Duration: 5 days

Course Overview

This Google cloud architect/ Engineer on apigee educational journey directs you through a thoughtfully selected assortment of self-paced courses, practical labs, and skill badges. These resources offer tangible, hands-on practice with Google Cloud technologies crucial for your professional role.

Course Objectives

In this course, you will:
1. Understand the key principles and concepts involved in managing and securing the Apigee Hybrid API platform.
2. Learn how to configure environments, organizations, and access controls within Apigee Hybrid.
3. Gain proficiency in managing APIs throughout their lifecycle, from design to retirement.
4. Learn how to monitor API traffic and performance using built-in analytics tools and configure custom dashboards and reports.
5. Develop skills in configuring logging and auditing for Apigee Hybrid components to monitor security incidents and compliance violations.
6. Master backup and disaster recovery procedures for Apigee Hybrid deployments, ensuring data resilience and business continuity.
7. Implement security policies and controls for Apigee Hybrid APIs, including authentication, authorization, and data protection mechanisms.
8. Configure identity and access management (IAM) roles and permissions for Apigee Hybrid, integrating with identity providers and implementing SSO and MFA.
9. Learn to implement network security controls such as firewalls, network segmentation, and encryption to protect Apigee Hybrid deployments.
10. Understand regulatory requirements such as GDPR, HIPAA, and PCI DSS, and implement controls to ensure compliance with industry regulations.
11. Develop skills in incident response planning, detection, investigation, and mitigation of security breaches and vulnerabilities.
12. Analyse real-world scenarios and case studies to understand best practices, challenges, and lessons learned in managing and securing hybrid API platforms.

Who Should Attend?
Data Scientists
Data engineers & Data Analysts
Research/Applied Scientists
ML engineers
DevOps engineers
Aspiring MLOps Professionals and Enthusiasts
Machine Learning professionals who want to deploy models to production
Individuals interested in data and AI industry

Pre-requisite

Completed Machine Learning concepts and python programming or have equivalent experience.
Reference

Course Outlines:

Introduction

Module 1: A Tour of Google Cloud Hands-on Labs

Day 1

Module 2: API Design and Fundamentals of Google Cloud’s Apigee API Platform

1. Introduction to APIs:
– What are APIs and why are they important?
– Understanding RESTful API design principles
– Overview of API lifecycle management

2. API Design Best Practices:
– Designing APIs for scalability and flexibility
– RESTful API design patterns and anti-patterns
– Versioning and backward compatibility strategies

3. Introduction to Apigee API Platform:
– Overview of Google Cloud’s Apigee API management platform
– Key features and capabilities of Apigee
– Understanding the role of Apigee in API lifecycle management

4. Setting Up Apigee:
– Creating an Apigee account and organization
– Configuring environments, virtual hosts, and proxies
– Managing developer accounts and API keys

5. API Proxy Development:
– Creating API proxies in Apigee
– Implementing security policies such as OAuth and API key validation
– Handling traffic with routing and traffic management policies

6. API Analytics and Monitoring:
– Utilizing Apigee’s analytics capabilities to track API usage and performance
– Monitoring APIs for errors, latency, and traffic patterns
– Generating custom reports and dashboards

7. API Security Best Practices:
– Implementing authentication and authorization mechanisms in Apigee
– Securing APIs against common threats such as injection attacks and DoS attacks
– Encrypting sensitive data in transit and at rest

8. API Lifecycle Management with Apigee:
– Managing API versions, revisions, and deployments
– Implementing continuous integration and deployment (CI/CD) pipelines for APIs
– Performing API lifecycle management tasks such as deprecation and retirement

9. Advanced Apigee Features:
– Integrating with other Google Cloud services such as Cloud Functions and Cloud Run
– Implementing custom extensions and plugins in Apigee
– Exploring advanced use cases such as API monetization and API marketplace

10. Case Studies and Real-World Examples:
– Examining real-world implementations of Apigee for API management
– Learning from successful API design and implementation strategies
– Analysing challenges and best practices in API management across different industries

Day 2

Module 3: API Security on Google Cloud’s Apigee API Platform

1. Introduction to API Security:
– Understanding the importance of API security
– Overview of common API security threats and vulnerabilities
– Introduction to security standards and best practices

2. Authentication Mechanisms:
– Overview of authentication methods supported by Apigee
– Implementing API key authentication
– Configuring OAuth 2.0 for securing APIs

