Deploying an API Management instance via ARM is complicated. I’ve created a cheat sheet to help you out.Github .
ARM ARM might be the way to deploy a pre-setup instance. For adding API’s to an existing API Management instance I prefer to use the API Management extensions from the Azure DevOps Marketplace.
Instance Parameterize every option, in your ARM script. Resources sucha as policies, products, api’s and such go into the sub resources array.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 { "apiVersion" : "2017-03-01" , "name" : "[variables('apiManagementServiceName')]" , "type" : "Microsoft.ApiManagement/service" , "location" : "[parameters('location')]" , "tags" : {}, "sku" : { "name" : "[parameters('sku')]" , "capacity" : "[parameters('skuCount')]" }, "properties" : { "publisherEmail" : "[parameters('publisherEmail')]" , "publisherName" : "[parameters('publisherName')]" }, "resources" : [] }
Tenant policy To create a tenant wide policy.
1 2 3 4 5 6 7 8 9 10 11 { "apiVersion" : "2017-03-01" , "type" : "policies" , "name" : "policy" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "policyContent" : "[parameters('tenantPolicy')]" } }
API’s Adding API’s can be done via Open API definitions. If your Open API definition doesn’t contain a host property, like: "host":"somewebsite.azurewebsites.net". Then you should add the service url property inside your ARM.
1 2 3 4 5 6 7 8 9 10 11 12 13 { "apiVersion" : "2017-03-01" , "type" : "apis" , "name" : "PetStoreSwaggerImportExample" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "contentFormat" : "SwaggerLinkJson" , "contentValue" : "http://petstore.swagger.io/v2/swagger.json" , "path" : "examplepetstore" } }
You can also add operations manually, without using Open API definitions.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 { "apiVersion" : "2017-03-01" , "type" : "apis" , "name" : "exampleApi" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "displayName" : "Example API Name" , "description" : "Description for example API" , "serviceUrl" : "https://example.net" , "path" : "exampleapipath" , "protocols" : [ "HTTPS" ] }, "resources" : [ { "apiVersion" : "2017-03-01" , "type" : "operations" , "name" : "exampleOperationsDELETE" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/apis/exampleApi')]" ], "properties" : { "displayName" : "DELETE resource" , "method" : "DELETE" , "urlTemplate" : "/resource" , "description" : "A demonstration of a DELETE call" } }, { "apiVersion" : "2017-03-01" , "type" : "operations" , "name" : "exampleOperationsGET" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/apis/exampleApi')]" ], "properties" : { "displayName" : "GET resource" , "method" : "GET" , "urlTemplate" : "/resource" , "description" : "A demonstration of a GET call" }, "resources" : [ { "apiVersion" : "2017-03-01" , "type" : "policies" , "name" : "policy" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/apis/exampleApi')]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/apis/exampleApi/operations/exampleOperationsGET')]" ], "properties" : { "policyContent" : "[parameters('operationPolicy')]" } } ] } ] }
There are also other ways, such as WSDL, and inserting Open API definitions as a value in your ARM.documentation and check for contentFormat and contentValue.
Product To create a product and add API’s directly to the product.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 { "apiVersion" : "2017-03-01" , "type" : "products" , "name" : "exampleProduct" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "displayName" : "Example Product Name" , "description" : "Description for example product" , "terms" : "Terms for example product" , "subscriptionRequired" : true , "approvalRequired" : false , "subscriptionsLimit" : 1 , "state" : "published" }, "resources" : [ { "apiVersion" : "2017-03-01" , "type" : "apis" , "name" : "exampleApi" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/apis/exampleApi')]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/products/exampleProduct')]" ] }, { "apiVersion" : "2017-03-01" , "type" : "policies" , "name" : "policy" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/products/exampleProduct')]" ], "properties" : { "policyContent" : "[parameters('productPolicy')]" } } ] }
User To create a user. But think of using Azure AAD integration.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 { "apiVersion" : "2017-03-01" , "type" : "users" , "name" : "exampleUser1" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "firstName" : "ExampleFirstName1" , "lastName" : "ExampleLastName1" , "email" : "ExampleFirst1@example.com" , "state" : "active" , "note" : "note for example user 1" } }
Group To create a group of users.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 { "apiVersion" : "2017-03-01" , "type" : "groups" , "name" : "exampleGroup" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "displayName" : "Example Group Name" , "description" : "Example group description" }, "resources" : [ { "apiVersion" : "2017-03-01" , "type" : "users" , "name" : "exampleUser3" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/groups/exampleGroup')]" ] } ] }
Subscription To create a subscription for a user.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 { "apiVersion" : "2017-03-01" , "type" : "subscriptions" , "name" : "examplesubscription1" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/products/exampleProduct')]" , "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'), '/users/exampleUser1')]" ], "properties" : { "productId" : "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/exampleServiceName/products/exampleProduct" , "userId" : "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/exampleServiceName/users/exampleUser1" } }
Named values Add named values, often used in policies as variables.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 { "apiVersion" : "2017-03-01" , "type" : "properties" , "name" : "exampleproperties" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "displayName" : "propertyExampleName" , "value" : "propertyExampleValue" , "tags" : [ "exampleTag" ] } }
Certificate To create a certificate.
1 2 3 4 5 6 7 8 9 10 11 12 { "apiVersion" : "2017-03-01" , "type" : "certificates" , "name" : "exampleCertificate" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "data" : "[parameters('mutualAuthenticationCertificate')]" , "password" : "[parameters('certificatePassword')]" } }
OpenId Connect For OpenId integration.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 { "apiVersion" : "2017-03-01" , "type" : "openidConnectProviders" , "name" : "exampleOpenIdConnectProvider" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "displayName" : "exampleOpenIdConnectProviderName" , "description" : "Description for example OpenId Connect provider" , "metadataEndpoint" : "https://example-openIdConnect-url.net" , "clientId" : "exampleClientId" , "clientSecret" : "[parameters('openIdConnectClientSecret')]" } }
Identity providers You can add multiple identity providers. The following providers are available.
1 2 3 4 5 6 ["facebook" , "google" ,"microsoft" ,"twitter" ,"aad" ,"aadB2C" ]
1 2 3 4 5 6 7 8 9 10 11 12 { "apiVersion" : "2017-03-01" , "type" : "identityProviders" , "name" : "google" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "clientId" : "googleClientId" , "clientSecret" : "[parameters('googleClientSecret')]" } }
Logger You can use either EventHub or Application Insights as a Logging framework.
Eventhub 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 { "apiVersion" : "2017-03-01" , "type" : "loggers" , "name" : "exampleLogger" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "loggerType" : "azureEventHub" , "description" : "Description for example logger" , "credentials" : { "name" : "exampleEventHubName" , "connectionString" : "[parameters('eventHubNamespaceConnectionString')]" } } }
Application Insights 1 2 3 4 5 6 7 8 9 10 11 12 13 { "apiVersion" : "2017-03-01" , "type" : "loggers" , "name" : "exampleLogger" , "dependsOn" : [ "[concat('Microsoft.ApiManagement/service/', variables('apiManagementServiceName'))]" ], "properties" : { "loggerType" : "applicationInsights" , "description" : "Description for example logger" , "credentials" : "3e2e9837-b17b-44b3-a652-ed296080c57d" } }
Reference Microsoft ARM Docs