Welcome!

Java IoT Authors: Automic Blog, Liz McMillan, Pat Romanski, Kevin Benedict, Elizabeth White

Related Topics: @DevOpsSummit, Java IoT, @CloudExpo

@DevOpsSummit: Blog Feed Post

Your API Management Strategy By @PaulSBruce | @DevOpsSummit #API #DevOps

When you have a great idea for an API, just like a great blog series, you often need a way to publish, promote, & administer it

How Amazon API Gateway Shakes Up Your API Management Strategy
By Paul Bruce

As if a space jam-packed with the likes of 3scale, WSO2, Axway, Intel / Mashery, Apigee, Akana, CA, IBM, Oracle, Mulesoft, and HP isn't competitive enough, Amazon recently decided to get into the business of APIs-in-the-cloud. But Amazon brings something to API PaaS ( Platform As A Service) that no one else has in an API gateway solution: a cohesive DevOps pipeline.

API Management vs. API Gateway
When you have a great idea for an API, just like a great blog series, you often need a way to publish, promote, and administer it. This is the fundamental idea behind API management. API gateways on the other hand simply front an existing system with open API formats (like REST and JSON), possibly authorization and authentication semantics, but definitely to make it easier for software to be built on top of an existing system.

In contrast to simple gateways, API management portals often go far beyond these basic areas to include API ground-up design capabilities (like Apiary's API-Blueprint), gateway / brokering options, monetization, and consumer subscription throttling. But mostly, it's about how to scale, control, and version your APIs when you don't know exactly who is going to be accessing it before they sign up and start hurling requests at your most treasured and meticulously crafted APIs.

Companies like 3scale and Mashery have been on the leading edge for almost a decade, truly fleshing out what people need in an API management solution. Gartner has been predicting the growth of the API management space for a while now, even though their predictions have taken time to really prove correct. A whole new layer of competition has only recently been introduced in the past few years come in the form of big businesses getting into the API management game: IBM, HP, and Oracle. Many of these providers include the basic API gateway functionality, but wrap it with other really important aspects of the API-as-a-product lifecycle.

Why Amazon Isn't Quite in the API Management Game...Yet.
What Amazon API Gateway provides is exactly what it states: a gateway, a way to front another technology with an API. What technology are they fronting? At a high level, the answer is their existing cloud-based compute and request handling capabilities like Lambda, networking, and CloudWatch for metrics reporting. But API gateways are considerably different than API management. Gateways simply expose and handle requests to services; API management provides value-add around that core functionality, like caching, rate-limiting, billing, reporting, key/credential administration, and real-time diagnostics.

"As a PaaS solution, Amazon API Gateway will provide the greatest competitive pressure on companies that only offer cloud-based API management offerings" says Isabelle Mauny, VP of Product Management at WSO2. "By contrast, many of our global enterprise customers rely our cloud-enabled WSO2 API Manager software and cloud services to provide the flexibility for deploying on the cloud, on servers, and in hybrid environments."

The API management space has exploded in the past 5 years to become one of the most lucrative and strategic offerings to add to a company's API solutions portfolios. Estimates say that the space will quadruple to over $600 million by 2020, but people must expect that Amazon has so much more than API gateway functionality up their sleeves with this move.

As different as API gateways are from the larger API management offerings, Amazon comes awfully close to paving the way for a full API management contender. At AWS re:Invent 2014, Amazon rolled out a litany of DevOps tools, namely CodeCommit, CodeDeploy, and CodePipeline to onboard developers directly to the AWS, where many of their operations folks already are for virtualization and mass storage. It's only natural in a world where a growing segment of developers build APIs in order to have a solution that lets them get to their tasks solely in the Amazon cloud ecosystem. Perks like AWS Device Farm further sweeten the deal when mobile developers need a quick path to lots of cheap device time for testing or greenfield development purposes.

Frankly, it's a bit late to get into the API management game...unless you have a ten-fold advantage over any other cloud provider on the market, such is the case is with AWS. If it comes down to a market-share grabbing, strong armed competition, Amazon could quickly win a majority of the API DevOps market share. But how many APIs can be built and coded overnight that need immediate access to the Amazon Cloud? Not an earth shattering amount, and this is where Amazon, with all its might, doesn't present that big of a challenge to the current thought-leaders in the API management space.

Tsahi Levent-Levi

Tsahi Levent-Levi

How Does This Affect the API Landscape?
Steve Willmott, CEO of 3scale and one of the earliest thought-leaders in the API management space, sheds some light on the move by Amazon:

"Amazon's announcement is definitely an important development in the space and shows how important APIs and API Management are becoming. Amazon's focus in the announcement is on typical gateway functionality of key management and rate limiting, whereas we provide a much broader solution that also addresses the business workflows around adoption and measurement of the API. So actually think on AWS our offering will be able to connect up well with Amazon's."

These thoughts reflect an important aspect of the core API community: friendly competition. In discussion with other key API influencers, it's up for debate whether the Amazon API Gateway team connected with anyone in the community about what to build or how to position their solution in the larger ecosystem of API solutions. While other influencers are skeptical of its immediate value as an API gateway as it has been branded by Amazon, its volume pricing and low barrier to entry make it a viable contender for non-enterprise consumers, sort of the bargain basement of API management.

The whole thing gets more interesting with the inclusion of Swagger and other service description languages, in that many companies already invested in their APIs so much that they're also building descriptors could immediately benefit from Amazon API Gateway, provided a strict gateway is all that they're looking for. While there are many API gateway options out there already, existing investment in an API gateway solution by one enterprise group might not present as significant a hurdle to other groups adopting Amazon API gateway in an ad-hoc manner. The price and pipeline points are that compelling.

