Mastering API Architecture First Early Release 1st Edition by James Gough, Daniel Bryant, Matthew Auburn ISBN 9781492090588 1492090581

Mastering API Architecture First Early Release 1st Edition by James Gough, Daniel Bryant, Matthew Auburn – Ebook PDF Instant Download/Delivery: 9781492090588 ,1492090581
Full download Mastering API Architecture First Early Release 1st Edition after payment

Product details:

ISBN 10: 1492090581
ISBN 13: 9781492090588
Author: James Gough, Daniel Bryant, Matthew Auburn

Mastering API Architecture First Early Release 1st Edition Table of contents:

1. Why Did We Write This Book?
2. Why Should You Read This Book?
3. Who This Book Is For
4. Developer
5. Accidental Architect
6. Solutions/Enterprise Architect
7. What You Will Learn
8. What This Book Is Not
9. Conventions Used in This Book
10. Using Code Examples
11. O’Reilly Online Learning
12. How to Contact Us
13. Acknowledgments
14. James Gough
15. Daniel Bryant
16. Matthew Auburn
17. Introduction
18. The Architecture Journey
19. A Brief Introduction to APIs
20. Running Example: Conference System Case Study
21. Types of APIs in the Conference Case Study
22. Reasons for Changing the Conference System
23. From Tiered Architecture to Modeling APIs
24. Case Study: An Evolutionary Step
25. API Infrastructure and Traffic Patterns
26. Roadmap for the Conference Case Study
27. Using C4 Diagrams
28. C4 Context Diagram
29. C4 Container Diagram
30. C4 Component Diagram
31. Using Architecture Decision Records
32. Attendees Evolution ADR
33. Mastering API: ADR Guidelines
34. Summary
35. I. Designing, Building, and Testing APIs
36. 1. Design, Build, and Specify APIs
37. Case Study: Designing the Attendee API
38. Introduction to REST
39. Introduction to REST and HTTP by Example
40. The Richardson Maturity Model
41. Introduction to Remote Procedure Call (RPC) APIs
42. A Brief Mention of GraphQL
43. REST API Standards and Structure
44. Collections and Pagination
45. Filtering Collections
46. Error Handling
47. ADR Guideline: Choosing an API Standard
48. Specifying REST APIs Using OpenAPI
49. Practical Application of OpenAPI Specifications
50. Code Generation
51. OpenAPI Validation
52. Examples and Mocking
53. Detecting Changes
54. API Versioning
55. Semantic Versioning
56. OpenAPI Specification and Versioning
57. Implementing RPC with gRPC
58. Modeling Exchanges and Choosing an API Format
59. High-Traffic Services
60. Large Exchange Payloads
61. HTTP/2 Performance Benefits
62. Vintage Formats
63. Guideline: Modeling Exchanges
64. Multiple Specifications
65. Does the Golden Specification Exist?
66. Challenges of Combined Specifications
67. Summary
68. 2. Testing APIs
69. Conference System Scenario for This Chapter
70. Testing Strategies
71. Test Quadrant
72. Test Pyramid
73. ADR Guideline for Testing Strategies
74. Contract Testing
75. Why Contract Testing Is Often Preferable
76. How a Contract Is Implemented
77. ADR Guideline: Contract Testing
78. API Component Testing
79. Contract Testing Versus Component Testing
80. Case Study: Component Test to Verify Behavior
81. API Integration Testing
82. Using Stub Servers: Why and How
83. ADR Guideline: Integration Testing
84. Containerizing Test Components: Testcontainers
85. Case Study: Applying Testcontainers to Verify Integrations
86. End-to-End Testing
87. Automating End-to-End Validation
88. Types of End-to-End Tests
89. ADR Guideline: End-to-End Testing
90. Summary
91. II. API Traffic Management
92. 3. API Gateways: Ingress Traffic Management
93. Is an API Gateway the Only Solution?
94. Guideline: Proxy, Load Balancer, or API Gateway
95. Case Study: Exposing the Attendee Service to Consumers
96. What Is an API Gateway?
97. What Functionality Does an API Gateway Provide?
98. Where Is an API Gateway Deployed?
99. How Does an API Gateway Integrate with Other Technologies at the Edge?
100. Why Use an API Gateway?
101. Reduce Coupling: Adapter/Facade Between Frontends and Backends
102. Simplify Consumption: Aggregating/Translating Backend Services
103. Protect APIs from Overuse and Abuse: Threat Detection and Mitigation
104. Understand How APIs Are Being Consumed: Observability
105. Manage APIs as Products: API Lifecycle Management
106. Monetize APIs: Account Management, Billing, and Payment
107. A Modern History of API Gateways
108. 1990s Onward: Hardware Load Balancers
109. Early 2000s Onward: Software Load Balancers
110. Mid-2000s: Application Delivery Controllers (ADCs)
111. Early 2010s: First-Generation API Gateways
112. 2015 Onward: Second-Generation API Gateways
113. Current API Gateway Taxonomy
114. Traditional Enterprise Gateways
115. Microservices/Micro Gateways
116. Service Mesh Gateways
117. Comparing API Gateway Types
118. Case Study: Evolving the Conference System Using an API Gateway
119. Installing Ambassador Edge Stack in Kubernetes
120. Configuring Mappings from URL Paths to Backend Services
121. Configuring Mappings Using Host-based Routing
122. Deploying API Gateways: Understanding and Managing Failure
123. API Gateway as a Single Point of Failure
124. Detecting and Owning Problems
125. Resolving Incidents and Issues
126. Mitigating Risks
127. Common API Gateway Implementation Pitfalls
128. API Gateway Loopback
129. API Gateway as an ESB
130. Turtles (API Gateways) All the Way Down
131. Selecting an API Gateway
132. Identifying Requirements
133. Build Versus Buy
134. ADR Guideline: Selecting an API Gateway
135. Summary
136. 4. Service Mesh: Service-to-Service Traffic Management
137. Is Service Mesh the Only Solution?
138. Guideline: Should You Adopt Service Mesh?
139. Case Study: Extracting Sessions Functionality to a Service
140. What Is Service Mesh?
141. What Functionality Does a Service Mesh Provide?
142. Where Is a Service Mesh Deployed?
143. How Does a Service Mesh Integrate with Other Networking Technologies?
144. Why Use a Service Mesh?
145. Fine-grained Control of Routing, Reliability, and Traffic Management
146. Provide Transparent Observability
147. Enforce Security: Transport Security, Authentication, and Authorization
148. Supporting Cross-Functional Communication Across Languages
149. Separating Ingress and Service-to-Service Traffic Management
150. Evolution of Service Mesh
151. Early History and Motivations
152. Implementation Patterns
153. Service Mesh Taxonomy
154. Case Study: Using a Service Mesh for Routing, Observability, and Security
155. Routing with Istio
156. Observing Traffic with Linkerd
157. Network Segmentation with Consul
158. Deploying a Service Mesh: Understanding and Managing Failure
159. Service Mesh as a Single Point of Failure
160. Common Service Mesh Implementation Challenges
161. Service Mesh as ESB
162. Service Mesh as Gateway
163. Too Many Networking Layers
164. Selecting a Service Mesh
165. Identifying Requirements
166. Build Versus Buy
167. Checklist: Selecting a Service Mesh
168. Summary
169. III. API Operations and Security
170. 5. Deploying and Releasing APIs
171. Separating Deployment and Release
172. Case Study: Feature Flagging
173. Traffic Management
174. Case Study: Modeling Releases in the Conference System
175. API Lifecycle
176. Mapping Release Strategies to Lifecycle
177. ADR Guideline: Separating Release from Deployment with Traffic Management and Feature Flags
178. Release Strategies
179. Canary Releases
180. Traffic Mirroring
181. Blue-Green
182. Case Study: Performing Rollouts with Argo Rollouts
183. Monitoring for Success and Identifying Failure
184. Three Pillars of Observability
185. Important Metrics for APIs
186. Reading the Signals
187. Application Decisions for Effective Software Releases
188. Response Caching
189. Application-Level Header Propagation
190. Logging to Assist Debugging
191. Considering an Opinionated Platform
192. ADR Guideline: Opinionated Platforms
193. Summary
194. 6. Operational Security: Threat Modeling for APIs
195. Case Study: Applying OWASP to the Attendee API
196. The Risk of Not Securing External APIs
197. Threat Modeling 101
198. Thinking Like an Attacker
199. How to Threat Model
200. Step 1: Identify Your Objectives
201. Step 2: Gather the Right Information
202. Step 3: Decompose the System
203. Step 4: Identify Threats—Taking This in Your STRIDE
204. Step 5: Evaluate Threat Risks
205. Step 6: Validation
206. Summary
207. 7. API Authentication and Authorization
208. Authentication
209. End-User Authentication with Tokens
210. System-to-System Authentication
211. Why You Shouldn’t Mix Keys and Users
212. OAuth2
213. Authorization Server Role with API Interactions
214. JSON Web Tokens (JWT)
215. Terminology and Mechanisms of OAuth2 Grants
216. ADR Guideline: Should I Consider Using OAuth2?
217. Authorization Code Grant
218. Refresh Tokens
219. Client Credentials Grant
220. Additional OAuth2 Grants
221. ADR Guideline: Choosing Which OAuth2 Grants to Support
222. OAuth2 Scopes
223. Authorization Enforcement
224. Introducing OIDC
225. SAML 2.0
226. Summary
227. IV. Evolutionary Architecture with APIs
228. 8. Redesigning Applications to API-Driven Architectures
229. Why Use APIs to Evolve a System?
230. Creating Useful Abstractions: Increasing Cohesion
231. Clarifying Domain Boundaries: Promoting Loose Coupling
232. Case Study: Establishing Attendee Domain Boundaries
233. End State Architecture Options
234. Monolith
235. Service-Oriented Architecture (SOA)
236. Microservices
237. Functions
238. Managing the Evolutionary Process
239. Determine Your Goals
240. Using Fitness Functions
241. Decomposing a System into Modules
242. Creating APIs as “Seams” for Extension
243. Identifying Change Leverage Points within a System
244. Continuous Delivery and Verification
245. Architectural Patterns for Evolving Systems with APIs
246. Strangler Fig
247. Facade and Adapter
248. API Layer Cake
249. Identifying Pain Points and Opportunities
250. Upgrade and Maintenance Issues
251. Performance Issues
252. Breaking Dependencies: Highly Coupled APIs
253. Summary
254. 9. Using API Infrastructure to Evolve Toward Cloud Platforms
255. Case Study: Moving the Attendee Service to the Cloud
256. Choosing a Cloud Migration Strategy
257. Retain or Revisit
258. Rehost
259. Replatform
260. Repurchase
261. Refactor/Re-architect
262. Retire
263. Case Study: Replatforming the Attendee Service to the Cloud
264. Role of API Management
265. North–South Versus East–West: Blurring Lines of Traffic Management
266. Start at the Edge and Work Inward
267. Crossing Boundaries: Routing Across Networks
268. From Zonal Architecture to Zero Trust
269. Getting in the Zone
270. Trust No One and Verify
271. Role of Service Mesh in Zero Trust Architectures
272. Summary
273. 10. Wrap-up
274. Case Study: A Look Back on Your Journey
275. APIs, Conway’s Law, and Your Organization
276. Understanding Decision Types
277. Preparing for the Future
278. Async Communication
279. HTTP/3
280. Platform-based Mesh
281. What’s Next: How to Keep Learning About API Architecture
282. Continually Honing the Fundamentals
283. Keeping Up-to-Date with Industry News
284. Radars, Quadrants, and Trend Reports
285. Learning About Best Practices and Use Cases
286. Learning by Doing
287. Learning by Teaching
288. Index

People also search for Mastering API Architecture First Early Release 1st Edition:

mastering api architecture pdf github
    
mastering api architecture pdf free download
    
mastering api architecture github
    
mastering api architecture review
    
mastering api architecture book

Tags:

James Gough,Daniel Bryant,Matthew Auburn,Mastering API Architecture,Early Release