Help Center/ ROMA Connect/ User Guide/ Instances/ Managing Instances/ Modifying Instance Configuration Parameters
Updated on 2024-06-25 GMT+08:00

Modifying Instance Configuration Parameters

Overview

This section describes how to configure common parameters of components in an instance. By modifying configuration parameters, you can adjust related function configurations of components.

Constraints

Modifying instance configuration parameters will interrupt APIC. Do this during off-peak hours or when no service is running.

Modifying Configuration Parameters

On the Instance Information page of the ROMA Connect console, click the Configuration Parameters tab and view the configuration parameters of the instance. You can also change the values of Current Value.

Table 1 Configuration parameters

Parameter

Description

Parameter

Name of a parameter. You can move the cursor to next to a parameter name to view its description.

Default Value

Default value of a parameter.

Value Range

Value range of a parameter.

Current Value

Current value of a parameter.

Updated

Time when a parameter was last updated. If the parameter has never been modified, this parameter is left blank.

Operation

Click Edit to change the value of Current Value.

Parameter Description

The following table lists the instance configuration parameters of ROMA Connect.

Table 2 Configuration parameters

Parameter

Description

ratelimit_api_limits

Default request throttling value applied to all APIs. If no request throttling policy is bound to an API, the total number of times the API can be called is determined by this parameter value. If a request throttling policy has been bound to an API, the total number of times the API can be called is determined by the bound policy.

request_body_size

Maximum size of the body allowed in an API request.

backend_timeout

Maximum timeout duration for ROMA Connect to send a request to a backend service.

app_token

Whether to enable app_token authentication. After this function is enabled, the obtained access token can be used in API requests for authentication during API calling.

  • app_token_expire_time indicates the validity period of the access token. Before the access token expires, you must obtain a new access token.
  • refresh_token_expire_time indicates the validity period of the refresh token. A refresh token is used to obtain a new access token.
  • app_token_uri indicates the URI used for obtaining an access token.
  • app_token_key indicates the encryption key of the access token.

app_api_key

Whether to enable app_api_key authentication. After this function is enabled, you can add the apikey parameter to an API request to carry the key of an integration application (or the AppKey of a client) for authentication during API calling.

app_basic

Whether to enable app_basic authentication. After this function is enabled, you can add the Authorization parameter to an API request to carry the key and secret of an integration application (or the AppKey and AppSecret of a client) for authentication during API calling.

app_jwt

Whether to enable app_jwt authentication. After this function is enabled, you can add the Authorization and Timestamp parameters to the API request to carry the key and secret (or AppKey and AppSecret of the client) of the integration application and the timestamp for authentication during API calling.

app_jwt_auth_header indicates the app_jwt authentication header, that is, the Header parameter of app_jwt authentication information carried in an API request. The default value is Authorization.

app_secret

Whether to enable app_secret authentication. After this function is enabled, you can add the X-HW-ID and X-HW-AppKey parameters to an API request to carry the key and secret of an integration application (or the AppKey and AppSecret of a client) for authentication during API calling.

public_key

Whether to enable the backend signature of the public_key type. After this function is enabled, signatures of the public_key type can be used in backend signature authentication.

public_key_uri_prefix indicates the URI prefix used to obtain the secret corresponding to public_key. The URI format is as follows: https://{APIC connection address}{public_key_uri_prefix}{public_key signature key name}.

app_route

Whether to support IP address access. After this function is enabled, APIs in non-DEFAULT groups can be called by using IP addresses.

cascade

Whether to enable the API cascading function. After this function is enabled, APIs can be called across instances.

  • cascade_auth_key indicates the encryption key used for authentication between APIs in the cascading relationship.
  • cascade_instance_ids indicates the ID list of cascading instances. Only instances specified by this parameter can establish the cascading relationship with the current instance.

default_group_hide

Whether to hide the DEFAULT group. After this function is enabled, the DEFAULT group is hidden.

livedata_config

Custom backend configuration.

