Building Solutions with Apigee X

(3 days)


In this course, you will go through the Apigee journey as a product lead for a new application. You will take roles on the development and security teams.

You will take an API originally designed for an on-premises legacy application use and modernize it for the cloud using Apigee X. You will follow Google Cloud best practices alongside Apigee X to design a secure, scalable and resilient platform for your company’s needs.


  • Expose security vulnerabilities typically found in legacy API’s
  • Secure the backend of your legacy application using mutual TLS
  • Secure API access with API Keys
  • Design applications with an API first design using the OpenAPI specification
  • Integrate your API proxy with the Cloud Data Loss Prevention (DLP) API
  • Best practices for site reliability with Apigee using monitoring and logging
  • Modernize application deployment using Cloud Run and Cloud Build
  • Authentication using API Keys and Firebase Authentication with Apigee
  • Harden APIs using Apigee Policies and Cloud Armor
  • Mitigate external threats with reCAPTCHA Enterprise
  • Leverage Apigee Analytics to show custom data capture and reporting
  • Leverage Cloud Code in your development environment to locally emulate Apigee
  • Use Apigee Integration to improve connectivity with other services in Google Cloud


Application developers, API engineers, Solution architects, Security engineers, DevOps engineers. Those who are responsible for the solutioning design, implementation, or management of APIs , API products, or digital products that leverage APIs.


Completion of the “Developing APIs with Google Cloud’s Apigee API Platform” course or equivalent experience with Google Cloud and Apigee.

Course Outline

Module 1: Why Apigee X

  • Why Apigee X
  • Introduction to Use Case – Who Are You?
  • One/Two-Way TLS
  • Getting Started
  • Lab: Introduction to the Legacy Application and Apigee

Module 2: The Target

  • Implement a mTLS gateway
  • API Keys
  • Control Your API Response
  • Lab: The Target

Module 3: API First Design with OpenAPI

  • API First Design
  • The Show Me Now Rest API
  • What Is OpenAPI
  • Apigee Debugging
  • Lab: API First Design with OpenAPI

Module 4: Integrating External Services

  • Cloud Data Loss Prevention API (DLP)
  • Apigee ServiceCallout Policy
  • Message Logging/Cloud Logging
  • Uptime Checks
  • Alerting Policy
  • Lab: Integrating External Services

Module 5: Consuming Apigee Resources

  • Introducing the Client Application
  • Application Build Tools
  • Firebase Authentication
  • Apigee Security Policies
  • Lab: Integrating a Client Application

Module 6: Hardening Your API

  • API Security Vulnerabilities
  • JSON Threat Protection Policies
  • Cloud Armour
  • The Hacker Tools
  • Lab: Hardening Your API

Module 7: External Threat Mitigation

  • reCAPTCHA Enterprise
  • Apigee Data Collection
  • Apigee Custom Reports
  • Lab: External Threat Mitigation with reCapture Enterprise

Module 8: Expand Your Apigee Toolset

  • The Apigee Management API
  • API Proxy Deployment Options
  • Local Development Using Cloud Code
  • Apigee Emulator
  • Development Workflow
  • Lab: Developing for Apigee Using Cloud Code

Module 9: Apigee Integration

  • Introduction to Application Integration
  • Triggers
  • Tasks
  • Apigee Integration Policies
  • Lab: Expanding Your API with Apigee Integrations

Module 10: Summary

  • Debrief
  • Apigee Flavors – X or Hybrid
  • What’s Next