3. Authorization Policies:
– Implementing role-based access control (RBAC)
– Defining scopes and permissions for OAuth 2.0 access tokens
– Enforcing fine-grained access control policies

4. Securing Data in Transit:
– Configuring TLS/SSL for encrypting API traffic
– Implementing HTTPS enforcement policies in Apigee
– Securing communication between clients and APIs

5. API Rate Limiting and Quotas:
– Implementing rate limiting policies to prevent abuse and DoS attacks
– Enforcing quotas to manage API usage and prevent overloading
– Configuring burst and sustained rate limits

6. Input Validation and Sanitization:
– Implementing input validation policies to prevent injection attacks
– Sanitizing input data to prevent XSS and CSRF attacks
– Validating and enforcing API request payloads

7. Web Application Firewall (WAF) Policies:
– Introduction to Apigee’s WAF capabilities
– Configuring WAF policies to protect against common web application attacks
– Monitoring and managing WAF alerts and violations

8. Threat Detection and Prevention:
– Implementing API threat detection policies
– Monitoring API traffic for suspicious behaviour and anomalies
– Integrating Apigee with security information and event management (SIEM) systems

9. API Security Best Practices:
– Implementing secure coding practices for API development
– Performing security reviews and audits of API configurations
– Incorporating security into the API development lifecycle

10. Compliance and Regulatory Considerations:
– Understanding regulatory requirements such as GDPR, HIPAA, and PCI DSS
– Implementing controls to ensure compliance with industry regulations
– Handling sensitive data and personally identifiable information (PII) in APIs

11. Case Studies and Real-World Examples:
– Analysing real-world security incidents and breaches in APIs
– Learning from successful implementations of API security in various industries
– Discussing challenges and best practices in API security on Google Cloud’s Apigee platform

Day 3

Module 4: API Development on Google Cloud’s Apigee API Platform

1. Introduction to API Development:
– Understanding the role of APIs in modern software architecture
– Overview of Google Cloud’s Apigee API Platform and its features
– Introduction to API development best practices

2. API Design Fundamentals:
– Understanding RESTful API design principles
– Designing APIs for scalability, flexibility, and ease of use
– Documenting APIs using OpenAPI (formerly Swagger) specifications

3. Setting Up Apigee Environment:
– Creating an Apigee account and organization
– Configuring environments, virtual hosts, and proxies
– Managing developer accounts and API products

4. Creating API Proxies:
– Creating API proxies in Apigee using the Edge UI or API
– Defining API resources, paths, and operations
– Implementing transformation policies for request and response messages

5. Implementing Security in APIs:
– Configuring API key authentication
– Implementing OAuth 2.0 for authentication and authorization
– Applying security policies such as TLS/SSL encryption and rate limiting

6. Traffic Management and Monitoring:
– Implementing traffic management policies such as quota enforcement and spike arrest
– Monitoring API traffic and performance using Apigee analytics
– Configuring alerts and notifications for API traffic anomalies

7. Versioning and Lifecycle Management:
– Managing API versions, revisions, and deployments
– Implementing versioning strategies for APIs
– Performing API lifecycle management tasks such as deprecation and retirement

8. Developer Experience and API Documentation:
– Configuring developer portals in Apigee
– Creating and publishing API documentation
– Implementing self-service developer onboarding and API discovery features

9. Continuous Integration and Deployment (CI/CD) for APIs:
– Implementing CI/CD pipelines for API development using tools like Jenkins or GitLab
– Automating API deployments to Apigee environments
– Performing testing and validation of APIs in CI/CD pipelines

10. Advanced API Development:
– Implementing custom policies and extensions in Apigee
– Integrating with other Google Cloud services such as Cloud Functions and Cloud Run
– Exploring advanced use cases such as API monetization and API marketplace

11. Case Studies and Real-World Examples:
– Analysing real-world API development scenarios and challenges
– Learning from successful implementations of APIs on Google Cloud’s Apigee platform
– Discussing best practices and lessons learned from industry case studies

Day 4

Module 5: Architecting and Installing the Apigee Hybrid API Platform

1. Introduction to Apigee Hybrid:

– Overview of the Apigee Hybrid API management platform
– Understanding the hybrid architecture and its benefits
– Introduction to hybrid deployment models

2. Architectural Considerations:
– Understanding the components of Apigee Hybrid
– Designing a hybrid deployment architecture based on organizational requirements
– Evaluating factors such as scalability, availability, and security

