Enterprise
May 23, 2022
8 min read

The API Mandate: How a mythical memo from Jeff Bezos changed software forever

Aghi
Augusto Marietti
CEO & Co-Founder of Kong

You would think in the Internet age, primary sources for a widely discussed event — one that's helped define cloud computing and today's cascading digital transformation of enterprises — would be easy to track down. The original footprint must be somewhere.

But that's not so in the case of the arresting "API Mandate," perhaps better thought of now as the API Mandate or API-First Mandate. It's famous in tech circles near and far as a multipart pronouncement from Jeff Bezos himself, circa 2002.

What is the API-first mandate?

A source documenting the API Mandate did not surface until around 10 years after the fact. In 2011, seasoned software engineer Steve Yegge needed to get something off his chest. An internal Google memo he wrote in October of that year inadvertently became public, preserved on Github at the time by yet a different person, and included this:

"But on one occasion — back around 2002 I think, plus or minus a year — he [Bezos] issued a mandate that was so out there, so huge and eye-bulgingly ponderous, that it made all of his other mandates look like unsolicited peer bonuses. His Big Mandate went something along these lines:

  • All teams will henceforth expose their data and functionality through service interfaces.
  • Teams must communicate with each other through these interfaces.
  • There will be no other form of interprocess communication allowed: no direct linking, no direct reads of another team’s data store, no shared-memory model, no back-doors whatsoever. The only communication allowed is via service interface calls over the network.
  • It doesn’t matter what technology they use. HTTP, Corba, Pubsub, custom protocols — doesn’t matter. Bezos doesn’t care.
  • All service interfaces, without exception, must be designed from the ground up to be externalizable. That is to say, the team must plan and design to be able to expose the interface to developers in the outside world. No exceptions.
  • Anyone who doesn’t do this will be fired."

Neither Jeff Bezos nor his top engineers have denied the Mandate, and it's become technology lore. Rightly so, because what it encapsulates has, in fact, changed computing — and business — forever.

The API-First Journey Starts Here: Become a secure, API-centric enterprise

From monolith to microservices, turmoil to teamwork

Whether the Mandate was in an email direct from Jeff Bezos or from the CTO at the time, Allan Vermeulen, or a collection of directives formed by multiple leading engineers at Amazon, it reflects the inventiveness and determination of a whole team of thinkers, offering a programmable approach to infrastructure and a building-block view of application development that could solve pressing human, technical and business problems at the same time.

In a highly abridged nutshell, history played out this way: From about 2000 to 2006, the leaders and engineers at Amazon and its evolving new wing that would become Amazon Web Services (AWS), were imperfectly but steadily solidifying cloud computing's precursor. First, they moved away from the massive efficiency drain of monolithic software building — what the system supporting Amazon's retail business had become.

Werner Vogels, who has been Amazon's CTO since 2005, observed, "We were doing iterative development on a monolithic code base that included everything from content to customer service apps to the logistics of shipping packages."

They turned to Service Oriented Architecture (SOA) design, which evolved into the "web services" in AWS' name, then atomized that move further by empowering small, agile teams to build microservice. With microservice architectures and the creation of API Gateway patterns, individual components of an application can be built and their common functionality shared with other microservices — building blocks that can be linked together to meet the computing demands of any particular business use case

Teams had to "expose their data and functionality through service interfaces" and only allow communication between services "via service interface calls over the network … with no backdoors whatsoever." They had to "plan and design to be able to expose the interface to developers in the outside world" — not necessarily exposing, but able to expose.

This is a description of what application programming interfaces (APIs) do, whether they are connecting single-task internal services deep within an enterprise system or being used to feed weather data onto a mobile app.

APIs made the shift from monolith to microservices possible because they provide an efficient means for the services to interact with each other. Amazon required APIs to be documented; when they are, they can be discovered by teams across the organization and implemented fast. Insisting that builds interoperate via documented APIs had major human, technical and business benefits. It eliminated redundancies in the system and duplication of work.

It broke down the technical and human silos that frequently caused engineers to step on each other's toes and break each other's code, a frequent source of frustration with monolith systems. It reduced interdepartmental data hoarding among teams building different parts of the system, as well as some kinds of technical debt.

The API approach reduced the complexity developers faced on a day-to-day basis and kept the data flowing through Amazon. Bezos knew that data flowing through an enterprise that could be quickly leveraged by innovative teams was absolutely key to meeting customer needs faster than other companies.

