Drop-in API gateway policy examples for manipulating headers

You can accomplish a wide range of tasks by manipulating headers in the requests and responses that pass through your API gateway. For example, you can update the host header to avoid errors when making requests to upstream services, remove service details from response headers to protect sensitive information, add tracing/logging details to inject crucial information about the request-response lifecycle into your upstream service, streamline headers to control logging compute and costs, create SLA rules and report on metrics, enable geo-aware services by adding a header that triggers a localization service based on country codes, and take further action on added, edited, or removed headers. These actions can be combined using expressions and CEL interpolations to achieve more complex logic and processing at the API gateway level.