Downloaded 108 times
More Related Content
Similar to Implement API Gateway using Azure API Management
Implement API Gateway using Azure API Management
- 1. IMPLEMENT API GATEWAYUSING AZURE API MANAGEMENT ALEXANDER LAYSHA, CHIEF SOFTWARE ENGINEER AT EPAM SYSTEMS
- 2. AGENDA • WHY WEIMEPLEMENTED API GATEWAY • INTRODUCTION TO AZURE API MANAGEMENT • DESIGN FOR PRICING TIERS • OVERVIEW OF PUBLISH AND DEVELOPER PORTALS • POLICY DISCUSSION • OPTIONS FOR SECURITY
- 3. EVOLUTION OF OURPROJECT UI SOAP REST API 1 REST API 2 REST API N REST APIs DEVELOPERS APPS BEFORE AFTER MONOLITH APP
- 4. OUR CONCERNS INAPI MANAGEMENT • ACCESS TO PUBLIC & INTERNAL APIs • VISIBILITY OF APIs TO CUSTOMERS BASE ON PRICING TIER • CONTROL OF API USAGE BASE ON PRICING TIER • ANALYTICS OF APIs USAGE BY CUSTOMERS • FUTURE NEEDS AND GROWTH PLANS
- 5. HOW WE ADDRESSEDCONCERNS? UI SOAP REST API 1 REST API 2 REST API N REST APIs DEVELOPERS APPS BEFORE AFTER MONOLITH APP APIGATEWAY
- 6. A BIT ABOUTAPI GATEWAY & HISTORY API GATEWAY SERVICE TRANSFORMATION SECURITY USAGE QUOTAS & LIMITS MONETIZATION LOGS ANALYTICS DEV SUPPORT VISIBILITY • CREATE API TO EXPOSE BACK-END SERVICES • ACTS AS REVERSE-PROXY • VENDORS: Apigee, WSO2, MuleSoft, AWS API Gateway, Azure API Management
- 7. INTRO TO AZUREAPI MANAGEMENT API DEVELOPER PORTAL PUBLISHER PORTAL PROXY AZURE API MANAGEMENT PUBLISHER / ADMIN DEVELOPERS APPS BACKEND
- 8. API MANAGEMENT FEATURES DEVELOPERPORTAL PUBLISHER PORTAL PROXY AZURE API MANAGEMENT REGISTRATION DOCUMENTATION INTERACTIVE API CONSOLE DEVELOPER ANALYTICS APP GALLERY FORUMS NEWS ISSUES WIKI API PUBLISHING SUBSCRIPTION MANAGEMENT SECURITY MEDIATION CONTENT PUBLISHING SITE CUSTOMIZATION ISSUE MANAGEMENT ANALYTICS REPORTS SCALING CACHING MONITORING TRAFFIC MANAGEMENT TRANSFORMATION
- 9. API MANAGEMENT ENTITIES USERPRODUCT OPEN|PROTECTED API RATE LIMITS & QUOTAs GROUP
- 10. DEMO: OUR DESIGNFOR PRICING TIERS TRIAL PRODUCT PROTECTED PAID PRODUCT PROTECTED SYS PRODUCT PROTECTED Health Check API LIMITS FOR TRIAL SYS GROUP LIMITS FOR PAID TRIAL GROUP ADMIN GROUP UNLIMITED SYS ACCOUNT TRIAL ACCOUNT PAID ACCOUNT ADMIN ACCOUNT API NAPI 2API 1 APIs CUSTOMER PRODUCTS INTERNAL USE ADMIN USE BUSINESS USE PAID GROUP
- 11. API MANAGEMENT POLICY “InAzure API Management, policies are a powerful capability of the system that allow the publisher to change the behavior of the API through configuration. Policies are a collection of Statements that are executed sequentially on the request or response of an API. ” POLICY SCOPES ARE EVALUATED IN THE FOLLOWING ORDER: • Global scope • Product scope • API scope • Operation scope
- 12. POLICY TEMPLATE <policies> <inbound> <!-- statementsto be applied to the request go here --> </inbound> <backend> <!-- statements to be applied before the request is forwarded to the backend service go here --> </backend> <outbound> <!-- statements to be applied to the response go here --> </outbound> <on-error> <!-- statements to be applied if there is an error condition go here --> </on-error> </policies> POLICY REFERENCE: https://docs.microsoft.com/en-us/azure/api-management/api-management-policy-reference
- 13. HOW TO DEBUGAPI MANAGEMENT? • API INSPECTOR TOOL HEADER: Ocp-Apim-Trace = true • EVENT HUB LOGGER <log-to-eventhub logger-id ='logger-id'> @( string.Join(",", DateTime.UtcNow, ...)) </log-to-eventhub>
- 14. DEMO: POLICY TODOWNLOAD A FILE DEVELOPERS AZURE BLOB STORAGE CUSTOMPOLICY AZURE WEB APP AZUREAPIMANAGEMENT URL + SAS 2 5 URL + SAS FILE ID 3 4 FILE FILE ID FILE 1 6
- 15. WHAT ARE OPTIONSTO SECURE API? • SECURITY BY OBSCURITY • BASIC AUTH • MUTUAL SSL • VNET • OAUTH 2.0 • OPENID
- 16. DEMO: OUR DESIGNFOR SECURITY DEVELOPERS AZURE API MANAGEMENT SUBSCIPTION KEY AZURE WEB APPs CERTIFICATIO NFILE BUSINESS PROCESS TO REGISTER NEW CUSTOMER SUBSCIPTION KEY API NAPI 1
- 17.