Skip to main content

Edge Route Policy Module

warning

Traffic Policy is currently in preview. Breaking changes may occur at any time with no notice, including changes to the structure of policy documents, the behaviors of policies, and the pricing of this feature.

Replace HTTPS Edge Route Policies Module

Request

PUT /edges/https/{edge_id}/routes/{id}/policy

Example Request

curl \
-X PUT \
-H "Authorization: Bearer {API_KEY}" \
-H "Content-Type: application/json" \
-H "Ngrok-Version: 2" \
-d '{"enabled":true,"inbound":[{"actions":[{"config":{"format":"nginx","from":"v0/user/([0-9]+).*","to":"v1/user?id=$1&$args"},"type":"url-rewrite"},{"config":{"format":"nginx","from":"v0/super/secret/path/to/admin.*","to":"v1/admin?$is_args$args"},"type":"url-rewrite"}],"expressions":["req.url.contains('v0/')"],"name":"Rewrite v0 API Calls to v1."},{"actions":[{"config":{"content":"access denied","headers":{"content-type":"text/plain"},"status_code":401},"type":"custom-response"}],"expressions":["req.method == 'POST' && req.content_length > 10000","conn.geo.country_code in ['BR', 'CN', 'CU', 'IR', 'NG', 'RO', 'RU', 'SD', 'SY', 'UA']"],"name":"Block POST Requests With Large Content Length From Specific Countries"},{"actions":[{"config":{"status_code":400},"type":"deny"}],"expressions":["'ChatGPT' in req.headers['user-agent'] || 'GPTBot' in req.headers['user-agent']"],"name":"Block AI Crawler Bots"}],"outbound":[{"actions":[{"config":{"metadata":{"edgeId":"edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2","message":"Unsuccessful response","routeId":"edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa"}},"type":"log"}],"expressions":["res.status_code < 200 || res.status_code > 300"],"name":"Log Unsuccessful Response"}]}' \
https://api.ngrok.com/edges/https/edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2/routes/edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa/policy

Parameters

NameTypeDescription
enabledbooleantrue if the module will be applied to traffic, false to disable. default true if unspecified
inboundEndpointRulethe inbound rules of the traffic policy.
outboundEndpointRulethe outbound rules on the traffic policy.

EndpointRule parameters

NameTypeDescription
expressionsList<string>cel expressions that filter traffic the policy rule applies to.
actionsEndpointActionthe set of actions on a policy rule.
namestringthe name of the rule that is part of the traffic policy.

EndpointAction parameters

NameTypeDescription
typestringthe type of action on the policy rule.
configobjectthe configuration for the action on the policy rule.

Response

Returns a 200 response on success

Example Response

{
"enabled": true,
"inbound": [
{
"actions": [
{
"config": {
"format": "nginx",
"from": "v0/user/([0-9]+).*",
"to": "v1/user?id=$1&$args"
},
"type": "url-rewrite"
},
{
"config": {
"format": "nginx",
"from": "v0/super/secret/path/to/admin.*",
"to": "v1/admin?$is_args$args"
},
"type": "url-rewrite"
}
],
"expressions": ["req.url.contains('v0/')"],
"name": "Rewrite v0 API Calls to v1."
},
{
"actions": [
{
"config": {
"content": "access denied",
"headers": {
"content-type": "text/plain"
},
"status_code": 401
},
"type": "custom-response"
}
],
"expressions": [
"req.method == 'POST' && req.content_length > 10000",
"conn.geo.country_code in ['BR', 'CN', 'CU', 'IR', 'NG', 'RO', 'RU', 'SD', 'SY', 'UA']"
],
"name": "Block POST Requests With Large Content Length From Specific Countries"
},
{
"actions": [
{
"config": {
"status_code": 400
},
"type": "deny"
}
],
"expressions": [
"'ChatGPT' in req.headers['user-agent'] || 'GPTBot' in req.headers['user-agent']"
],
"name": "Block AI Crawler Bots"
}
],
"outbound": [
{
"actions": [
{
"config": {
"metadata": {
"edgeId": "edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2",
"message": "Unsuccessful response",
"routeId": "edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa"
}
},
"type": "log"
}
],
"expressions": ["res.status_code < 200 || res.status_code > 300"],
"name": "Log Unsuccessful Response"
}
]
}

Fields

NameTypeDescription
enabledbooleantrue if the module will be applied to traffic, false to disable. default true if unspecified
inboundEndpointRulethe inbound rules of the traffic policy.
outboundEndpointRulethe outbound rules on the traffic policy.

