SAP-C02 Amazon AWS Certified Solutions Architect Professional – New Domain 5 – Continuous Improvement for Existing Solutions Part 17

  • By
  • September 2, 2023
0 Comment

67. Introduction to API

Hey everyone and welcome back. Now today we’ll be speaking about API. Now, I’m very sure that if you are working in industry, you might have heard about this specific term a lot of times. So what we’ll do today, we’ll go ahead and understand what it means in highlevel overview. So let’s get started. So by definition, API stands for Application Programming Interface and it is generally used for intercommunication between multiple softwares. Now definitely you can do intercommunication between multiple softwares without API as well. But API using API has a tremendous amount of benefits and we’ll look into when we go ahead with a demo session. So generally, one of the advantages of using an API is that the exact structure of request and response is documented upfront and it is likely to remain the same throughout the time.

Now, this third point might be a bit confusing right now. So let’s take a simple use case and understand on what exactly it means. So, the use case today is a simple weather application where James wants to build a weather report application. Since it needs weather report for all the countries, he wonders where he can get all the data from. Now, there’s a website called as Open Weather Map which has all this data. And thus James decides to integrate his application to fetch data from Open Weather Map database. Now, the question is, how will he pass this data? So, a very simple use case, I would say, where someone wants to build an application.

Let’s assume an Android application which reposts the weather. Now, in order to do that, what you have to do, you have to have a sensor which will capture the weather information. Now, if it is just India, you can have sensor in every city. Not a very major task to do. But if you want to report weather of all the countries throughout the world, then you need sensors in each and every cities. And this is quite a challenging task definitely for an individual to do. So this is the reason why there are many websites which collect those data for you. And you can use those websites to get the information from.

So, we discussed that Open Weather Map is one such website. Let me open this up. So this is a website and it contains or it gives information related to the weather of each and every city. So let me do one thing. Let me put Mumbai over here. And once you click here, it gives you a precise information related to the current weather.

It tells about the wind, about the cloudiness, about the pressure, humidity, sunrise, possible sunset time, and it also tells you the weather of upcoming one or two weeks. So this is quite amazing website to get the information from. So I have a simple android application. Let me just show you. So, this is a simple Android application I hope you can see, which tells you the weather of a specific city. And if you see over here, it actually shows you the weather of every hour, I hope you can see.

So, question is where it is getting the data from? I’m 100% sure that all the weather applications, or I would say most of the weather applications, will fetch the information from some kind of a website similar to this one. Now, the question is, how will the application get the data from? One is, you see, every city has a city ID. So Mumbai has this specific city ID. So what an application can do, application can pass this specific web page. It can get this information. It can get 32 degree, it can get the wind speed, it can get the pressure, it can get humidity, sunrise, sunset, et cetera. So this is quite easy and to understand, but the application will stop working if the interface of the website changes. So, as a manual way of doing it, manual way is the easiest way is to open the website and see, okay, this is the temperature. This is the pressure.

Now, when you talk about software, software needs some kind of an intelligence. So let’s assume you can download this page and then you can parse each and individual field. Now, here the challenge is, if the website interface changes, then your application will break down. And this is the reason why this approach is not a very good approach. So here you will see there is a tab called API. So let me just click it up and you will find that the open weather map API is simple, clear and free. So what you can do in API is you can send a request to the API of this website asking for a weather of Mumbai. And API will give you the result in a JSON format, which is textual formats. So the software will be able to parse it quite easily. So let me show you on how that would work.

So, I have a simple API request for OpenWeather app. I’ll just copy this request and I’ll paste it over here. So now, if you will see what is happening is I made a curd request of get on the API. You see API OpenWeather map. And here we have passed the query. And the query is Mumbai. And what it is giving is it is giving me the result in JSON format. So this is a textual format. So, if you will see over here, wind speed is 6. 2. If I’ll go over here, the wind speed is 6. 2. Now, for a software application, this is very easy to understand and easy to parse. And this is the answer for the third point, that with an API, the exact structure of request and response is documented upfront and is likely to remain same throughout the time. So this specific structure is likely to remain same, although the website interface might change the structure of the API request. And response will remain same.

