APIC Features Supported by ROMA Connect Instances
If the instance you are using does not have related features, submit a service ticket to upgrade your instance.
Feature Name |
Feature Description |
Configurable |
Feature Configuration Example |
Configuration Parameter |
Parameter Description |
Default Value |
Value Range |
|---|---|---|---|---|---|---|---|
lts |
Reporting of Shubao access logs |
Yes |
{"name":"lts","enable":true,"config": "{\"group_id\": ",\"topic_id\":\"\",\"log_group\":\"\",\"log_stream\":\"\"}"} |
group_id |
Log group ID. |
- |
- |
topic_id |
Log stream ID. |
- |
- |
||||
log_group |
Name of a log group. |
- |
- |
||||
log_stream |
Name of a log stream. |
- |
- |
||||
gateway_responses |
Custom gateway responses |
No |
- |
- |
- |
- |
- |
ratelimit |
Request throttling limit configuration |
Yes |
{"name":"ratelimit","enable":true,"config": "{\"api_limits\": 500}"} |
api_limits |
Default request throttling value applied to all APIs. Set this parameter properly to meet service requirements. A small value may constantly throttle your services. |
200 calls per second |
1–1,000,000 calls per second |
request_body_size |
Configuration of the maximum request body size |
Yes |
{"name":"request_body_size","enable":true,"config": "104857600"} |
request_body_size |
Maximum size of the body allowed in an API request. |
12 M |
1–9536 MB |
backend_timeout |
Backend timeout configuration |
Yes |
{"name":"backend_timeout","enable":true,"config": "{"max_timeout": 500}"} |
max_timeout |
Maximum timeout duration for APIC to access a backend service. |
60000 ms |
1–600,000 ms |
app_token |
app_token authentication |
Yes |
{"name":"app_token","enable":true,"config": "{\"enable\": \"on\", \"app_token_expire_time\": 3600, \"app_token_uri\": \"/v1/apigw/oauth2/token\", \"refresh_token_expire_time\": 7200}"} |
enable |
Whether to enable app_token authentication. |
off |
on/off |
app_token_expire_time |
Validity period of the access token. |
3600s |
1–72,000s |
||||
refresh_token_expire_time |
Validity period of the refresh token. |
7200s |
1–72,000s |
||||
app_token_uri |
URI used for obtaining the token. |
/v1/apigw/oauth2/token |
- |
||||
app_token_key |
Token encryption key. |
- |
- |
||||
app_basic |
app_basic authentication |
Yes |
{"name":"app_basic","enable":true,"config": "on"} |
- |
- |
off |
on/off |
app_secret |
app_secret authentication |
Yes |
{"name":"app_secret","enable":true,"config": "on"} |
- |
- |
off |
on/off |
backend_token_allow |
Allowing tenants to transparently transmit tokens to the backend |
Yes |
{"name":"backend_token_allow","enable":true,"config": "{\"backend_token_allow_users\": [\"paas_apig_wwx548366_01\"]}"} |
backend_token_allow_users |
Regular expression for transparently transmitting the token to the common tenant whitelist of the tenant to match the domain name of the common tenant. |
- |
- |
sign_basic |
Basic signature keys |
No |
- |
- |
- |
- |
- |
multi_auth |
Two-factor authentication |
No |
- |
- |
- |
- |
- |
backend_client_certificate |
Backend two-way authentication |
Yes |
{"name":"backend_client_certificate","enable":true,"config": "{\"enable\": \"on\",\"ca\": \"\",\"content\": \"\",\"key\": \"\"}"} |
enable |
Whether to enable this function. |
off |
on/off |
ca |
CA file of two-way authentication. |
- |
- |
||||
content |
Two-way authentication file. |
- |
- |
||||
key |
Private key of two-way authentication. |
- |
- |
||||
ssl_ciphers |
HTTPS cipher suites |
Yes |
{"name":"ssl_ciphers","enable":true,"config": "config": "{\"ssl_ciphers\": [\"ECDHE-ECDSA-AES256-GCM-SHA384\"]}"} |
ssl_ciphers |
Encryption and decryption suites supported. The ssl_ciphers parameter cannot be left blank and can contain only the options in the default value. |
- |
ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256 |
app_config |
Extended configuration |
No |
- |
- |
- |
- |
- |
green_tunnel |
Green channels |
No |
- |
- |
- |
- |
- |
app_route |
IP access |
Yes |
{"name":"app_route","enable":true,"config": "on"} |
- |
- |
off |
on/off |
default_group_hide |
Hiding the default group. Note: After the default group is hidden, IP access is not supported. If you want to use the IP access function, you are advised to enable the app_route configuration. |
Yes |
{"name":"default_group_hide","enable":true,"config": "on"} |
- |
- |
off |
on/off |
cascade |
Cascading function |
Yes |
{"name":"app_route","enable":true,"config": "{\"enable\": \"on\", \"cascade_auth_key\": \"abcdefabcdefabcdefabcdefabcdef11\", \"cascade_instance_ids\":\"104e4816-1e9c-4345-be3a-14528727d0e3\"}"} |
enable |
Whether to enable the cascading function. |
off |
