We’re pleased to announce that API Gateway now supports network security groups (NSGs) and payloads up to 20 MB for HTTP backends.
Network security groups
Network security groups (NSGs) act as a virtual firewall that you can apply to your Compute instances with other Oracle Cloud Infrastructure (OCI) resources, including API Gateway. Like security lists which are applied to a subnet, NSGs define rules for ingress and egress network access. For example, you can create a network security group for API Gateway to allow HTTPS traffic to ingress to any gateway that includes that group.
Defining rules for an NSG works like security lists, but unlike security lists, you can apply individual NSGs to a resource on the network. So, the same subnet can have different ingress and egress network rules for different resources, providing much more flexibility. For example, a Compute resource that provides API implementations as HTTP/s backends can have a group that allows traffic from the API Gateway NSG.
When creating or updating an API Gateway, you can attach up to five NSGs to flexibly apply network security rules.
Larger payloads
The maximum payload for HTTP requests has increased from 6 MB to 20 MB. Many APIs are called on to handle larger payloads, such as uploading an image from a camera phone or large JSON data payloads. Because API Gateway is often used before Oracle Functions, which supports up to 6 MB, the gateway used to limit requests to 6 MB. With this change, API Gateway still protects functions and enforces a 6-MB limit when using a function as a backend. When using HTTP/S as a backend, API Gateway now supports up to 20 MB. These limits apply to the request only. The response can be larger if it completes within the timeout limits. This process doesn’t require any special configuration of the API gateways or deployments. To learn more, see API Gateway Limits.
Learn more
For more details, see the following release notes for these features: