Policies enforce rules when Flex Gateway processes requests, enabling you to secure and govern your Flex Gateway API, agent, and tool instances.
MuleSoft provides policies that you can apply to your instances via Anypoint Platform or declarative configuration files. The provided policies include rate limiting, caching, authentication, authorization, threat protection, monitoring, and logging. For more information about MuleSoft-provided policies, see the policies-included-directory.adoc and policies-outbound-directory.adoc.
To extend existing functionality or define new functionality, create custom policies based on your specific business requirements. For information about creating custom policies, see pdk::policies-pdk-overview.adoc.
Automated policies enable your instances to comply with common security and logging requirements by automatically applying the same set of policies to all instances running in Flex Gateway. See policies-automated-overview.adoc for more information.
To apply a policy for Managed Flex Gateway or Connected Mode, see flex-gateway-secure-conn.adoc.
To apply a policy in Local Mode, see flex-gateway-secure-local.adoc.
For information about policy reordering, see policies-reorder.adoc.
For information about DataWeave support, see policies-flex-dataweave-support.adoc.