Edge Route Policy Module
warning
Traffic Policy is currently in preview. Breaking changes may occur at any time with no notice, including changes to the structure of policy documents, the behaviors of policies, and the pricing of this feature.
Replace HTTPS Edge Route Policies Module
Request
PUT /edges/https/{edge_id}/routes/{id}/policy
Example Request
curl \
-X PUT \
-H "Authorization: Bearer {API_KEY}" \
-H "Content-Type: application/json" \
-H "Ngrok-Version: 2" \
-d '{"enabled":true,"inbound":[{"actions":[{"config":{"format":"nginx","from":"v0/user/([0-9]+).*","to":"v1/user?id=$1&$args"},"type":"url-rewrite"},{"config":{"format":"nginx","from":"v0/super/secret/path/to/admin.*","to":"v1/admin?$is_args$args"},"type":"url-rewrite"}],"expressions":["req.url.contains('v0/')"],"name":"Rewrite v0 API Calls to v1."},{"actions":[{"config":{"content":"access denied","headers":{"content-type":"text/plain"},"status_code":401},"type":"custom-response"}],"expressions":["req.method == 'POST' && req.content_length > 10000","conn.geo.country_code in ['BR', 'CN', 'CU', 'IR', 'NG', 'RO', 'RU', 'SD', 'SY', 'UA']"],"name":"Block POST Requests With Large Content Length From Specific Countries"},{"actions":[{"config":{"status_code":400},"type":"deny"}],"expressions":["'ChatGPT' in req.headers['user-agent'] || 'GPTBot' in req.headers['user-agent']"],"name":"Block AI Crawler Bots"}],"outbound":[{"actions":[{"config":{"metadata":{"edgeId":"edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2","message":"Unsuccessful response","routeId":"edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa"}},"type":"log"}],"expressions":["res.status_code < 200 || res.status_code > 300"],"name":"Log Unsuccessful Response"}]}' \
https://api.ngrok.com/edges/https/edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2/routes/edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa/policy
Parameters
| Name | Type | Description |
|---|---|---|
enabled | boolean | true if the module will be applied to traffic, false to disable. default true if unspecified |
inbound | EndpointRule | the inbound rules of the traffic policy. |
outbound | EndpointRule | the outbound rules on the traffic policy. |
EndpointRule parameters
| Name | Type | Description |
|---|---|---|
expressions | List<string> | cel expressions that filter traffic the policy rule applies to. |
actions | EndpointAction | the set of actions on a policy rule. |
name | string | the name of the rule that is part of the traffic policy. |
EndpointAction parameters
| Name | Type | Description |
|---|---|---|
type | string | the type of action on the policy rule. |
config | object | the configuration for the action on the policy rule. |
Response
Returns a 200 response on success
Example Response
{
"enabled": true,
"inbound": [
{
"actions": [
{
"config": {
"format": "nginx",
"from": "v0/user/([0-9]+).*",
"to": "v1/user?id=$1&$args"
},
"type": "url-rewrite"
},
{
"config": {
"format": "nginx",
"from": "v0/super/secret/path/to/admin.*",
"to": "v1/admin?$is_args$args"
},
"type": "url-rewrite"
}
],
"expressions": ["req.url.contains('v0/')"],
"name": "Rewrite v0 API Calls to v1."