So what my weather application can do is it can do a current request and then it can parse the value associated with each and individual field. So it can pass the pressure is 1006 and then my weather application can take this data and display it to the user. So, quite an easy way to do things. And this is the reason why API is very useful. So this also answers a second point, which means it is generally used for intercommunication between multiple softwares. So in my case, the curl is a client and API dot OpenWeather Map is another software. So it is generally used for intercommunication between two softwares. In case a human wants to go through it, then they will not prefer to read in API or a JSON format. They would rather prefer to read it in a Gui. Perfect. So you got the basic overview on what an API means. So will not just end here. I have second use case so that this thing becomes much more clear. Let me just open up the PPT and the second use case is infrastructure overview.

So, what this means is you want to have list of all the instances in your cloud environment along with their names, IP addresses, operating system name, kernel, version, region, backup window, and available snapshot. How will we go ahead with this use case. So, very simple use case. And this is something that you might find in your organization as well, where your CTO is asking for detailed infrastructure based information. So one way to do it is one way to do it. In my case, I am using Digital Ocean for my website. So quite cheap. So in Do, I have two servers. If you will see, it shows me the name of servers. You have my dreams, you have my life. It shows me the IP addresses. So if I just open it up, it gives me more detailed information. Like it has oneGB memory, 30GB disk. It is located in Singapore region. It has cento seven, the private IPS disk. Now, if you’ll see, it needed the backup windows and the available snapshots as well. So in order to do that, I can go to the backups and it shows me the backups of my current droplet for snapshot. It shows me the available snapshot associated with the OS. Now, in this case, I just have two servers over here.

Now, one thing that you might have figured it out. Now if you want to have this information and give it to the CTO, then you have to open up each and every server, write this information Excel sheet, and once information is complete, give it to the CTO. Now, let’s assume you have 100 servers. How will you do that? So doing things in the GUI way is not always right solution. So, if you talk about Digital Lotion, you see again there’s a tab called API. So if I click on API. It gives me a lot of information related to the API keys. So let me do one thing. I’ll copy the and I’ll paste it over here. So what we are doing is we are sending an API request to Digital Ocean to give information related to the infrastructure. Perfect. So now, if you will see let me go up. So it gives me information related to the droplet. The name is my life. If you compare it here, let me go back. It is giving me information about my life first. So now you see, the memory is 1024. The CPU is one code. The disk is 20GB.

It tells me the OS, it tells me the kernel version. It also tells me the available backups which are there for this server. It talks about what are the available snapshots. It talks about when will be the new backup which will be taken for this server. Along with that, it also talks about the region on which the server is launched, the IP addresses. This is a private IP and this is a public IP. So the region is Singapore. And if you go down, this marks the end of the first VM. The second VM is my dreams. You see we have total two VMs. And for the second VM also it tells all this information. So now, you’ll see, doing things in an API way is very fast and you don’t really have to do a lot of manual work. And specifically when two softwares are communicating, then the API is like a best thing that you can use. But at the least, I would like to show you one more interesting thing. I hope you’re not bored. So if I’ll go to Facebook. com, YouTube, so you will see it is showing me the YouTube page.

Now. Facebook also provides the API. So here if I just put a graph facebook. com, YouTube now you get a message saying an access token is required to access the resources. And this is very important. Whenever you have an API, you should always have an access token along with it. Something similar to a username and password. Like if you want to log into a Facebook, you have to provide a username and password. Similarly, if you want to get an information from an API, you have to pass a token. So in open weather map, the reason why I am able to access the information via API is because I have a token associated. So if you will see, I am passing a token ID.

So this is my token ID and this is the authentication parameter. Same for Digital Ocean. You see I have a token which I’m pushing along with the request. So there are some open APIs also available. But the best practice says that you should always have a token associated with the API. So this is it. About this specific lecture, one thing I would really encourage you to do just sign up for the open weather map. And once you do a sign in, let me show you it actually there is API keys. And you can generate an API key from the website itself. And then you can use this API key to query a specific API. So this is it. About this lecture. I hope this has been informative for you. And if you have any.

68. Understanding working of API

Hey everyone, and welcome back to the Knowledge Portal video series. So, in the earlier lecture, we discuss on what an API really means. And in today’s lecture, we’ll go ahead and understand on the internal working on how exactly an API would really work. So, let’s begin. So, just to devise the things when we talk about GUI. So, GUI is a graphical user interface. But when we talk about API, API is something like an application user interface. So API is basically a user interface which is designed for different users in mind. So when we talk about different users, this means applications. So this interface allows one application to communicate with second application with the help of simple commands. So these are the points that we have already seen in detail in the earlier lecture. So today, let’s go ahead and understand more about the API functioning.