EndpointRule fields

NameTypeDescription
expressionsList<string>cel expressions that filter traffic the policy rule applies to.
actionsEndpointActionthe set of actions on a policy rule.
namestringthe name of the rule that is part of the traffic policy.

EndpointAction fields

NameTypeDescription
typestringthe type of action on the policy rule.
configobjectthe configuration for the action on the policy rule.

Get HTTPS Edge Route Policies Module

Request

GET /edges/https/{edge_id}/routes/{id}/policy

Example Request

curl \
-X GET \
-H "Authorization: Bearer {API_KEY}" \
-H "Ngrok-Version: 2" \
https://api.ngrok.com/edges/https/edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2/routes/edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa/policy

Response

Returns a 200 response on success

Example Response

{
"enabled": true,
"inbound": [
{
"actions": [
{
"config": {
"format": "nginx",
"from": "v0/user/([0-9]+).*",
"to": "v1/user?id=$1&$args"
},
"type": "url-rewrite"
},
{
"config": {
"format": "nginx",
"from": "v0/super/secret/path/to/admin.*",
"to": "v1/admin?$is_args$args"
},
"type": "url-rewrite"
}
],
"expressions": ["req.url.contains('v0/')"],
"name": "Rewrite v0 API Calls to v1."
},
{
"actions": [
{
"config": {
"content": "access denied",
"headers": {
"content-type": "text/plain"
},
"status_code": 401
},
"type": "custom-response"
}
],
"expressions": [
"req.method == 'POST' && req.content_length > 10000",
"conn.geo.country_code in ['BR', 'CN', 'CU', 'IR', 'NG', 'RO', 'RU', 'SD', 'SY', 'UA']"
],
"name": "Block POST Requests With Large Content Length From Specific Countries"
},
{
"actions": [
{
"config": {
"status_code": 400
},
"type": "deny"
}
],
"expressions": [
"'ChatGPT' in req.headers['user-agent'] || 'GPTBot' in req.headers['user-agent']"
],
"name": "Block AI Crawler Bots"
}
],
"outbound": [
{
"actions": [
{
"config": {
"metadata": {
"edgeId": "edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2",
"message": "Unsuccessful response",
"routeId": "edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa"
}
},
"type": "log"
}
],
"expressions": ["res.status_code < 200 || res.status_code > 300"],
"name": "Log Unsuccessful Response"
}
]
}

Fields

NameTypeDescription
enabledbooleantrue if the module will be applied to traffic, false to disable. default true if unspecified
inboundEndpointRulethe inbound rules of the traffic policy.
outboundEndpointRulethe outbound rules on the traffic policy.

EndpointRule fields

NameTypeDescription
expressionsList<string>cel expressions that filter traffic the policy rule applies to.
actionsEndpointActionthe set of actions on a policy rule.
namestringthe name of the rule that is part of the traffic policy.

EndpointAction fields

NameTypeDescription
typestringthe type of action on the policy rule.
configobjectthe configuration for the action on the policy rule.

Delete HTTPS Edge Route Policies Module

Request

DELETE /edges/https/{edge_id}/routes/{id}/policy

Example Request

curl \
-X DELETE \
-H "Authorization: Bearer {API_KEY}" \
-H "Ngrok-Version: 2" \
https://api.ngrok.com/edges/https/edghts_2hrGzFXBFh5GMlgGeqQ6Ms1xzv2/routes/edghtsrt_2hrGzDNSmgxEDJSKMPaKYauSUMa/policy

Response

Returns a 204 response with no body on success