog post explains when IS is used as Key Manager. But the explanation might be helpful to you to understand when using several urls.
I was thinking of using my own custom api gateway running on a separate box using nginx.
Is there any way in which the WSO2 API Manager can integrate to my api gateway?
In case there isn't, wanted to know if there's the possibility to run WSO2 API Manager without (or disabling) the API Gateway and if you could tell me which WSO2 API Manager's features would be unavailable.
Currently there's no way of replacing the gateway since we do the authentication, throttling, etc using synapse handlers. Here I am not sure about your use case of using nginx but what you can do is you can use nginx endpoint when you create the API or on the other way around you can route nginx traffic to API Gateway (you need to fix the API endpoints appearing in the API manager store view to point to nginx). Basically API layer need to be on top of service layer.
I 'm looking for a tool to host and publish APIs documentation so
that users of the api can browse it and test it right from the
documentation web page
If i got it correctly, you need a API store only to host your APIs.You can try enterprise store The documentation can be found here
currently we are developing a solution with some parts of wso2 middleware stack like api manager and esb.
my problem is,,
in our solution we are maintain a DMZ layer.where you guys suppose to put api manager??is it ok if we put api manager in DMZ are or outside all layers including DMZ or a put it in inner layer.????
actually this question is realated to the best-wso2-esb-solution-for-banking-application question i asked before.
Regards,
Akila
API Manager has 4 components. The API Gateway, Key Manager, API Store and Publisher. Each of these components can be deployed in any part of the network. So to answer your question we can deploy the API Gateway component of the API manager in the DMZ and rest of the components along with any other WSO2 Products in the DMZ. The below link would provide you with a better understanding on the different deployment patterns available with the WSO2 API Manager.
https://docs.wso2.com/display/CLUSTER420/API+Manager+Clustering+Deployment+Patterns