on/off |
cascade_auth_key |
Encryption key used to generate the cascading authentication token. |
- |
- |
||||
cascade_instance_ids |
ID of the instance that can be used as the upper-level instance during cascading. |
- |
- |
||||
sandbox |
IDA function sandbox configuration |
Yes |
{"name":"sandbox","enable":true,"config": "{\"max_cpu_time\": 30000, \"max_memory\": 1073741824}"} |
max_cpu_time |
Maximum CPU time that can be used by a function API. Unit: s. |
60000 ms |
1–1,000,000 ms |
max_memory |
Memory size allowed to be executed in a function API. Unit: byte. |
256 M |
1–9536 MB |
||||
livedata_config |
Whether custom backend configurations are supported. If both sandbox and livedata_config exist, livedata_config is used preferentially. |
Yes |
{"name":"sandbox","enable":true,"config": "{\"max_cpu_time\": 30000, \"max_memory\": 1073741824, \"max_memory\": 1073741824, \"dataapi_return_type\": \"no_string\", \"gw_address_protocol\": \"http\", \"livedata_env\": \"offline\",\"procedure_async\": \"off\"}"} |
max_cpu_time |
Maximum CPU time that can be used by a function API. Unit: s. |
60000 ms |
1–1,000,000 ms |
max_memory |
Memory size allowed to be executed in a function API. Unit: byte. |
256 M |
1–9536 MB |
||||
livedata_env |
Running mode of a custom backend. If this parameter is set to online, the custom backend API will be returned in the online format. |
online |
online/offline |
||||
gw_address_protocol |
Default request protocol used in the DICT:gw_rest_float_addr variable. |
none |
http/https/none |
||||
procedure_async |
Whether asynchronous execution is used during the stored procedure. |
off |
on/off |
||||
dataapi_return_type |
Response format of a data API. |
no_string |
string/no_string |
||||
real_ip_from_xff |
Whether to use the IP addresses in the X-Forwarded-For header for access control and request throttling |
Yes |
{"name": "real_ip_from_xff","enable": true,"config": {"enable": "on","xff_index": -1}} |
enable |
Whether to enable this function. |
off |
on/off |
xff_index |
Sequence number of the IP address in the X-Forwarded-For header. The value can be positive, negative, or 0.
For example, assume that the X-Forwarded-For header of a request received by API gateway contains three IP addresses: IP1, IP2, and IP3. If the value of xff_index is 0, IP1 is obtained. If the value is 1, IP2 is obtained. If the value is –1, IP3 is obtained. If the value is –2, IP2 is obtained. |
-1 |
Valid Int32 value |
||||
apiclient_first_use_x_hw_id |
Whether to preferentially use the X-HW-ID field to verify the ApiClient class of custom backends. |
Yes |
{"name":"apiclient_first_use_x_hw_id","enable":true,"config": "on"} |
- |
- |
off |
on/off |
custom_log |
Whether to support custom logs. |
Yes |
{"name":"custom_log","enable":true,"config": "{\"custom_logs\":[{\"location\":\"header\",\"name\":\"test\"},{\"location\":\"query\",\"name\":\"x-query-test001\"}]}"} |
custom_logs |
Parameter sets to print in custom logs. Max. sets: 10 |
- |
- |
location |
Parameter location. |
- |
header/query/cookie |
||||
name |
Parameter name. |
- |
- |
||||
real_ip_header_getter |
Whether to obtain source IP addresses from custom headers for them to take effect in access control and request throttling policies. |
Yes |
{"name":"real_ip_header_getter","enable":true,"config": "{\"enable\": \"on\",\"header_getter\": \"header:testIP\"}"} |
enable |
Whether to enable the feature. |
off |
on/off |
header_getter |
Custom header for obtaining source IP addresses. |
- |
- |
||||
vpc_name_modifiable |
Whether load balance channel names can be modified. |
Yes |
{"name":"vpc_name_modifiable","enable":true,"config": "on"} |
- |
- |
on |
on/off |
default_group_host_trustlist |
Whether to allow access to APIs in the DEFAULT group from the IP addresses that are not inbound access addresses of the current instance. |
Yes |
{"name":"default_group_host_trustlist","enable":true,"config": "{\"enable\":\"on\",\"hosts\":[\"123.2.2.2\",\"202.2.2.2\"]}"} |
enable |
Whether to enable the feature. |
off |
on/off |
hosts |
IP addresses that are not inbound access addresses of the current instance. |
- |
- |
||||
data_api_column_types_converted_to_string |
Whether to allow data backends to support converting data column types to String. |
Yes |
{"name": "data_api_column_types_converted_to_string", "enable": true, "config": "{\"enable\":\"on\",\"column_types\":[\"nvarchar2\"]}"} |
enable |
Whether to enable the feature. |
off |
on/off |
column_types |
Types: data column types to be converted to String (only NVARCHAR2 is supported currently). |
- |
- |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