  • sandbox_max_memory indicates the maximum memory required for executing a script of a function backend.
  • sandbox_max_cpu_time indicates the maximum CPU time required for executing a script of a function backend.
  • livedata_env indicates the running mode of a custom backend. If this parameter is set to online, the custom backend will return responses in the online format.
  • gw_address_protocol indicates the default request protocol transferred through the DICT:gw_rest_float_addr field in a function script.
  • procedure_async indicates whether the stored procedure is executed in asynchronous mode.
  • dataapi_return_type indicates the return format of a data backend.

backend_client_certificate

Whether to enable two-way authentication for a backend. After this function is enabled, you can configure the two-way authentication for a backend when configuring the backend information during API creation.

ssl_ciphers

HTTPS cipher suite that can be configured. You can select the cipher suites as required.

apiclient_first_use_x_hw_id

Whether to preferentially use the X-HW-ID field to verify the ApiClient class of the custom backend.

real_ip_from_xff

Whether to use the IP addresses in the X-Forwarded-For header as the criterion for access control and request throttling.

xff_index: Sequence number of an IP address in the X-Forwarded-For header. The value can be positive, negative, or 0.

  • If the value is 0 or positive, obtain the IP address of the corresponding index in the X-Forwarded-For header.
  • If the value is negative, obtain the IP address of the indicated reverse sequence in the X-Forwarded-For header.

For example, assume that the X-Forwarded-For header of a request received by API gateway contains three IP addresses: IP1, IP2, and IP3. If the value of xff_index is 0, IP1 is obtained. If the value is 1, IP2 is obtained. If the value is –1, IP3 is obtained. If the value is –2, IP2 is obtained.

custom_log

Whether to enable custom logs. After the custom log function is enabled, the specified location (header, query, and cookie) and parameter values are printed in the calling logs of all APIs in the ROMA Connect instance.

After this function is enabled, click Add to add the parameters to be printed in the calling logs.

NOTE:
  • Custom logs print only the content of requests initiated from clients and do not print the constants and system parameters defined in APIC.
  • Custom logs support up to 10 parameters. The total size of all parameter fields cannot exceed 2 KB.
  • Some special characters in parameter values printed by custom logs will be encoded. For example, a plus sign (+) will be encoded as a space, double quotation marks (") encoded as \x22, and a backslash (\) encoded as \x5C.

real_ip_header_getter

header_getter: Whether to obtain source IP addresses from custom headers for access control and request throttling policies to take effect.

vpc_name_modifiable

Whether to allow load balance channel name modification. When this function is enabled, you can modify the name of load balance channels. However, the VPC Channel Management - Project-Level API cannot be called currently.

default_group_host_trustlist

Whether to allow access to APIs in the default group from the IP addresses that are not inbound access addresses of the current instance. When this function is enabled, IP addresses can be added to access APIs in the default group.

  • Default Group API Access from Custom IP Addresses: whether APIs in the default group can be accessed from custom IP addresses.
  • IP Addresses: custom IP addresses to access the APIs in the default group. Separate multiple IP addresses with semicolons (;).

data_api_column_types_converted_to_string

Whether to allow data backends to support converting data column types to String. When this function is enabled, a selected data column type can be converted to String.

  • Configure Data Column Types: whether to allow data backend column types to be converted to String.
  • Types: data column types to be converted to String (only NVARCHAR2 is supported currently).

sse_strategy

Whether to enable Server-Sent Events (SSE) transmission. It is disabled by default. Once enabled, the responses of backend APIs are output in streaming mode for character-based rendering.

NOTICE:

The sse_strategy configuration can be modified 1 minute after being completed.

request_custom_config

Configure client request parameters.

  • HTTP/2: Enabled by default.
  • request_body_timeout: Timeout for client request body. Default: 8s. Modify this parameter if the network condition is poor or the request body is too large.
NOTICE:

The client request configuration can be modified 1 minute after being completed.