Databases and APIs
Practical backend concepts for working with engineering. Distilled from working as a PM at an early-stage startup.
ERD — Entity Relationship Diagram
An ERD is a visual map of your database: what data you store, and how the pieces connect. Entities (tables) are boxes; relationships (one-to-many, many-to-many) are the lines between them. When a feature touches data, sketching the ERD answers “what do we store, and what links to what” before anyone writes a migration — it’s the data equivalent of a user flow.
Postgres and YAML
- Postgres — a relational database; data lives in tables with defined columns and relationships (the things an ERD describes).
- YAML — a human-readable format for configuration (services, pipelines, infra). Not a database — it’s how you declare setup, indentation-based and easy to diff.
Calling a REST API with a key + secret
A common auth pattern for machine-to-machine access:
- You’re issued a consumer key and consumer secret (an app credential, not a user password).
- You use them to authenticate to the API.
- Then you fire HTTP requests —
GETto read,POSTto create/send — often quickly from the command line (e.g.curl) while testing.
For user-delegated access (rather than an app credential), the relevant pattern is OAuth — see OAuth.
RBAC — Role-Based Access Control
RBAC decides who can do what by assigning permissions to roles, and roles to users — instead of granting permissions to each person individually. E.g. an “admin” role can edit and delete; a “viewer” role can only read. It scales cleanly: change the role, and every user with it updates at once.