1. Home
  2. Training Library
  3. Google Cloud Platform
  4. Courses
  5. Introduction to Apigee API Management

Managing APIs


Managing APIs

In this course, you will learn how to manage your APIs by using Apigee. Apigee allows you to continuously make improvements while also ensuring stability and reliability. We also cover how to modify the behavior of your APIs by applying policies, as well as how to enforce authentication.

Learning Objectives

  • Describe what an API proxy is
  • Deploy an API proxy using Apigee
  • Create and apply an Apigee policy
  • Secure an API by requiring a key

Intended Audience

  • GCP Developers
  • GCP Administrators


  • Previous experience with APIs
  • Admin access to a GCP account

If you are going to be doing any sort of cloud development, you need to get comfortable with APIs.  APIs (or Application Programming Interfaces) are a core part of GCP.  They allow you to easily access everything you need to build powerful applications, including computing resources, networking resources, storage, and much, much more.  In case you didn’t realize, every console click and every terminal “gcloud command” is making one or more API calls in the background.

Once you start building more complex things, you will need to do more than just “consume” APIs.  Eventually, you will also need to “produce” your own set of APIs as well.  This is especially true when developing on a microservices architecture.  

I personally created hundreds of REST APIs back when I was a developer.  I recall that the main difficulty was never in writing the code itself.  Instead, the challenge was always in trying to maintain and update those APIs.  An experienced developer can quickly whip up a simple API.  However, once other people start using it, future changes require a lot more time for planning and orchestration.

Just in case you aren’t already familiar, let me show you just how easy it is to create an API.  There are many different ways to go about this, but probably the fastest is to create a Cloud Function.

Here you see, I have already logged into the GCP console.  Now I am going to search for “Cloud Function”.  And then I’ll click on “Create Function”.  I am going to accept all the defaults, except I will make sure NOT to “require authentication”.  I don’t want to have to mess around with accounts or keys (or anything like that).

Now on this screen, I can paste in my code.  This Node.js program creates a very simply REST API that can be used for adding two numbers.  The function expects you to pass in values for “A” and “B” and then it will return the sum.  So now I just have to click on “Deploy” and wait a little bit. Once the deployment has finished, I will have a working API.

So let me verify that it is working correctly.  I can do that by using the cURL command-line tool.  I need to get the trigger URL.  And then I can use that to compose the command.  

As you can see, this API expects the input to be in JSON format.  So I am setting the A to “1” and B to “2”.  And when I run it, it should return “3”.  There we go.  If I change B to “8”, it should return “9”.  As I said, creating the API is the easy part.

But, now the real challenge begins.  I have a working API, but I need others to start using it.  How do I accomplish that?  

I need to think about what people might be interested in using it.  How will I let them know that it exists?  What sort of documentation will they need?  What if someone experiences a problem?  I need to set up some kind of a two-way communication channel with my users.  And this is only the beginning.

I also need to think about security.  Should this API be completely open for anyone in the world to use?  Or do I want to limit access?   And then, how do I go about preventing unauthorized access?  

Even if I do want this API to be open to the world, I still probably want developers to register for a unique key.  That way, I can easily identify and block anyone attempting to misuse my API.  That would also allow me to throttle the number of requests, when needed.  So how do I go about generating and assigning these keys?  And then, how do I go about validating them?

I also need to think about the future.  I am going to have to consider backwards compatibility.  What happens when I need to change the API (either to fix a bug or to add a new feature)?  When I make a change, how will I notify the developers?  Am I going to have to offer multiple versions of this API?  I need to consider the impact of any change I make.

As you can see, there are a lot of different things you have to consider.  As the popularity and usage grows, so too does the number of issues.  Managing and maintaining a set of APIs can potentially become a full-time job in and of itself.

About the Author
Learning Paths

Daniel began his career as a Software Engineer, focusing mostly on web and mobile development. After twenty years of dealing with insufficient training and fragmented documentation, he decided to use his extensive experience to help the next generation of engineers.

Daniel has spent his most recent years designing and running technical classes for both Amazon and Microsoft. Today at Cloud Academy, he is working on building out an extensive Google Cloud training library.

When he isn’t working or tinkering in his home lab, Daniel enjoys BBQing, target shooting, and watching classic movies.