For Jeff Bezos, pleasing customers was and has always been the business outcome critical for financial success. As he told his CTO Vogels onstage, "When you have something you know is true, that's where you put the energy and time… Customers will always want low prices, fast delivery, and a quality experience." APIs were, are, and will continue to be the ubiquitous technical tool that gets businesses there.

The legend of S3 — a cloud is born

In the process of tearing down the monolith and implementing a services approach, AWS evolved one of its most widely used services, the global backbone of storage that is S3, or Simple Storage Service. As an object storage service, any customer in any industry can use it "to store and protect any amount of data for a range of use cases, such as data lakes, websites, cloud-native applications, backups, archive, machine learning, and analytics."

Vogels has explained how S3's architecture went from eight microservices in its first month to what is now more than 235 distributed microservices, all connected via API.

An analogy from Marvin Theimer, Amazon Distinguished Engineer, captures it well: "… the evolution of Amazon S3 could best be described as starting off as a single engine Cessna plane, but over time the plane was upgraded to a 737, then a group of 747s, all the way to the large fleet of Airbus 380s that it is now. All the while, we were refueling in midair and moving customers from plane to plane without them even realizing it."

The (initial!) rise of microservices

Consider how microservices and API architecture propelled the growth of S3. Naturally, it also accelerated the growth of services across the board at Amazon. When AWS officially began selling cloud computing in 2006, it started with S3 and Elastic Compute Cloud (EC2).

By 2009, Virtual Private Cloud (VPC) and Relational Database Service (RDS) were on the market. AWS was tuning its approach and in new territory — selling scalable, programmable infrastructure services to businesses on an only-pay-for-what-you-use utility model.

It's important to remember that APIs have been in existence since the 1960s. What Amazon did was reveal their potential not only to revolutionize what constitutes a data center—hey businesses, trade in your massively expensive, mostly unused hardware in the basement for the same functions fed to your business over a network on an as-needed basis—but also to model a new frontier for application modernization and data flow in any and every business.

As noted in HBR, "unbundling software functionality into API-accessible business capabilities is a hallmark of leading digital companies." In building the largest distributed cloud on Earth, AWS led the way and has offered the world one of the best examples to study. It went from providing a dozen scalable cloud computing services in the first decade of the 21st century to more than 200 in the second decade and now into the third.

The API-first future has arrived (and it's still day 1)

At AWS re:Invent 2021, the mothership of all cloud computing conferences, one of Vogels' key messages reflected on the lessons AWS has learned over time creating customer-facing APIs. He enumerated them:

  • APIs are forever
  • Never break backward compatibility
  • Work backwards from customer use cases
  • Create APIs that are self-describing and have a clear, specific purpose
  • Create APIs with explicit and well-documented failure modes
  • Avoid leaking implementation details at all costs

API expert John Musser has observed: "If you believed that everything was going to move to the cloud and you need to integrate everything onto the cloud, then it wasn't going to be much of a question that everything in the cloud is going to have an API, as APIs are the glue that connects cloud services."

Gartner research in 2021 shows that more than 70% of companies have migrated at least some workloads into the public cloud and that trend will only continue.

While a collective measure of global API consumption is hard to come by, consider the following stats.

  • According to IDC, 65% of the world’s GDP is set to be digitalized by 2022 and direct digital transformation (DX) investments to total $6.8 trillion between 2020 and 2023.
  • Allied Market Research reports that, "The global microservices architecture market size was valued at $2,073 million in 2018, and is projected to reach $8,073 million by 2026, registering a CAGR of 18.6% from 2019 to 2026."
  • According to Kong's 2022 API & Microservices Connectivity Report, nearly 70% of tech leaders say budgets for APIs will continue to increase in 2022; 57% said they increased over 2021.

API-first mandate: 20 years of transformation and 20 more ahead

The growth is a sure indicator that we are in an API-First era, where well-functioning API ecosystems are crucial for businesses to stay competitive. For a long time, Jeff Bezos has held that increasing your rate of experimentation is necessary for successful invention. APIs enable that fully. Successful enterprises with a standardized API layer for smarter connectivity are already driving today's economy.

"Ordering imagery from space is now like ordering your favorite food from a website using an app," Payam Banazadeh, founder and CEO of Capella Space, said during Vogels' 2021 AWS re:Invent keynote. "You are literally one API call away from accessing a powerful network of orbiting satellites."

To echo the sentiment on that stage, if you’re one API call away from seeing our planet and its billions of changes in real-time, what would you build?

Download Kong's 2022 API & Microservices Connectivity Report to get tech leaders’ takes on the connectivity trends driving innovation today.