Showing posts with label Azure APIM. Show all posts
Showing posts with label Azure APIM. Show all posts

Wednesday, October 27, 2021

Authenticate Azure APIM using Managed Identity to access Storage Account

<policies>
<inbound>
<!-- check the cache for secret first -->
<cache-lookup-value key="mysecret" variable-name="keyvaultsecretResponse" />
<!-- call Key Vault if not found in cache -->
<choose>
<when condition="@(!context.Variables.ContainsKey("keyvaultsecretResponse"))">
<send-request mode="new" response-variable-name="keyvaultsecret" timeout="20" ignore-error="false">
<set-url>https://msikvtest.vault.azure.net/secrets/mysecret/?api-version=7.0</set-url>
<set-method>GET</set-method>
<authentication-managed-identity resource="https://vault.azure.net" />
</send-request>
<!-- transform response to string and store in cache -->
<set-variable name="keyvaultsecretResponse" value="@(((IResponse)context.Variables["keyvaultsecret"]).Body.As<string>())" />
<cache-store-value key="mysecret" value="@((string)context.Variables["keyvaultsecretResponse"])" duration="3600" />
</when>
</choose>
<return-response>
<set-status code="200" reason="Done" />
<set-header name="content-type" exists-action="override">
<value>application/json</value>
</set-header>
<set-body>@((string)context.Variables["keyvaultsecretResponse"])</set-body>
</return-response>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>

Tuesday, August 24, 2021

Purging a soft deleted Azure APIM - API Management

 First you need to run the below script to get all soft deleted apims so that the details can be passed to the delete method which we will run after this. The output printed on powershell window is trimmed and hence I'm writing the response to an output file.

#GET Request- To list all soft deleted apims in a specific subscription

$token = Get-AzAccessToken

$request = @{

    Method = 'GET'

    Uri    = "https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.ApiManagement/deletedservices?api-version=2020-06-01-preview"

    Headers = @{

        Authorization = "Bearer $($token.Token)"

    }

}

Invoke-RestMethod @request  -OutFile c:\apimoutput.txt


#DELETE Request- This will purge the soft deleted apim 


$token = Get-AzAccessToken

$request = @{

    Method = 'DELETE'

    Uri    = "https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.ApiManagement/locations/{Location}/deletedservices/{APIMName}?api-version=2020-06-01-preview"

    Headers = @{

        Authorization = "Bearer $($token.Token)"

    }

}

Invoke-RestMethod @request

Version an API in Azure API Management using Azure Resource Manager

When creating a new API in an Azure API Management Service using the portal, you can specify whether you would like the API to be versioned


To achieve this through ARM scripts you'll need to create an ApiVersionSet resource first:
{
    "name": "[concat(variables('ManagementServiceName'), '/', variables('VersionSetName'))]",
    "type": "Microsoft.ApiManagement/service/api-version-sets",
    "apiVersion": "2017-03-01",
    "properties": {
        "description": "Api Description",
        "displayName": "Api Name",
        "versioningScheme": "Segment"
    }
}

Then update the apiVersionSetId property on the Microsoft.ApiManagement/service/apis resource:


{
        "type": "Microsoft.ApiManagement/service/apis",
        "name": "[concat(variables('ManagementServiceName'), '/', variables('ApiName'))]",
        "apiVersion": "2017-03-01",
        "dependsOn": [
            "[resourceId('Microsoft.ApiManagement/service/api-version-sets', variables('ManagementServiceName'), variables('VersionSetName'))]"
        ],
        "properties": {
            "displayName": "string",
            "apiRevision": "1",
            "description": "",
            "serviceUrl": "string",
            "path": "string",
            "protocols": [
                "https"
            ],
            "isCurrent": true,
            "apiVersion": "v1",
            "apiVersionName": "v1",
            "apiVersionDescription": "string",
            "apiVersionSetId": "[concat('/api-version-sets', variables('VersionSetName'))]"
        }
    }