At APIdays San Francisco, I watched Daniel Jacobson, VP of Edge Engineering at Netflix present how his team delivers front door API functionality through a whole suite of home-grown tools, one that satisfies their gateway needs being Zuul. While Zuul and Amazon API Gateway aren't straight apples-to-apples comparisons, the most obvious difference between them is that the former is posted to Github as open source and the latter is not. It seems that Netflix general attitude towards code is that if you don't know how it works, that's probably going to cause you trouble down the line. Not knowing how Amazon API Gateway works beyond what is stated in the documentation could also represent this same risk.

I briefly chatted with Rob Zazueta, Director of Platform Strategy at Mashery (Intel), too. Since Mashery focuses on providing a complete API management platform and much less on the need for strict gateway functionality, his feeling was that the arrival of Amazon API Gateway doesn't displace Mashery's solutions at all, but rather is likely to compliment them for consumers of both. A positive outlook and confident attitude are generally always a good idea when competing in the API space.

How Does This Affect You?
It simply means that you have more options over basic gateway functionality, especially if you have legacy (full machine, non-componentized) systems in the cloud such as web front-ends and database systems that just beg for middle-tier mediation by APIs. It also means that you need to know your options in the API space better than ever before, since committing to one pipeline strategy can have both positive and negative consequences for your delivery line.

To simplify the process of deciding if diving into Amazon API Gateway is right for you, here's a quick table of pros and cons:

Fits if:

May not fit it:

Your operations or development teams already use AWS You have compliance requirements restricting you from delivering data via SaaS/cloud services
Your developers lack / need a cohesive software delivery pipeline You have anything more than very simple authentication requirements
You need to test from lots of different mobile devices You don't know how to program in HAL or for Lambda
You already have your API defined in Swagger Your existing APIs lack descriptors and you can't automatically generate them via framework
Your API solely uses cloud data storage You need to connect to off-site or on-premise data

This list is by no means exhaustive, and your encouraged to join the conversation below and contribute to what are specific reasons to consider or exclude Amazon API Gateway from your decision making process.

In the end, more API options are good for everyone, especially so when people are doing their own research on how they fit with their actual needs. It's important to build your own list of requirements over an API strategy, but be sure to also consider how your software delivery pipeline, operations scalability and downtime response procedures, and security compliance requirements factor in to your decision making process.

Please, let us know your challenges and thoughts on the matter. Conversation is always a friend.

Related articles:

Read the original blog entry...

More Stories By SmartBear Blog

As the leader in software quality tools for the connected world, SmartBear supports more than two million software professionals and over 25,000 organizations in 90 countries that use its products to build and deliver the world’s greatest applications. With today’s applications deploying on mobile, Web, desktop, Internet of Things (IoT) or even embedded computing platforms, the connected nature of these applications through public and private APIs presents a unique set of challenges for developers, testers and operations teams. SmartBear's software quality tools assist with code review, functional and load testing, API readiness as well as performance monitoring of these modern applications.

@ThingsExpo Stories
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, discussed how they built...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and B...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
The 22nd International Cloud Expo | 1st DXWorld Expo has announced that its Call for Papers is open. Cloud Expo | DXWorld Expo, to be held June 5-7, 2018, at the Javits Center in New York, NY, brings together Cloud Computing, Digital Transformation, Big Data, Internet of Things, DevOps, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
No hype cycles or predictions of a gazillion things here. IoT is here. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, an Associate Partner of Analytics, IoT & Cybersecurity at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He also discussed the evaluation of communication standards and IoT messaging protocols, data...
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, discussed some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he covered some of the best practices for structured team migration an...
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud ...
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud ...
DevOps at Cloud Expo – being held June 5-7, 2018, at the Javits Center in New York, NY – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Among the proven benefits,...
@DevOpsSummit at Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, is co-located with 22nd Cloud Expo | 1st DXWorld Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait...
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DX Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive ov...
SYS-CON Events announced today that T-Mobile exhibited at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. As America's Un-carrier, T-Mobile US, Inc., is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The Company's advanced nationwide 4G LTE network delivers outstanding wireless experiences to 67.4 million customers who are unwilling to compromise on qua...
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness. For more information, please visit https://www.cedexis.com.
SYS-CON Events announced today that Google Cloud has been named “Keynote Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Companies come to Google Cloud to transform their businesses. Google Cloud’s comprehensive portfolio – from infrastructure to apps to devices – helps enterprises innovate faster, scale smarter, stay secure, and do more with data than ever before.
SYS-CON Events announced today that Vivint to exhibit at SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California. As a leading smart home technology provider, Vivint offers home security, energy management, home automation, local cloud storage, and high-speed Internet solutions to more than one million customers throughout the United States and Canada. The end result is a smart home solution that sav...
SYS-CON Events announced today that Opsani will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Opsani is the leading provider of deployment automation systems for running and scaling traditional enterprise applications on container infrastructure.
SYS-CON Events announced today that Nirmata will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nirmata provides a comprehensive platform, for deploying, operating, and optimizing containerized applications across clouds, powered by Kubernetes. Nirmata empowers enterprise DevOps teams by fully automating the complex operations and management of application containers and its underlying ...
SYS-CON Events announced today that Opsani to exhibit at SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California. Opsani is creating the next generation of automated continuous deployment tools designed specifically for containers. How is continuous deployment different from continuous integration and continuous delivery? CI/CD tools provide build and test. Continuous Deployment is the means by which...