Tim Burks, profile picture
Uploaded byTim Burks
21 views

Governing APIs at Scale

The document discusses API governance at scale, emphasizing the need for secure, reliable, and user-friendly APIs while addressing the challenges of collaboration among API platform teams. It outlines 12 requirements for an effective API governance platform, including mechanisms for inclusion, shared language, metadata, lifecycle models, and style guides. Additionally, it highlights the importance of policies, integrations, and open source readiness in ensuring productive API management.

Embed presentation

Download to read offline
Governing APIs at Scale How can we help API platform teams ensure that their organizations make and use secure, reliable, and easy-to-use APIs? Tim Burks / timburks@google.com / @timburks
About suffering they were never wrong, The old masters: how well they understood Its human position: how it takes place While someone else is eating or opening a window or just walking dully along; How, when the aged are reverently, passionately waiting For the miraculous birth, there always must be Children who did not specially want it to happen, skating On a pond at the edge of the wood: They never forgot That even the dreadful martyrdom must run its course Anyhow in a corner, some untidy spot Where the dogs go on with their doggy life and the torturer's horse Scratches its innocent behind on a tree. Landscape with the Fall of Icarus Pieter Bruegel the Elder c. 1650 In Breughel's Icarus, for instance: how everything turns away Quite leisurely from the disaster; the ploughman may Have heard the splash, the forsaken cry, But for him it was not an important failure; the sun shone As it had to on the white legs disappearing into the green Water, and the expensive delicate ship that must have seen Something amazing, a boy falling out of the sky, Had somewhere to get to and sailed calmly on. Musee des Beaux Arts - W. H. Auden (1907-1973)
Governing helps people work together 1 2 3 Quality Consistency Productivity
12 Requirements for an API Governance Platform
1. Inclusion McNamara Fallacy We have a tendency to make the measurable important rather than the important measurable
2. Shared Language API Specifications API Versions Version 1 … Spec 1 APIs API 1 API 2 API n … API Deployments Deployment 1 … …
3. Revision Histories Deployment 1@m Deployment 1@n … Spec 1@i Spec 1@j Spec 1@k … …
4. Metadata (Labels and Artifacts) Artifacts 1 2 n … …
5. Lifecycle Model
6. Search
7. Style Guides name: google-aip display_name: Google API Improvement Proposals mime_types: - application/x.protobuf guidelines: - name: aip126 display_name: Enumerations description: This guideline governs enum objects in proto files. rules: - name: upperSnakeCaseEnumValues description: All enum values must use UPPER_SNAKE_CASE. linter: api-linter linter_rulename: upper-snake-values severity: ERROR - name: unspecifiedEnumSuffix description: > The first value of the enum should be the name of the enum itself followed by the suffix _UNSPECIFIED. linter: api-linter linter_rulename: unspecified severity: WARNING … linters: - name: api-linter uri: https://github.com/googleapis/api-linter
8. Scoring
9. Policies and Controls name: "test-manifest" generated_resources: - pattern: apis/-/versions/-/specs/-/artifacts/complexity dependencies: - pattern: $resource.spec filter: "mime_type.contains('openapi')" action: "registry compute complexity $resource.spec"
10. Integrations
11. Open Source
12. Enterprise-Readiness
1. Inclusion 2. Shared Language 3. Revision Histories 4. Metadata 5. Lifecycle Model 6. Search 12 Requirements for an API Governance Platform 7. Style Guides 8. Scoring 9. Policies and Controls 10. Integrations 11. Open Source 12. Enterprise-Readiness
github.com/apigee/registry

