Résumé du cours
In this course you will go through the Apigee journey as a product lead for a new application. You will take roles on the development and security teams.
You will take an API originally designed for an on-premises legacy application use and modernize it for the cloud using Apigee X. You will follow Google Cloud best practices alongside Apigee X to design a secure, scalable and resilient platform for your company’s needs.
Moyens d'évaluation :
- Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module
- Évaluation sous forme de questionnaire à l’issue de la formation
A qui s'adresse cette formation
Application developers, API engineers, Solution architects, Security engineers, DevOps engineers. Those who are responsible for the solutioning design, implementation, or management of APIs , API products, or digital products that leverage APIs.
Pré-requis
Completion of the “Developing APIs with Google Cloud's Apigee API Platform” course or equivalent experience with Google Cloud and Apigee.
Objectifs
- Expose security vulnerabilities typically found in legacy API’s
- Secure the backend of your legacy application using mutual TLS
- Secure API access with API Keys
- Design applications with an API first design using the OpenAPI specification
- Integrate your API proxy with the Cloud Data Loss Prevention (DLP) API
- Best practices for site reliability with Apigee using monitoring and logging
- Modernize application deployment using Cloud Run and Cloud Build
- Authentication using API Keys and Firebase Authentication with Apigee
- Harden APIs using Apigee Policies and Cloud Armor
- Mitigate external threats with reCAPTCHA Enterprise
- Leverage Apigee Analytics to show custom data capture and reporting
- Leverage Cloud Code in your development environment to locally emulate Apigee
- Use Apigee Integration to improve connectivity with other services in Google Cloud
Contenu
Module 1 - Why Apigee X
- Why Apigee X
- Introduction to use case - Who are you?
- One/Two-Way TLS
- Getting Started
- LAB - Introduction to the Legacy Application and Apigee
Module 2 - The Target
- Implement a mTLS gateway
- API Keys
- Control your API Response
- LAB - The Target
Module 3 - API First Design with OpenAPI
- API First Design
- The Show Me Now Rest API
- What is OpenAPI
- Apigee Debugging
- LAB - API First Design with OpenAPI
Module 4 - Integrating External Services
- Cloud Data Loss Prevention API (DLP)
- Apigee ServiceCallout Policy
- Message Logging/Cloud Logging
- Uptime Checks
- Alerting policy
- LAB - Integrating External Services
Module 5 - Consuming Apigee Resources
- Introducing the Client Application
- Application Build Tools
- Firebase Authentication
- Apigee Security Policies
- LAB - Integrating a Client Application
Module 6 - Hardening your API
- API security vulnerabilities
- JSON threat protection policies
- Cloud Armour
- The Hacker tools
- LAB - Hardening your API
Module 7 - External Threat Mitigation
- reCAPTCHA Enterprise
- Apigee Data Collection
- Apigee Custom Reports
- LAB - External threat mitigation with reCapture enterprise
Module 8 - Expand your Apigee Toolset
- The Apigee management API
- API Proxy Deployment Options
- Local development using Cloud Code
- Apigee emulator
- Development workflow
- LAB - Developing for Apigee using Cloud Code
Module 9 - Apigee Integration
- Introduction to Application Integration
- Triggers
- Tasks
- Apigee Integration policies
- LAB - Expanding your API with Apigee Integrations
Module 10 - Summary
- Debrief
- Apigee Flavors - X or Hybrid
- What's Next
Moyens Pédagogiques :