Now, whenever you design an API, there are four common methods which the APIs are designed to support. The first is get. Second is post. Third is Put and force is delete. So Get definitely is used to get some information from a specific function. Second is Post, which is used to create a new information in the back end resources. Third is Put, which basically is used to update or replace an existing resource. It can be a file or something similar and delete. As it says, it is used to remove a resource. Now, let me show you. If you remember in the earlier lecture, we had run an API or digital ocean which gave us the information related to the droplets which were present in our account. So, if you just go up over here. So this is the API command that we had run. Now, if you will see over here, we are running Get. And after running this command, it fetched the information which was available. So this is the get method that we are using. So this is the Get method. Now, along with that, there are various other methods and each method is used for a specific functionality.

So for example, there is a post one also available. So this is an API. So what this API would generally do, it will create a new virtual machine in digital ocean. So, in order to do that, what we are doing is we are using a post method and we are supplying some kind of information like a droplet name, the region, the size, like 512 MB, Ram, the Ubuntu image, along with various other information. So this is where the post needs to be used. We cannot use Get over here. So, depending upon the functionality of your API, the methods which your API should support will really differ. So, I hope you got the basic understanding of what this means. So, we’ll take yet another use case in today’s lecture, which is basically of online antivirus software.

So what this use case means is that you have an antivirus software running in your server and you want other users over the internet to upload their files and get the file scanned by the AV. How will you go with the use case? So, very simple use case where you have an antivirus software which is running in your server and you want other users over the internet to scan their files against your antivirus software. Now you cannot really give them the SSH access to your server. So how will you do that? Now, one of the simplest way in which you can do is design a Gui where you can allow a user to upload a file and click on scan button. That is one way, but that is a manual way. When we talk about automated way then APIs will help you. So, let me show you. This is a very interesting website. So this basically does the same thing that we had actually discussed. So what you need to do, you make a curl request. So this is a token API token and then you specify the file. So in this case it is document or doc. So this is the file and then the URL is API scanite comsomuris. So once you do that, what will happen is your document or doc, the contents will be scanned by the antivirus software or the antivirus functioning running and then the result you’ll get something similar to this. So if you will see it is giving a finding saying that a content has some malicious file which is based on macro X.

So macroex is basically used to affect the Microsoft Word based documents. So again, that’s very simple. You are scanning your document along with the API. The document is being scanned by the back end function and in the result you get the findings. So this is a very simple use case of what API can do. So this is quite important. Specifically if you have a website which allows users to upload their files like Dropbox. So what websites like Dropbox can do is that whenever you upload a file to a Dropbox or a Google Drive, they can run a curl request to an API. Maybe this, or maybe they might have their own APIs which would scan the document which was uploaded by the user. And if it says or if it finds that there is some kind of a virus, then it will delete it.

So a very simple use case. And this you will find in many of the email applications like Gmail, like whenever you download a certain content before it, the Gmail will actually scan the content. So if you send a virus you will not be able to do that. So Gmail will scan the contents that you are uploading and it will delete it if it is malicious. So this is yet another use case on what an API might do. Now, let’s look into the functioning on how the API would really work. So, what you have is you have some kind of a function. Let’s assume this can be antivirus software. And there is a database which contains the signatures. And then you have a user over here.

So, as we have discussed, we cannot really allow user to have an SS access to the server where they can upload their files. So what you really do is, if you want the user to run this specific function, you create a middle layer. So this is a function and then you have a middle layer of API. So what user will do, user will call the API, or user will make a curl request towards the API by uploading a file. The API will then interact with the back end function. The back end function will process according to the functionality and then it will send the result back to the user.

So this is a very high level overview on how an API would really work. Now, there are two important things that you would like to remember. The first is when you design the API, you need a backend function. So this function can be an antivirus software, or an image processing software or a simple hello world function as well. So you need a function. So you need the back end function. And depending upon the back end function, then you create an API.

Okay? So you have to have an API and you have to have a function. So whenever you design an API, the methods that the API will support really depends upon the functionality of the backend application. So we discuss you have get post, put delete and there are many others. So what methods the API will support will depend on the function that the application will be doing. So, this is it about the APIs. In the next lecture, what we will be doing is we will be creating our own function and then we will be creating our own API. And we’ll look into how exactly this can be done so that we can have a real world use case on how to create our own API.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img