},
{
"actions": [
{
"config": {
"content": "access denied",
"headers": {
"content-type": "text/plain"
},
"status_code": 401
},
"type": "custom-response"
}
],
"expressions": [
"req.method == 'POST' && req.content_length > 10000",
"conn.geo.country_code in ['BR', 'CN', 'CU', 'IR', 'NG', 'RO', 'RU', 'SD', 'SY', 'UA']"
],
"name": "Block POST Requests With Large Content Length From Specific Countries"
},
{
"actions": [
{
"config": {
"status_code": 400
},
"type": "deny"
}
],
"expressions": [
"'ChatGPT' in req.headers['user-agent'] || 'GPTBot' in req.headers['user-agent']"
],
"name": "Block AI Crawler Bots"
}
],
"outbound": [
{
"actions": [
{
"config": {
"metadata": {
"edgeId": "edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2",
"message": "Unsuccessful response",
"routeId": "edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa"
}
},
"type": "log"
}
],
"expressions": ["res.status_code < 200 || res.status_code > 300"],
"name": "Log Unsuccessful Response"
}
]
}
Fields
| Name | Type | Description |
|---|---|---|
enabled | boolean | true if the module will be applied to traffic, false to disable. default true if unspecified |
inbound | EndpointRule | the inbound rules of the traffic policy. |
outbound | EndpointRule | the outbound rules on the traffic policy. |
EndpointRule fields
| Name | Type | Description |
|---|---|---|
expressions | List<string> | cel expressions that filter traffic the policy rule applies to. |
actions | EndpointAction | the set of actions on a policy rule. |
name | string | the name of the rule that is part of the traffic policy. |
EndpointAction fields
| Name | Type | Description |
|---|---|---|
type | string | the type of action on the policy rule. |
config | object | the configuration for the action on the policy rule. |
Get HTTPS Edge Route Policies Module
Request
GET /edges/https/{edge_id}/routes/{id}/policy
Example Request
curl \
-X GET \
-H "Authorization: Bearer {API_KEY}" \
-H "Ngrok-Version: 2" \
https://api.ngrok.com/edges/https/edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2/routes/edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa/policy
Response
Returns a 200 response on success
Example Response
{
"enabled": true,
"inbound": [
{
"actions": [
{
"config": {
"format": "nginx",
"from": "v0/user/([0-9]+).*",
"to": "v1/user?id=$1&$args"
},
"type": "url-rewrite"
},
{
"config": {
"format": "nginx",
"from": "v0/super/secret/path/to/admin.*",
"to": "v1/admin?$is_args$args"
},
"type": "url-rewrite"
}
],
"expressions": ["req.url.contains('v0/')"],
"name": "Rewrite v0 API Calls to v1."
},
{
"actions": [
{
"config": {
"content": "access denied",
"headers": {
"content-type": "text/plain"
},
"status_code": 401
},
"type": "custom-response"
}
],
"expressions": [
"req.method == 'POST' && req.content_length > 10000",
"conn.geo.country_code in ['BR', 'CN', 'CU', 'IR', 'NG', 'RO', 'RU', 'SD', 'SY', 'UA']"
],
"name": "Block POST Requests With Large Content Length From Specific Countries"
},
{
"actions": [
{
"config": {
"status_code": 400
},
"type": "deny"
}
],
"expressions": [
"'ChatGPT' in req.headers['user-agent'] || 'GPTBot' in req.headers['user-agent']"
],
"name": "Block AI Crawler Bots"
}
],
"outbound": [
{
"actions": [
{
"config": {
"metadata": {
"edgeId": "edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2",
"message": "Unsuccessful response",
"routeId": "edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa"
}
},
"type": "log"
}
],
"expressions": ["res.status_code < 200 || res.status_code > 300"],
"name": "Log Unsuccessful Response"
}
]
}
Fields
| Name | Type | Description |
|---|---|---|
enabled | boolean | true if the module will be applied to traffic, false to disable. default true if unspecified |
inbound | EndpointRule | the inbound rules of the traffic policy. |
outbound | EndpointRule | the outbound rules on the traffic policy. |
EndpointRule fields
| Name | Type | Description |
|---|---|---|
expressions | List<string> | cel expressions that filter traffic the policy rule applies to. |
actions | EndpointAction | the set of actions on a policy rule. |
name | string | the name of the rule that is part of the traffic policy. |
EndpointAction fields
| Name | Type | Description |
|---|---|---|
type | string | the type of action on the policy rule. |
config | object | the configuration for the action on the policy rule. |
Delete HTTPS Edge Route Policies Module
Request
DELETE /edges/https/{edge_id}/routes/{id}/policy
Example Request
curl \
-X DELETE \
-H "Authorization: Bearer {API_KEY}" \
-H "Ngrok-Version: 2" \
https://api.ngrok.com/edges/https/edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2/routes/edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa/policy
Response
Returns a 204 response with no body on success