After you have created the Secure API Manager components, new options appear in the Access Manager Administration Console that allow you to manage the API Gateway clusters, the API Gateways, and the Limiting Policies.
Access Manager Administration Console > Dashboard > API Gateway Cluster
You can rename the API Gateway cluster, delete the API Gateway cluster, and update all of the API Gateways in the selected API Gateway cluster. If you edit the configuration of an API Gateway, you must update all of the API Gateways in the API Gateway cluster to make each node in the cluster aware of the changes. You can also view the auditing information for the API cluster.
On the Dashboard, click the API Gateway cluster that you want to modify.
(Optional) To rename the API Gateway cluster:
Double-click the name of the API Gateway cluster.
Make the name change.
Click anywhere outside of the name field and the Administration Console saves the new name.
(Optional) To delete the API Gateway cluster:
In the upper right corner of the API Gateway cluster, click Actions.
Click Delete.
Read the message that explains that all API Gateways and limiting policies associated with this API Gateway cluster are automatically deleted when you delete the API Gateway cluster.
Click OK. The Administration Console deletes the API Gateway cluster and all associated objects.
(Conditional) If you have updated one API Gateway in the API Gateway cluster, you must update all of the API Gateways.
Click Actions for the API Gateway Cluster.
Click Update all to update all other members of the cluster with these changes.
Access Manager Administration Console > Dashboard > API Gateway Cluster
You can edit, update, and delete the API Gateways. Editing allows you to change any of the configuration options, including the certificate and the network configuration options. If you make any changes to an API Gateway, you can update the API Gateway. However, if the API Gateway is part of an API Gateway cluster, you must update all of the API Gateways in the cluster to ensure that all of the API Gateways in the cluster have the same information for high availability.
IMPORTANT:Always delete the API Gateway object in the Administration Console if you delete the Secure API Manager appliance from VMware or you deleted the Docker container. If you do not and redeploy it with the same networking configuration, causes issues for the API Gateway to the point it will not function.
To manage API Gateways:
On the Dashboard, click the name of the appropriate API Gateway that you want to manage.
(Conditional) edit the API Gateway:
In the upper right corner of the API Gateway, click Actions.
Click Edit.
Change the name, the IP address, or the DNS name of the node, update the certificate, or update the API Gateway password.
Click OK to save the changes.
(Conditional) If the API Gateway is part of an API Gateway cluster, click Actions for the API Gateway Cluster, then click Update all to update all of the members of the cluster with these changes.
(Conditional) To delete the API Gateway:
In the upper right corner of the API Gateway, click Actions.
Click Delete.
Read the confirmation message that you want to delete the API Gateway and all associated APIs, then click OK.
(Conditional) If you are not going to recreate the API Gateway object with the same configuration, delete the Secure API Manager appliance from VMware or delete the Docker container.
Access Manager Administration Console > Dashboard > API Gateway Cluster > Limiting Policies
You can edit and delete the rate-limiting policies for the APIs through the Access Manager Administration Console. By default, Secure API Manager creates an Unlimited policy that allows full access to the APIs and the API endpoints associated with the APIs that use this policy.
To manage the limiting policies:
On the Dashboard, click the API Gateway cluster that contains the limiting policies you want to manage.
To edit a policy:
In the upper right corner of the policy, click Actions.
Click Edit.
Change the policy name or the details for limiting policy details.
Click OK to save the changes.
Access Manager Administration Console > Dashboard > API Gateway Cluster > Access Services
Secure API Manager allows you to mange the Access Services protection rules that you create to protect Secure API Manager. You can add, edit, or delete any of the protection rules that you have created to protect the sshd process, the API Gateway, or Secure API Manager.
To manage the Access Services protection rules:
On the appropriate API Gateway cluster, in the right corner, select Access Services.
To add or delete the sshd process protection rules:
Click SSH.
To delete an sshd process protection rule, select the appropriate protection rule in the Allow List, then click Delete.
NOTE:You can delete the global protection rules only from the Global tab.
To add an sshd protection rule, use the same procedure as when you define the sshd process protection rules.
(Conditional) Click Apply if you want to save the changes but perform additional tasks in Access Services.
(Conditional) Click Save if you are finished making changes for the sshd process protection rules and want to close the Access Services window.
(Conditional) If you are using the Docker deployment, you must restart the Docker service by issuing the following command:
systemctl restart docker
NOTE:After you make a change the impacts the Docker iptables, you must restart the Docker service to move the DOCKER-USER rule priority to the top of the FORWARD chain.
To add or delete the API Gateway protection rules:
Click API Gateway.
To delete an API Gateway protection rule, select the appropriate protection rule in the Allow List, then click Delete.
NOTE:You can delete the global protection rules only from the Global tab.
To add an API Gateway protection rule, use the same procedure as when you define the API Gateway protection rules.
(Conditional) Click Apply if you want to save the changes but perform additional tasks in Access Services.
(Conditional) Click Save if you are finished making changes for the API Gateway protection rules and want to close the Access Services window.
(Conditional) If you are using the Docker deployment, you must restart the Docker service by issuing the following command:
systemctl restart docker
NOTE:After you make a change that impacts the Docker iptables, you must restart the Docker service to move the DOCKER-USER rule priority to the top of the FORWARD chain.
To add or delete the global protection rules:
Click Global.
To delete a global protection rule, select the appropriate protection rule in the Allow List or Deny List, then click Delete.
NOTE:Deleting a global protection rule, removes the protection rule from the SSH and API Gateway tabs.
To add a global protection rule, use the same procedure as when you define the global protection rules.
(Conditional) Click Apply if you want to save the changes but perform additional tasks in Access Services.
(Conditional) Click Save if you are finished making changes for the global protection rules and want to close the Access Services window.
(Conditional) If you are using the Docker deployment, you must restart the Docker service by issuing the following command:
systemctl restart docker
NOTE:After you make a change that impacts the Docker iptables, you must restart the Docker service to move the DOCKER-USER rule priority to the top of the FORWARD chain.