Google Cloud - Apigee Certified API Engineer

Certification Exam Guide

Google Cloud - Apigee Certified API Engineer

Job Role Description

An Apigee Professional API Engineer designs, builds, and maintains API proxies. The API Engineer responsibilities include cross-cutting business concerns like authentication, authorization, monitoring, logging, governance, and documentation. API Engineers also consider API design features like consistency, usability, and versioning. Finally, the API Engineer measures and drives success of the API program and is responsible for the documentation, promotion, and evangelism of its products.

Certification Exam Guide

Section 1: Designing APIs

1.1 Data Modeling.

  • Using consistent and intuitive naming across all APIs
  • Modeling resources based on business concepts rather than internal terminology

1.2 Designing APIs.

  • API-first approach
  • Designing API resources and actions from consumer point-of-view
  • Understanding API versioning models and breaking changes
  • Determining appropriate level of orchestration for efficient API request flows
  • Scoping access controls

1.3 RESTful Design.

  • Choosing meaningful and consistent resource names
  • Knowing when to push REST or accept legacy designs
  • Using HTTP verbs appropriately and consistently
  • Designing RESTful URI paths
  • Choosing between path, payload, headers, and query parameters
  • API paging design

1.4 Driving API consumption.

  • Documenting APIs
  • Creating and using OpenAPI Specifications
  • Building a community for API programs

Section 2: Developing, implementing and securing APIs

2.1 Implementing API proxies on Apigee Edge.

  • Implementing proxy and target flows
  • Methods for calling backend services
  • Fault handling and error conditions
  • Mediation strategies, including:
    • SOAP to REST
    • Converting between XML and JSON
    • Extracting data from payloads
    • Mashups
  • Using caching to improve latency and reduce backend load
  • Extending functionality using code
  • API configuration using key-value maps and target servers
  • API logging and custom attributes for analytics

2.2 API Security.

  • Securing APIs via OAuth, SAML, basic authentication, and IP-based access control
  • Protecting against traffic spikes
  • Detecting content-based attacks
  • Transport layer security via one-way and two-way TLS
  • Data masking
  • Role-based access control for Edge

2.3 API Testing & Performance Analysis.

  • Understanding the performance characteristics of policies
  • Tracing calls within Edge
  • Analysis of target and proxy performance
  • Implementing API performance benchmarks
  • Cache performance analysis and tuning

Section 3: Development Lifecycle and CI/CD

  • Automating build, deployment, and configuration
  • Automating unit and integration tests
  • Implementing static code analysis
  • Organization and environment strategies for proxy SDLC

Section 4: Requirements and Business Analysis

4.1 Managing API Products.

  • Identifying API products based on business needs
  • Configuring quotas
  • Extending product functions using custom attributes

4.2 Requirements Analysis.

  • Challenging legacy assumptions
  • Writing API user stories
  • Decoding business stories and finding resources and properties
  • Writing consumption-based API test scenarios