Leverage Apigee to Modernize Exposure & Secure Access

April is for Apigee! Let us look an interesting lab Leverage Apigee to Modernize Exposure & Secure Access. In this lab you will start with an existing SOAP service which you will quickly import into Apigee using the powerful built-in wizard and apply some basic security, traffic management, and message transformation policies. Sounds interesting right? Let us get you all set up to get started with this lab.


The setup of this lab is pretty much like all the other labs. All you need is a stable internet connection and an incognito window to perform the lab. However, you need to perform one additional step here which is creating an Apigee account. This will take about two minutes. Once you are logged in to your Apigee account, you are ready to get some hands on with Apigee.

Let us have a look at the steps which you would be following in order to complete this lab.

Create and configure the Stackdriver Extension instance on Apigee Edge

To complete this step you need to use both your Apigee account as well as the Google Console. You need to follow each and every step carefully as this process is lengthy. Let us break it down into simple sub-steps

Create extension:

First you need to add the Google Stackdriver Logging extension in your Apigee account. Create according to the naming standards, make sure you don’t have a space while you are naming your extension.

Configure the environment:

In order to configure the environment follow the instructions exactly as given in the lab instructions. Copy and the paste your Google project id which is given on the lab instructions page here.

Once you have added this, you will have to add the Credentials. Let us get these credentials now.

Create Service Account:

In order to create the Credentials you need to create a service account first. To create this account you need to use the Google Console. Navigate to Service accounts as given in the lab instructions, add the name and description and click on Create. Your service account has been created.

Create Key:

In order to create a key, select the role as “Log writer” and click on the Continue button. As soon as you click on the Continue button, you will see the Create Key option. Select the JSON option and click on create. The credentials file will be automatically downloaded. Open that file and copy and paste the content in the credentials and click on Save.

Deploy Test Environment:

Now go back to your Apigee Console and click on Deploy. The deploying would take some time. You will see this screen.

Wait till the environment is deployed completely. Do not proceed unless you see the green tick like this.

Congratulations! The first step of the lab is done!

Import a SOAP service

You will now import a SOAP service in your Apigee Edge account. This procedure is easy. There a five quick steps which you need to follow. All the instructions are given along with the screenshots. Once you are done with all the steps, click on the Create and Deploy button.

Once you see the above screen, you are ready to move further.

Export your API Proxy

In order to export your Proxy, you need to follow five easy steps. Instructions are well explained and hence you will easily be able to get the “apiproxy” folder.

Create a cloud storage bucket & upload your app data in it

To create a storage bucket, click on Storage and then on Create Bucket. Use your GCP project ID as the name of your bucket and click on Create. Once your bucket is created upload the “apiproxy” folder. There are total 25 files in that folder and hence it can be time consuming.

Once all the files are finished uploading you can move to the next step.

Make your bucket publicly accessible:

Follow the instructions as given in the lab instructions to provide public access to your bucket. This is a very quick step which will hardly take any time.

Securely access the REST API and trace the call flow

Now it is time for the final showdown: The last and the lengthiest step of the lab. Let us break down this step as well in sub-steps.

Add policy to your proxy:

In this step you will be adding a policy to your proxy which is dependent on the previous steps which you have performed. Follow the steps exactly as given and you will be able to successfully add the policy.

Modify Policy Extension Callout-1:

In this step you will modify the policy extension by adding a code given in the lab instructions. Once modify the policy, you will move on the next step which is starting the trace session.

Start Trace Session:

In this step you will run a couple of trace tests to check if the call which you are making is secure or not. After testing it you will find that you are getting the 401 error. To make an authenticated API call you need an API key. Next you will create a new app which will give you the API key.

Create a New App and get a Key

The procedure of creating a new app is now simple as you are acquainted with Apigee Edge. Follow the steps as given in the lab instructions. For better explanation screenshots are given which will guide you along the way. Keep referring to those to check if you are doing the steps right. Copy the key which you have generated.

Add Quota to the Product:

To add quota to the product, you will need to edit the lab5-catalog-Product and set the Quota as 3 requests every 1 minute. Your trace is running in the other tab, now alter the url with the key which you generated and click on send. You will see 200 response status.

Verify the log message:

Navigate to the logs viewer as given in the instructions and select the Global Resource Filter. Once that is step is done you have completed the last step of the lab! Click on check my progress to update your score!

We hope you had fun with this interesting Apigee Lab. Here’s something for you to get started with Apigee. Use code 1q-leverage-372 for 3 free credits in your Qwiklabs account (valid through April 23rd)