More Related Content

PDF
Usable APIs at Scale
byTim Burks
 
PDF
Build your next REST API with gRPC
byTim Burks
 
PDF
Implementing OpenAPI and GraphQL services with gRPC
byTim Burks
 
PDF
Creating Great REST and gRPC API Experiences (in Swift)
byTim Burks
 
PDF
Networked APIs with swift
byTim Burks
 
PDF
Enforcing API Design Rules for High Quality Code Generation
byTim Burks
 
PDF
Taming Cloud APIs with Swift
byTim Burks
 
PDF
OpenAPI and gRPC Side by-Side
byTim Burks
 
Usable APIs at Scale
byTim Burks
 
Build your next REST API with gRPC
byTim Burks
 
Implementing OpenAPI and GraphQL services with gRPC
byTim Burks
 
Creating Great REST and gRPC API Experiences (in Swift)
byTim Burks
 
Networked APIs with swift
byTim Burks
 
Enforcing API Design Rules for High Quality Code Generation
byTim Burks
 
Taming Cloud APIs with Swift
byTim Burks
 
OpenAPI and gRPC Side by-Side
byTim Burks
 

More from Tim Burks

PDF
Fast and Reliable Swift APIs with gRPC
byTim Burks
 
PDF
Build Great Networked APIs with Swift, OpenAPI, and gRPC
byTim Burks
 
PPTX
What I learned about APIs in my first year at Google
byTim Burks
 
PPTX
CocoaConf: The Language of Mobile Software is APIs
byTim Burks
 
PDF
Interpreting Objective C
byTim Burks
 
PDF
Deep Geek Diving into the iPhone OS and Frameworks
byTim Burks
 
PDF
Building Open Radar
byTim Burks
 
Fast and Reliable Swift APIs with gRPC
byTim Burks
 
Build Great Networked APIs with Swift, OpenAPI, and gRPC
byTim Burks
 
What I learned about APIs in my first year at Google
byTim Burks
 
CocoaConf: The Language of Mobile Software is APIs
byTim Burks
 
Interpreting Objective C
byTim Burks
 
Deep Geek Diving into the iPhone OS and Frameworks
byTim Burks
 
Building Open Radar
byTim Burks
 

Recently uploaded

PDF
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PPTX
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Designing a Blog Using Wordpress
bymarkzubi50
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
How to build hackthon projects from ZERO!
byishantyadav1111
 

Governing APIs at Scale

  • 1.
    Governing APIs atScale How can we help API platform teams ensure that their organizations make and use secure, reliable, and easy-to-use APIs? Tim Burks / timburks@google.com / @timburks
  • 3.
    About suffering theywere never wrong, The old masters: how well they understood Its human position: how it takes place While someone else is eating or opening a window or just walking dully along; How, when the aged are reverently, passionately waiting For the miraculous birth, there always must be Children who did not specially want it to happen, skating On a pond at the edge of the wood: They never forgot That even the dreadful martyrdom must run its course Anyhow in a corner, some untidy spot Where the dogs go on with their doggy life and the torturer's horse Scratches its innocent behind on a tree. Landscape with the Fall of Icarus Pieter Bruegel the Elder c. 1650 In Breughel's Icarus, for instance: how everything turns away Quite leisurely from the disaster; the ploughman may Have heard the splash, the forsaken cry, But for him it was not an important failure; the sun shone As it had to on the white legs disappearing into the green Water, and the expensive delicate ship that must have seen Something amazing, a boy falling out of the sky, Had somewhere to get to and sailed calmly on. Musee des Beaux Arts - W. H. Auden (1907-1973)
  • 6.
    Governing helps peoplework together 1 2 3 Quality Consistency Productivity
  • 7.
    12 Requirements foran API Governance Platform
  • 8.
    1. Inclusion McNamara Fallacy Wehave a tendency to make the measurable important rather than the important measurable
  • 9.
    2. Shared Language API Specifications APIVersions Version 1 … Spec 1 APIs API 1 API 2 API n … API Deployments Deployment 1 … …
  • 10.
    3. Revision Histories Deployment1@m Deployment 1@n … Spec 1@i Spec 1@j Spec 1@k … …
  • 11.
    4. Metadata (Labelsand Artifacts) Artifacts 1 2 n … …
  • 12.
  • 13.
  • 14.
    7. Style Guides name:google-aip display_name: Google API Improvement Proposals mime_types: - application/x.protobuf guidelines: - name: aip126 display_name: Enumerations description: This guideline governs enum objects in proto files. rules: - name: upperSnakeCaseEnumValues description: All enum values must use UPPER_SNAKE_CASE. linter: api-linter linter_rulename: upper-snake-values severity: ERROR - name: unspecifiedEnumSuffix description: > The first value of the enum should be the name of the enum itself followed by the suffix _UNSPECIFIED. linter: api-linter linter_rulename: unspecified severity: WARNING … linters: - name: api-linter uri: https://github.com/googleapis/api-linter
  • 15.
  • 16.
    9. Policies andControls name: "test-manifest" generated_resources: - pattern: apis/-/versions/-/specs/-/artifacts/complexity dependencies: - pattern: $resource.spec filter: "mime_type.contains('openapi')" action: "registry compute complexity $resource.spec"
  • 17.
  • 18.
  • 19.
  • 20.
    1. Inclusion 2. SharedLanguage 3. Revision Histories 4. Metadata 5. Lifecycle Model 6. Search 12 Requirements for an API Governance Platform 7. Style Guides 8. Scoring 9. Policies and Controls 10. Integrations 11. Open Source 12. Enterprise-Readiness
  • 21.