Skip to content

W-23392787 docs: add third-party provider governance experience topics#499

Open
luanamulesoft wants to merge 2 commits into
latestfrom
W-23392787-third-party-provider-governance-topics
Open

W-23392787 docs: add third-party provider governance experience topics#499
luanamulesoft wants to merge 2 commits into
latestfrom
W-23392787-third-party-provider-governance-topics

Conversation

@luanamulesoft

Copy link
Copy Markdown
Contributor

Add six new experience topics for third-party API provider governance:

  • exp-governance-setup-third-party-providers.adoc: Connect to Provider wizard with connection setup, scanner auto-creation, API discovery, and Akamai correlation policy auto-application

  • exp-governance-govern-third-party-apis.adoc: End-to-end workflow for connecting providers, verifying discovered APIs, creating governance strategies with Gateway/Provider filter, monitoring conformance, and exporting reports

  • exp-governance-policy-library-apply.adoc: Policy Library wizard with policy categories (Universal, Access and Security, Performance and Cost, Data Privacy and Integrity, Compliance and Observability) and targeted/supplemental application workflow

  • exp-governance-create-profiles-gateway-provider-filter.adoc: Gateway/Provider filter for governance scope, with provider selection and All Runtimes option

  • exp-governance-monitor-cross-gateway-conformance.adoc: Cross-gateway conformance monitoring with provider/gateway column filtering and Read-Only policy status indicator

  • exp-governance-cross-gateway-policy-audit-export.adoc: CSV export for SOC 2 / GDPR compliance audits with full schema including Organization ID, API ID, Gateway/Provider, Applied policies, Policy Application Status, Conformance status, and Timestamp

Add six new experience topics for third-party API provider governance:

- exp-governance-setup-third-party-providers.adoc: Connect to Provider wizard
  with connection setup, scanner auto-creation, API discovery, and Akamai
  correlation policy auto-application

- exp-governance-govern-third-party-apis.adoc: End-to-end workflow for
  connecting providers, verifying discovered APIs, creating governance strategies
  with Gateway/Provider filter, monitoring conformance, and exporting reports

- exp-governance-policy-library-apply.adoc: Policy Library wizard with policy
  categories (Universal, Access and Security, Performance and Cost, Data Privacy
  and Integrity, Compliance and Observability) and targeted/supplemental
  application workflow

- exp-governance-create-profiles-gateway-provider-filter.adoc: Gateway/Provider
  filter for governance scope, with provider selection and All Runtimes option

- exp-governance-monitor-cross-gateway-conformance.adoc: Cross-gateway
  conformance monitoring with provider/gateway column filtering and Read-Only
  policy status indicator

- exp-governance-cross-gateway-policy-audit-export.adoc: CSV export for SOC 2 /
  GDPR compliance audits with full schema including Organization ID, API ID,
  Gateway/Provider, Applied policies, Policy Application Status, Conformance
  status, and Timestamp

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
@luanamulesoft luanamulesoft self-assigned this Jul 10, 2026
@luanamulesoft luanamulesoft requested a review from a team as a code owner July 10, 2026 03:07
Add exp-governance-third-party-policy-drift.adoc to document policy drift
detection and remediation for third-party API gateway instances (Kong, Apigee,
AWS API Gateway, and Akamai).

Content includes:
- What policy drift is and common causes (manual gateway changes, credential
  issues, policy application failures)
- How to detect drift via conformance dashboard with drift indicators (Missing
  Policy, Extra Policy, Configuration Mismatch)
- Remediation workflow using Policy Library to apply or update policies
- Updating scanner credentials to enable write access and programmatic policy
  application
- Monitoring policy drift over time with CSV exports and trend analysis
- Best practices to prevent drift (restrict gateway access, document
  governance-managed policies, use write-enabled credentials)

This topic provides the linkable target for docs-api-governance-documentation
repo's "Find Policy Drift on Third-Party API Instances" section.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant