Why is an API platform in the Cloud such a Big Deal? Flexibility of course, because you don’t have to incur any infrastructure setup time. But with the right API platform, it is also the Freedom to move across public and private clouds, and also across off-premise and on-premise environments. As You Like It.
Just the Basics First
Let’s start from a fundamental place. Innovative businesses are exposing their business services through APIs,
across Banking, Healthcare, Insurance, Fashion, Connected Cars and more. These APIs are either public or private. And Mobile apps are powered by these important APIs that deliver relevant data for the app to work. But Open APIs doesn’t have to mean “un-secure” and “un-managed” APIs. The key here is “managed APIs” where the API owner designs the API, decides what information you want to expose via the API, from where, what to transform/filter, sets API access controls, decides various call limits, publishes the API and decides who sees it or gets access to your API, and then finally views the API activity to understand usage.
- At design-time, an API Provider defines an API (REST or SOAP), composes/mashes-up, makes security choices and deploys APIs into a sandbox, test validates the APIs, publishes the APIs to select personalized portals or communities and may choose to invite select app developers, within or outside the company.
- Then at runtime, API security enforcement plays an important role with authorization/authentication enforcement, threat protection, rate-limit enforcement, and various other policies such as routing policies,
and finally collecting API usage data for analytics and business insight.
So everything I just described above is what matters the most for any API initiative. That is where you get the maximum business value. But WHAT IF … you say …
Hello Room Service? I want an API please, now! And nothing else!
I just want to get going today on my API project now. But what about the infrastructure of an API platform? The servers, gateways, versions, clusters, memory, storage, HA, DR, etc. Now what if you don’t have to worry about all that? Not worrying about the IT infrastructure is awesome, because it allows you to focus on what matters most – creating, securing, controlling, publishing APIs to a variety of app developers, and then giving those app developers a self-service experience via unique custom developer portals. Then you analyze the runtime usage and API activity. Why not let others outside your team and company worry about IT infra setup? That is exactly what the Software as a Service or SaaS model from IBM is all about. You log in using an Internet-connected browser, and manage your APIs in the Cloud using the IBM API Management Service. It runs on IBM-managed cloud infrastructure, and is available starting at $99.00 per month. Pay by how much you plan to use it for. Pay-as-you-grow. Highly elastic. You still decide who creates APIs and for whom to use. That Service is available here for you now to try out for free. It will take you less than 2 minutes to define and publish your API.
But I am a Control Freak!
What if you wanted FULL control of the IT infrastructure because your services/data all reside on-premise? Maybe your industry demands it or your Security team mandates everything on-premise. No worries. You find the servers, decide how many gateway clusters are needed, which ones to scale, when to schedule an upgrade of the software stack, etc. You want control? You have it. That is the on-premise model from IBM – Manage your APIs completely on-premise with IBM API Management. A completely API Provider-managed infrastructure, where the API Provider has full control to manage & scale the on-premise infrastructure. Often called a private cloud deployment. That product is available here to evaluate for free.
Cloud Control to Major Tom!
If you really want to enjoy the benefits of the Cloud AND still want full control of what infrastructure components get installed and when the infrastructure changes happen, but still off-premise, then a managed hosted solution is the right one for you. You have full control over the infrastructure availability and capacity, the versions, the schedule, etc. All the benefits of an on-premise private cloud deployment but in an off-premise private cloud, dedicated to only your business. So have it your way, delivered by IBM – Manage your APIs completely in the Cloud with Full Control.
I will have the #4 Combo with Agility & Control, please!
What if you want to get going quickly without the hassle of infrastructure setup (so SaaS model is good), BUT then under some business conditions you want to publish your APIs more privately. Perhaps you want to collaborate quickly using a SaaS model through Dev, QA and even a Production Sandbox to get feedback from your app developers (internal or external), and as you get ready to go live, you move your APIs and Plans to a more controlled environment that you closely manage and monitor. In this case, a Hybrid deployment model would make sense, as the IBM solution of on-premise and SaaS – lets you easily move your APIs and Plans from SaaS to a disconnected private cloud and back.
This freedom to manage your APIs in one cloud type/location (private/public) and move your APIs to another cloud type/location (private/public) is the ultimate freedom.