Skip to main content

TLS Edge Policy Module

Replace TLS Edge Policy Module

Request

PUT /edges/tls/{id}/policy

Example Request

curl \
-X PUT \
-H "Authorization: Bearer {API_KEY}" \
-H "Content-Type: application/json" \
-H "Ngrok-Version: 2" \
-d '{"enabled":true,"inbound":[{"actions":[{"config":{"metadata":{"edgeId":"edgtls_2gsqMyx0XCpx46XH86fGjUGn46h","message":"Invalid TLS Version"}},"type":"log"},{"type":"deny"}],"expressions":["conn.tls.version.contains('1.3')"],"name":"AllowTLS1.3"}]}' \
https://api.ngrok.com/edges/tls/edgtls_2gsqMyx0XCpx46XH86fGjUGn46h/policy

Parameters

NameTypeDescription
enabledbooleantrue if the module will be applied to traffic, false to disable. default true if unspecified
inboundEndpointRulethe inbound rules of the traffic policy.
outboundEndpointRulethe outbound rules on the traffic policy.

EndpointRule parameters

NameTypeDescription
expressionsList<string>cel expressions that filter traffic the policy rule applies to.
actionsEndpointActionthe set of actions on a policy rule.
namestringthe name of the rule that is part of the traffic policy.

EndpointAction parameters

NameTypeDescription
typestringthe type of action on the policy rule.
configobjectthe configuration for the action on the policy rule.

Response

Returns a 200 response on success

Example Response

{
"enabled": true,
"inbound": [
{
"actions": [
{
"config": {
"metadata": {
"edgeId": "edgtls_2gsqMyx0XCpx46XH86fGjUGn46h",
"message": "Invalid TLS Version"
}
},
"type": "log"
},
{
"config": null,
"type": "deny"
}
],
"expressions": ["conn.tls.version.contains('1.3')"],
"name": "AllowTLS1.3"
}
],
"outbound": null
}

Fields

NameTypeDescription
enabledbooleantrue if the module will be applied to traffic, false to disable. default true if unspecified
inboundEndpointRulethe inbound rules of the traffic policy.
outboundEndpointRulethe outbound rules on the traffic policy.

EndpointRule fields

NameTypeDescription
expressionsList<string>cel expressions that filter traffic the policy rule applies to.
actionsEndpointActionthe set of actions on a policy rule.
namestringthe name of the rule that is part of the traffic policy.

EndpointAction fields

NameTypeDescription
typestringthe type of action on the policy rule.
configobjectthe configuration for the action on the policy rule.

Get TLS Edge Policy Module

Request

GET /edges/tls/{id}/policy

Example Request

curl \
-X GET \
-H "Authorization: Bearer {API_KEY}" \
-H "Ngrok-Version: 2" \
https://api.ngrok.com/edges/tls/edgtls_2gsqMyx0XCpx46XH86fGjUGn46h/policy

Response

Returns a 200 response on success

Example Response

{
"enabled": true,
"inbound": [
{
"actions": [
{
"config": {
"metadata": {
"edgeId": "edgtls_2gsqMyx0XCpx46XH86fGjUGn46h",
"message": "Invalid TLS Version"
}
},
"type": "log"
},
{
"config": null,
"type": "deny"
}
],
"expressions": ["conn.tls.version.contains('1.3')"],
"name": "AllowTLS1.3"
}
],
"outbound": null
}

Fields

NameTypeDescription
enabledbooleantrue if the module will be applied to traffic, false to disable. default true if unspecified
inboundEndpointRulethe inbound rules of the traffic policy.
outboundEndpointRulethe outbound rules on the traffic policy.

EndpointRule fields

NameTypeDescription
expressionsList<string>cel expressions that filter traffic the policy rule applies to.
actionsEndpointActionthe set of actions on a policy rule.
namestringthe name of the rule that is part of the traffic policy.

EndpointAction fields

NameTypeDescription
typestringthe type of action on the policy rule.
configobjectthe configuration for the action on the policy rule.

Delete TLS Edge Policy Module

Request

DELETE /edges/tls/{id}/policy

Example Request

curl \
-X DELETE \
-H "Authorization: Bearer {API_KEY}" \
-H "Ngrok-Version: 2" \
https://api.ngrok.com/edges/tls/edgtls_2gsqMyx0XCpx46XH86fGjUGn46h/policy

Response

Returns a 204 response with no body on success