Using data residency with Apigee hybrid
Stay organized with collections Save and categorize content based on your preferences.

Overview

Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored. With data residency, selecting the control plane location ensures that all customer content is stored within the specified region.

For an overview of data residency for Apigee, see Introduction to data residency.

Data residency with Apigee hybrid

Starting with hybrid version 1.12, you can use Data residency with new Apigee hybrid installations. You cannot convert an existing installation to use data residency.

When creating your Apigee org

Creating your Apigee organization using data residency requires the following differences. See Step 2: Create an organization.

Control plane location: You need to specify the location where customer core content like proxy bundles are stored. For a list see Available Apigee API control plane regions.

The control plane location is the location of the service endpoint location, for example us for United States.

The following table lists available hosting jurisdictions and regions for the Apigee control plane.

Americas

Control plane hosting jurisdiction description	Control plane hosting jurisdiction name	Details
United States	`us (multiple regions in United States)`	Service endpoint: `us-apigee.googleapis.com`
Canada	`ca (multiple regions in Canada)`	Service endpoint: `ca-apigee.googleapis.com`

Consumer data region description	Consumer data region name	Details
Iowa	`us-central1`	Low CO₂
Oregon	`us-west1`	Low CO₂
Los Angeles	`us-west2`
Salt Lake City	`us-west3`
Las Vegas	`us-west4`
South Carolina	`us-east1`
Northern Virginia	`us-east4`
Columbus	`us-east5`
Dallas	`us-south1`
Montréal	`northamerica-northeast1`	Low CO₂
Toronto	`northamerica-northeast2`	Low CO₂

Europe

Control plane hosting jurisdiction description	Control plane hosting jurisdiction name	Details
European Union	`eu (multiple regions in the European Union)`	Service endpoint: `eu-apigee.googleapis.com`
Germany	`de (multiple regions in Germany)`	Service endpoint: `de-apigee.googleapis.com`
France	`fr (single region europe-west9)`	Service endpoint: `fr-apigee.googleapis.com`
Switzerland	`ch (single region europe-west6)`	Service endpoint: `ch-apigee.googleapis.com`

Consumer data region description	Consumer data region name	Details
Belgium	`europe-west1`	Low CO₂
Frankfurt	`europe-west3`	Low CO₂
Netherlands	`europe-west4`
Zurich	`europe-west6`	Low CO₂
Milan	`europe-west8`
Paris	`europe-west9`	Low CO₂
Turin	`europe-west12`
Warsaw	`europe-central2`
Madrid	`europe-southwest1`	Low CO₂
Finland	`europe-north1`	Low CO₂

Asia-Pacific

Control plane hosting jurisdiction description	Control plane hosting jurisdiction name	Details
Australia	`au (multiple regions in Australia)`	Service endpoint: `au-apigee.googleapis.com`
India	`in (multiple regions in India)`	Service endpoint: `in-apigee.googleapis.com`
Japan	`jp (multiple regions in Japan)`	Service endpoint: `jp-apigee.googleapis.com`

Consumer data region description	Consumer data region name	Details
Sydney	`australia-southeast1`
Melbourne	`australia-southeast2`
Mumbai	`asia-south1`
Delhi	`asia-south2`
Tokyo	`asia-northeast1`
Osaka	`asia-northeast2`

Middle East

Control plane hosting juridiction description	Control plane hosting jurisdiction name	Details
Saudi Arabia	`sa (single region me-central2)`	Service endpoint: `sa-apigee.googleapis.com`
Israel	`il (single region me-west1)`	Service endpoint: `il-apigee.googleapis.com`

Consumer data region description	Consumer data region name	Details
Dammam	`me-central2`
Tel Aviv	`me-west1`

Consumer data region: You need to specify a region where API consumer data is stored. This must be a sub-region of the control plane region. For a list of available consumer data regions, see Apigee locations.
Billing type: You can only use data residency with paid subscription orgs.

When creating environments

When creating environments in and installation using data residency, you must create them in the control plane location. See Step 3: Create an environment group.

Overrides file adjustments

When using data residency, you must add the contractProvider configuration property to each overrides file and point it to the path for APIs in the control plane location. For example:

 instanceID: "my_hybrid_example" namespace: apigee gcp: projectID: hybrid-example region: us-central1 k8sCluster: name: apigee-hybrid region: us-central1 org: hybrid-example contractProvider: https://us-apigee.googleapis.com

See Step 6: Create the overrides

When calling the Apigee APIs

When you make curl calls to Apigee APIs to perform tasks in your hybrid installation, you will need to call APIs from within the control plane location. For example:

curl -H "Authorization: Bearer $TOKEN" \ "https://$CONTROL_PLANE_LOCATION-apigee.googleapis.com/v1/organizations/$ORG_NAME/envgroups"

curl -H "Authorization: Bearer $TOKEN" \ "https://us-apigee.googleapis.com/v1/organizations/my-hybrid-org/envgroups"

Note: If you are using forward proxy with data residency, you must allowlist: CONTROL_PLANE_LOCATION-apigee.googleapis.com for each control plane location.

If your security protocols permit, you can allowlist *-apigee.googleapis.com

For a list of specific URLs required by Apigee hybrid, see Google Cloud URLs to allow for Hybrid.

Using data residency with Apigee hybrid Stay organized with collections Save and categorize content based on your preferences.