API Governance Dashboard Overview
The Anypoint API Governance Dashboard is a tool designed to help you easily understand the status of your APIs across your organization and govern your API programs effectively. The dashboard provides metrics related to the health of your API programs, with direction action available right from the dashboard, where there is a logical associated action.
Key Features
The Dashboard provides several key features to help you manage your APIs:
- Metrics
-
Access a pre-built set of metrics to understand your API surface area.
- Actions
-
Each metric is associated with potential actions you can take from the dashboard to improve your API posture.
- Organization-wide Visibility
-
View metrics across your entire organization or filter the data to display information for the current organization.
- Clear Status Overview
-
Instantly see the status of your APIs, including those that are unprotected, governed, in Exchange, and in production.
- API Type Breakdown
-
Understand the distribution of your APIs by type (for example, REST API, AsyncAPI, HTTP API).
- Governance Insights
-
Gain visibility into your API governance posture, including the number of governed APIs, their conformance status, and nonconformance severity.
Dashboard Metrics
The Key Metrics section is a core component of the API Governance Dashboard. It offers a pre-built suite of metrics designed to provide a clear view of API status across your organization. This visibility helps you make informed decisions and improve your organization’s API quality by identifying conformance issues and enabling you to resolve those issues. Each metric is associated with a collection of APIs and an action to take on those APIs.
Unprotected APIs
- Definition
-
APIs in your catalog that are not currently managed in API Manager.
- Displayed Count
-
The dashboard shows the total count of such APIs.
- Actionable Metrics
-
Create a profile to govern some or all of your unprotected APIs, or view detailed API lists, to help you address issues or improve your API program.
Governed APIs
- Definition
-
The Total APIs governed under a profile in API Governance.
- Displayed Count
-
The dashboard displays the total number of governed APIs.
- Actionable Metrics
-
View APIs takes you to the API Governance Console, where you can view a list of governed APIs with details and the option to download a list of governed APIs.
APIs in Exchange
- Definition
-
APIs in your catalog that are in Exchange.
- Displayed Count
-
The dashboard shows the count of all APIs in Exchange.
APIs in Production
- Definition
-
APIs in your catalog that are deployed in a production environment.
- Displayed Count
-
The dashboard shows the count of all APIs in production.
- Actionable Metrics
-
View APIs takes you to the API Governance Console, where you can view a list of APIs in production with details and the option to download a list of APIs in production.
APIs by Type
- Definition
-
APIs in your catalog by type, specifically REST API, AsyncAPI, and HTTP API.
- Displayed Count
-
The dashboard shows the count of all APIs by type.
- Actionable Metrics
-
View APIs takes you to the API Governance Console, where you can view a list of APIs by type with details and the option to download a list of APIs by type.
Governance Usage by Profile Type
- Definition
-
Total number of APIs governed.
- Breakdown
-
APIs governed by Active profiles versus those in Draft Only profiles.
Conformance Status
- Definition
-
APIs conformance status.
- Displayed Count
-
The dashboard shows the count of all governedAPIs by conformance status.
- Breakdown
-
API counts by conformance status, showing Conformant and Not Conformant APIs.
Nonconformance by Severity
- Definition
-
Total number Nonconformant APIs.
- Breakdown by Severity
-
Nonconformances based on their severity level: High, Medium, and Low.
Taking Action from the Dashboard
From the dashboard, you can often take direct action, such as:
- Creating Governance Profiles
-
Initiate the creation of new governance profiles to start governing unprotected APIs or APIs in production.
- Viewing API Lists
-
Navigate to detailed lists of APIs based on the displayed metrics (for example, view all unprotected APIs, APIs in production, or APIs by type).
Creating Governance Profiles from the Dashboard
The API Governance Dashboard UI guides you through creating profiles. When you take action from the Dashboard to create a profile, your profile is prepopulated with the APIs that match the filter criteria from the Dashboard.
Note: The Governance Dashboard is available to all MuleSoft orgs out-of-the box. If you take action to create a governance profile, the APIs targeted by the profile will be metered.
Create a Governance Profile for Unprotected APIs
If you click Create Profile from the Unprotected APIs section of the Dashboard, your draft profile is prepopulated with the following:
-
The profile name is Unprotected APIs.
-
All unprotected APIs are included by the filter criteria.
-
The Anypoint Best Practices and Authentication Security rulesets are selected.
-
Notifications are enabled for the profile.
-
You can change any settings, including selecting rulesets and filter criteria, to further refine the profile.
-
You can save the profile as a draft or activate it.
-
After you save the profile as a draft, you can view the conformance information for the APIs in the profile.
-
After you activate the profile, you can view the conformance information for the APIs in the profile outside of the draft profile view.
You can then review your profile and click Save as a draft or Save as active:
-
Save a profile as draft to test profile settings and review conformance information before showing the conformance information for its targeted APIs outside of the draft profile view.
-
Save a profile as active to show the conformance information outside of the draft profile view.
When you save a profile as either draft or active, its targeted APIs become governed.
Create a Governance Profile for APIs in Production
If you click Create Profile from the APIs in Production section of the Dashboard, your draft profile is prepopulated with the following:
-
The profile name is APIs in Production.
-
APIs with instances in a production environment are included by the filter criteria.
-
The Mule API Management ruleset is selected.
-
Notifications are enabled for the profile.
-
You can change any settings, including selecting rulesets and filter criteria, to further refine the profile.
-
You can save the profile as a draft or activate it.
-
After you save the profile as a draft, you can view the conformance information for the APIs in the profile.
-
After you activate the profile, you can view the conformance information for the APIs in the profile outside of the draft profile view.
You can then review your profile and click Save as a draft or Save as active:
-
Save a profile as draft to test profile settings and review conformance information before showing the conformance information for its targeted APIs outside of the draft profile view.
-
Save a profile as active to show the conformance information outside of the draft profile view.
When you save a profile as either draft or active, its targeted APIs become governed.