Download as PDF, PPTX
Uploaded byFaisal Banaeamah
Core Dimensions of API Management
The document presents a detailed overview of API management, including various API styles, types, and the Amazon API Gateway's functionalities such as security models, monetization, and access control. It discusses the importance of APIs as entry points for business services and the role of identity access management in securing APIs. Additionally, it highlights technical aspects of architecting with Amazon API Gateway for optimal performance and user engagement.
More Related Content
Similar to Core Dimensions of API Management
![[Workshop] API-driven Integration](https://cdn.slidesharecdn.com/ss_thumbnails/workshopapidrivenintegration1-200207075321-thumbnail.jpg?width=640&height=640&fit=bounds)
![[WSO2 Summit EMEA 2020] APIs: The Products of the 21st Century](https://cdn.slidesharecdn.com/ss_thumbnails/apistheproductsofthe21stcentury-sanjeewa-summit2020-200923130345-thumbnail.jpg?width=640&height=640&fit=bounds)
![[WSO2Con EU 2018] WSO2 API Manager - Why, What, How, and What's Next](https://cdn.slidesharecdn.com/ss_thumbnails/eucon-2018-wso2apimanagerwhywhathowandwhatsnext-181114092949-thumbnail.jpg?width=640&height=640&fit=bounds)
Core Dimensions of API Management
- 1. Core Dimensions of APIManagement Faisal Mohammed Banaeamah – محمد فيصلباناعمة Senior Architect at Elm Company LinkedIn - @banaeamah September 1st, 2020
- 2. 2 Biography • Development background •Solution architecture • API transformation • PaaS and containerization • Cloud computing • Microservices • APIs
- 3. 3 Agenda • Introduction toAPIs Styles Classification • API Management Overview Identity Access Management • Amazon API Gateway • Security Models in Amazon API Gateway API Endpoints • Architecting with Amazon API Gateway • Open Discussion
- 4. 4 Before We Start •This session is in Arabic However, discussions in English are welcome • Let’s make it interactive Quick questions Short discussions • Pauses between sections Suitable for 1-minute question or discussion
- 5.
- 6. 6 Introduction to APIs •Application Programming Interfaces Entry points or front door to access business capabilities o Business logic, data, transaction or functionality Through different channels Share information Building blocks to connect applications
- 7. 7 Introduction to APIs(Cont’d) Self-Service One-to-Many Reusability Creation Evolution Documentation
- 8. 8 API Classification APITypes DirectAPI Backend-to-Backend Portal API SPA MobileAPI Androidor iOS IoT Internet ofThings Client context only Device context User and client context
- 9. 9 API Styles API Styles GraphQLgRPC URI: CRUD Hypermedia Tunnel: SOAP Event Driven HTTP WebHooks WebSockets Non-HTTP AMQP Apache Kafka
- 10. 10 OpenAPI Initiative (OAI) •OpenAPI Specification (OAS) Industry standard Programming language-agnostic interface Description for modern APIs Enables humans and computers to discover and understand API capabilities
- 11.
- 12. 12 Management API Management: Dimensions APILifecycle (Creation and Maintenance) Security (API Gateway) Publishing (Engagement and Developer Portal) Monetization Monitoring (Analytics and Alerts)
- 13. 13 API Management andIdentity Access Management API Management (APIM) • Authentication • Authorization • Single sign-on • Logging • Federation • Entitlements: (grants / revokes) Identity Access Management (IAM) • Access control • Rate limiting • Documentation • Analytics • Alerts • Monetization • Developer Portal Client Applications
- 14.
- 15. 15 Amazon API Gateway •APIM-as-a-Service • Support variety of workloads Containerized Serverless Web applications Amazon API Gateway AWS Lambda Web Application
- 16. 16 Amazon API Gateway:Tasks Traffic Management CORS Authorization Throttling (Rate + Burst) Caching Monitoring Access Control Versioning
- 17. 17 Amazon API Gateway:Tasks Traffic Management CORS Authorization Throttling (Rate + Burst) Caching Monitoring Access Control Versioning
- 18. 18 Amazon API Gateway:Throttling •Rate Limits •1K requests/second for a specific method in an API •Burst Limits •2K requests/second for a few seconds •Requests over limit receive 429 HTTP response
- 19. 19 Amazon API Gateway:Caching • Improves performance By reducing traffic to backend • Control cache key with time-to-live (TTL) Usage Plan Stage Caching o E.g. stage is prod or sandbox
- 20. 20 Amazon API Gateway:Monitoring • Monitoring dashboard with Amazon CloudWatch Visualize API calls Performance metrics and information on API calls Data latency Error rates Amazon CloudWatchAmazon API Gateway
- 21. 21 Amazon API Gateway:Developer Portal • Serverless Developer Portal to publish Managed APIs o Directly from Amazon API Gateway Self-managed APIs o OpenAPI Specs Serverless Developer Portal on GitHub: https://github.com/awslabs/aws-api-gateway-developer-portal. Discover API Browse Docs RegisterTry out Monitor Usage Self-Service
- 22. 22 Amazon API Gateway:Monetization • To monetize APIs on Amazon API Gateway Publish APIs in AWS Marketplace API provider to register as a seller Submit usage plans on as products AWS MarketplaceAmazon API Gateway Monetize APIs in AWS Marketplace: https://aws.amazon.com/blogs/compute/monetize-your-apis-in-aws-marketplace-using-api-gateway/.
- 23. 23 Security Models inAmazon API Gateway
- 24. 24 Amazon API Gateway:API Endpoints API Endpoints Edge- Optimized Regional Private Geographically distributed clients Amazon CloudFront PoP Clients in same region Less connection overhead Custom domains for multiple regions with Amazon Route 53 Amazon Virtual Private Cloud (VPC) Interface VPC endpoint
- 25. 25 Amazon API Gateways:API Types . Stateless REST HTTP Stateful WebSocket Request/response model synchronous Regional API endpoints 71% Cheaper HTTP APIs vs. REST APIs: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-vs-rest.html. AWS IAM Usage plans API Keys All: Edge-optimized Reactive model Bidirectional Real-time apps: chat, collaboration
- 26. 26 Amazon API Gateway:Access Control AWS Identity and Access Management Amazon CognitoAmazon API Gateway Lambda authorizer function (custom) OAuth2 JWT Authorizers OIDC
- 27. 27 Amazon API Gateway:Access Control (Cont’d) Application-Level Roles and Policies IAMTags User Pools Lambda Authorizers Token-based Request-based Network-Level Resource Policies Endpoint Policies Amazon CognitoAWS IAM Lambda function VPC Endpoints API Key • To identify an app developer who uses REST or WebSocket APIs. • Auto-generated or self-provided. • Be used with Lambda Authorizers or Usage Plans
- 28. 28 Architecting with AmazonAPI Gateway
- 29. 29 Architecture: API PrivateEndpoint Elastic Network Interface Amazon EC2 (Private IP) Private Subnet API Consumer API Endpoint 1 Amazon API Gateway API Endpoint 2 API Endpoint N . . . API Provider
- 30. 30 Architecture: API Edge-Optimized Mobile apps Websites Services AmazonAPI Gateway Amazon CloudFront API Gateway cache Amazon CloudWatch Lambda function API EndpointInternet External API Endpoint
- 31. 31 Architecture: External IdentityProvider Amazon API Gateway Lambda authorizer Resource Client External Identity Provider (IdP) Resource Owner 1 2 3 4 5 6
- 32.