API Governance with MuleSoft Anypoint Platform (Part 2/4)
In the first post of this four-part series, we discussed the importance of API governance and how the MuleSoft Anypoint Platform provides a framework for implementing governance. We also saw what is provided out-of-the-box for rulesets (the definitions that provide governance) and where to find details on these rulesets. This second post will focus on the API governance workflow and how to apply rulesets to APIs.
API Governance Workflow
Overall, the MuleSoft API governance workflow is designed to provide a structured and standardized approach to API design, development, testing, documentation, management, monitoring, and governance, ensuring that APIs are reliable, scalable, secure, and compliant throughout their lifecycle. In terms of how we apply the out-of-the-box or custom rulesets, the API governance workflow is depicted below, where governance profiles are linked to one to many rulesets:
How do we apply rulesets?
This is an easy process that can be done using the steps defined below:
Step 1
Navigate to and click on the link for API Governance in the management centre of Anypoint Platform.
Step 2
If needed, create a governance profile or select an existing governance profile.
Step 3
Select the rulesets you want to apply for the profile. You can select as many rulesets as you want (be aware that applying many rulesets will make it harder for the APIs to conform to all of the rules).
Step 4
Select the APIs that you want to link to the profile, which will, in turn, apply all of the rulesets selected.
Step 5
Select the notification rules that you want to apply to any non-conformant APIs.
Step 6
Review the details of the created or updated governance profile.
Step 7
When satisfied with the governance profile, click on the ‘create’ button (or update if modifying a profile). Upon creation/update of the governance profile, a dashboard will be generated showing the governance of the selected APIs for the governance profile.
Step 8
You can then navigate into the APIs in the dashboard to see any governance violations detected.
Step 9
You can also select a governance violation to get more details on the non-compliance issue.
Step 10
You can also view the details of an API in Exchange to see whether an API is conformant or non-conformant to the rulesets applied to it.
Summary
Overall, applying rulesets in MuleSoft API governance involves creating, configuring, applying, monitoring, and managing the ruleset to ensure that your APIs adhere to the desired governance policies and practices. We have seen how the API governance workflow works and can then be applied using profiles in the API Governance section of Anypoint Platform. We have also seen that you can create many profiles to provide different governance rulesets for different groups of APIs. You can then view any conformance violations in the dashboards that exist for each profile (and, in turn, the APIs that you associate with the rulesets in the profile) that you create. You can also see whether a specific API is conformant or non-conformant in Exchange.
Part three of this series provides details on creating and sharing custom API governance rulesets.
