Cloud-native API Gateway supports route-level Web Application Firewall (WAF) protection and a range of routing policies, including throttling, rewrite, header setting, cross-origin resource sharing (CORS), traffic replication, timeout, and retry, to protect and optimize your services.
Routing policies
|
Policy |
Description |
|
Cloud-native API Gateway is deeply integrated with Alibaba Cloud WAF 3.0. Unlike traditional WAF, this integration allows requests to reach API gateways directly without passing through WAF, which significantly improves overall system performance without compromising security. |
|
|
Route-level throttling policies prevent backend services from being overwhelmed by excessive requests and help avoid cascading failures. When the number of concurrent requests is high, throttling blocks excess requests to maintain backend availability. Fine-grained policies ensure that the request count on a route does not exceed a specified threshold within a given period. |
|
|
A rewrite policy changes the paths and hostnames in requests before the requests are forwarded to backend services. This provides precise control over request routing and ensures that requests reach the correct service or endpoint. |
|
|
A header setting policy modifies headers in requests or responses before requests are forwarded to backend services or before responses are returned to clients. |
|
|
CORS allows web application servers to perform cross-origin access control for secure data transfer. You can configure route-level CORS policies to allow access to resources from specific domain names by using specific request methods based on your business requirements. |
|
|
A traffic replication policy copies traffic from online applications to a designated application for a specific route. This supports simulation testing and fault diagnosis, helping you evaluate application performance and troubleshoot issues efficiently. |
|
|
A route-level timeout policy specifies the maximum time a gateway instance waits for a response from the backend service. If no response is received within this period, the gateway returns the 504 (Gateway Timeout) HTTP status code to the client. |
|
|
Route-level retry policies enable automatic retries for failed requests. You can specify retry conditions such as failed connections, unavailable backend services, or responses with a specified HTTP status code. |