3. Preparing for Installation:
– Reviewing hardware and software requirements for Apigee Hybrid
– Planning network configuration and firewall rules
– Creating service accounts and permissions for Apigee Hybrid installation

4. Installing Apigee Hybrid:
– Setting up the hybrid runtime environment
– Configuring Kubernetes clusters for Apigee components
– Installing Apigee hybrid control plane and data plane components

5. Configuring Apigee Hybrid:
– Configuring hybrid runtime settings such as environment and organization
– Configuring networking, security, and logging settings
– Integrating with identity providers for authentication and authorization

6. Managing Hybrid Environments:
– Managing hybrid environments using the Apigee Hybrid UI and APIs
– Performing routine maintenance tasks such as upgrades and backups
– Troubleshooting common issues and errors in hybrid deployments

7. High Availability and Disaster Recovery:
– Designing high availability (HA) and disaster recovery (DR) strategies for Apigee Hybrid
– Configuring load balancing and failover mechanisms
– Implementing backup and restore procedures for hybrid deployments

8. Monitoring and Logging:
– Monitoring hybrid environments using built-in monitoring tools
– Configuring logging and log aggregation for Apigee Hybrid components
– Setting up alerts and notifications for critical events

9. Security Best Practices:
– Implementing security best practices for Apigee Hybrid deployments
– Configuring encryption and access controls for sensitive data
– Performing regular security audits and compliance checks

10. Scaling Apigee Hybrid:
– Scaling Apigee Hybrid deployments to handle increased traffic and workload
– Configuring auto-scaling policies for Kubernetes clusters
– Optimizing performance and resource utilization in hybrid environments

11. Case Studies and Real-World Examples:
– Analysing real-world deployments of Apigee Hybrid in different industries
– Learning from successful implementations and best practices
– Discussing challenges and lessons learned from hybrid deployment scenarios

Day 5

Module 5: Managing and Securing the Apigee Hybrid API Platform

1. Introduction to Managing and Securing Apigee Hybrid:
– Overview of managing and securing the Apigee Hybrid API platform
– Understanding the importance of effective management and security practices
– Introduction to key concepts and principles

2. Managing Environments and Organizations:
– Configuring environments and organizations in Apigee Hybrid
– Managing access control and permissions for users and teams
– Implementing governance policies and procedures

3. API Lifecycle Management:
– Managing APIs throughout their lifecycle, from design to retirement
– Implementing versioning, deprecation, and retirement strategies
– Performing API audits and reviews

4. Monitoring and Analytics:
– Monitoring API traffic and performance using built-in analytics tools
– Configuring custom dashboards and reports
– Implementing proactive monitoring and alerting

5. Logging and Auditing:
– Configuring logging and auditing for Apigee Hybrid components
– Monitoring and analysing logs for security incidents and compliance violations
– Implementing log retention and archival policies

6. Backup and Disaster Recovery:
– Implementing backup and restore procedures for Apigee Hybrid deployments
– Configuring disaster recovery strategies and failover mechanisms
– Performing regular backup tests and drills

7. Security Policies and Controls:
– Implementing security policies and controls for Apigee Hybrid APIs
– Configuring authentication and authorization mechanisms
– Enforcing security best practices for data protection and privacy

8. Identity and Access Management (IAM):
– Configuring IAM roles and permissions for Apigee Hybrid
– Integrating with identity providers for authentication and authorization
– Implementing single sign-on (SSO) and multi-factor authentication (MFA)

9. Network Security:
– Configuring network security controls for Apigee Hybrid deployments
– Implementing firewalls, network segmentation, and VPNs
– Securing communication channels with TLS/SSL encryption

10. Compliance and Regulatory Considerations:
– Understanding regulatory requirements such as GDPR, HIPAA, and PCI DSS
– Implementing controls to ensure compliance with industry regulations
– Performing regular security audits and assessments

11. Incident Response and Remediation:
– Developing an incident response plan for Apigee Hybrid security incidents
– Detecting, investigating, and mitigating security breaches and vulnerabilities
– Implementing post-incident analysis and remediation measures

12. Case Studies and Real-World Examples:
– Analysing real-world scenarios and case studies of managing and securing Apigee Hybrid deployments
– Learning from successful implementations and best practices
– Discussing challenges and lessons learned from managing and securing hybrid API platforms

View our Other Courses
1. Android Internals