APIs (Application Programming Interface) form the cornerstone of today’s digital ecosystems. They enable the creation of a connective network among a number of different services. As companies continue to invest into an API economy, a unified platform to manage these APIs becomes critical to the success of API programs. This is where Google Cloud’s Apigee API platform comes to the aid of enterprises. Apigee enables businesses to seamlessly connect data and applications with secure and manageable APIs across multi-cloud and hybrid environments.
What is Apigee?
Apigee is a cross-platform service for developing and managing API proxies. By creating a proxy layer for your actual APIs, Apigee provides security, rate limiting, quota, and analytics for delivering connected digital experiences.
Why do you need Apigee?
While exposing the APIs to the public, you may face challenges like:
- Securing your APIs from OWASP threats.
- Enforcing DDoS protection, and OAuth and JWT based access control.
- Generating rate-plans and monetizing APIs.
- Generating business use-case related analytics reports.
Apigee can perform these activities with minimal configuration. This drastically reduces the development effort required to make the APIs public ready.
Where can Apigee be placed in your architecture?
A simple answer to this is: Right in front of your backend APIs. Let's consider this scenario -
The backend APIs are deployed in Google Cloud, Azure and AWS with each cloud deployment having a Load Balancer in front. Apigee can be placed in front of the Load Balancers. Apigee is connected to the backend APIs over the public internet. To ensure authentication, Mutual TLS is enabled between Apigee and the Load Balancers.
In an alternate scenario -
Instead of a multi-cloud setup, you have the backend APIs deployed only in Google Cloud. In this case, connecting Apigee to the backend APIs over the public internet only adds latency. It is beneficial to have Apigee present in the VPC. For this, there are Apigee variants available that suit different requirements.
Apigee Variants
Apigee has four variants based upon the underlying Apigee runtime and the residing locations of the management plane.
Apigee Edge
- Apigee Edge is the public cloud, SaaS version of Apigee.
- Both the runtime and the management plane are in the cloud, and not under your control.
- No direct networking setup between Apigee cloud and your VPC.
- All connections to Apigee, and Apigee to the backend services are over the public internet.
- Apigee Edge can reside in front of any cloud provider or on-prem service.
Apigee X
- Apigee X is the latest variant released by Google.
- Similar to Apigee Edge, in Apigee X, both the management plane and the runtime are managed by GCP.
- The Apigee runtime resides in your VPC Network, and a GCP HTTP(s) Load Balancer serves as the entry point into Apigee.
- Apigee X is currently available only in Google Cloud.
Apigee Hybrid
- In Apigee Hybrid, you control the runtime, and is essentially an Anthos GKE cluster.
- Since Anthos GKE cluster can be deployed on multiple cloud providers, Apigee Hybrid can also be installed in different providers.
- A list of supported providers can be accessed here.
Apigee On-Prem
- Apigee on-prem is a complete deployment of Apigee in your on-prem data center.
- You manage all the Apigee runtime components as well as the management plane.
In the previous scenario, Apigee Hybrid or Apigee X can be used instead of Apigee Edge. This allows Apigee to reside in the same network as your services, thus adding security and reducing latency.
How can Apigee be used in the overall infrastructure?
Let’s understand the core features of Apigee to learn how Apigee helps in simplifying the application stack.
Apigee Policies
Apigee policies are pre-written code snippets that perform a specified task. These code snippets can be added anywhere in the request or the response flow by configuring the policy and without additional development.
The types of policies available in Apigee are:
- Security policies that let you enforce security schemes like OWASP protection, API Key validation, OAuth, JWT, etc.
- Traffic management policies allow you to enforce rate limiting. These include DDoS protection and Quotas.
- Mediation policies allow you to extract, modify and process the request or the response data.
- Extension policies enable you to connect Apigee to other services. These may include other Google Cloud or third party services, or writing your custom policy.
API Products
API products are a mechanism to bundle APIs into a single product. A consumer chooses to access a certain set of APIs pertaining to a use-case. These APIs can be bundled into a single API Product, and a set of credentials can be generated to grant access to them.
Apigee Monetization
Using Apigee’s Monetization feature, you can set up prepaid or postpaid rate plans for your API products. Apigee Monetization can completely take control of the transactions that occur per request, and can provide mechanisms to top-up as well as purchase new products.
Apigee Monitoring and Apigee Sense
Apigee has a robust monitoring and analytics dashboard. It also allows you to generate custom analytics metrics based upon certain request or response data. This can allow you to create dashboards for specific business use cases.
Apigee Sense is an AI powered error reporting system, which learns the normal traffic patterns and alerts you when an abnormal pattern is detected.
Apigee allows you to maintain a single management plane for all the APIs, providing businesses with a robust foundation for enterprise digital transformation. Apigee can act as the single point of entry regardless of the actual residing locations of the APIs. This makes it a crucial component of your application infrastructure. It improves performance and efficiency while extending more security and protection.
Get in touch with our digital engineering experts today to start building your business’ digital future.
