Secure Microservices on ACA with APIM Gateway Part 2

Daniel Jonathan Avatar



In our last blog, we explored the game-changing advantages of containerized Azure API Management in securing and exposing microservices APIs within decentralized environments. This method, marked by centralized authentication and streamlined management, ensures both seamless microservices operations and a robust security foundation.

Now, let’s dive into the practical side. In this follow-up, we provide a step-by-step guide to implementing containerized Azure API Management. Covering basics to advanced configurations, consider this your go-to manual for unlocking centralized control and ensuring robust security in your microservices architecture. Are you ready to roll and make your implementation journey smooth and effective?

Here’s how to set up containerized Azure API Gateway for Seamless Microservices Security:

Create Azure API Management (APIM) Instance:
  • Go to the Azure portal and create a new Azure API Management instance.
  • Under the “Deployment + infrastructure” section, add a new Self-hosted Gateway by providing a name and location.
  • Select the created gateway, note down the gateway token, deployment parameters and configuration endpoints.
Configure Container Environment and Container Apps:
  • Create a container app to package existing APIs from an image. Ensure that the application ingress traffic is set to “Limited to Container Apps Environment.”
  • Create another container app in the same Container Environment of the Container App APIs, refer to the deployment parameters of the gateway for containerizing the APIM gateway using the image “mcr.microsoft.com/azure-api-management/gateway:v2.”. Configure the ingress traffic to allow “Accept traffic from anywhere.”
    • Add environment variables from deployment parameters
Enable API in Gateways:
  • Navigate to the gateways in the APIM instance.
  • In the APIs section, add the APIs that you want to expose through the gateway.
Onboarding Container APIs and Configuring Policies:
  • On-board each container API and configure the corresponding backend container internal URL.
  • At the “All APIs” level, implement a JWT validation policy to enforce OAuth mechanism.
Test & Validate:
  • Using Postman, send an HTTP request to the APIM self-hosted container app URL with the appropriate backend API path.
  • Include the OAuth token generated from the client credentials in the request.

Note: Accessing the backend container APIs from the APIM Developer portal or through external URLs of the APIM gateway is not feasible.

Points to remember:

  • Make sure that the container apps are running and accessible.
  • Double-check the environment variables and API configurations.
  • Monitor the APIM instance for any errors or issues in the developer portal.

By following these steps, you should be able to set up an Azure API Management instance, configure container environments and apps, enable APIs in gateways, and test the setup using Postman.


Take Action!

To sum up, containerized Azure API Management transforms microservices with seamless operations and robust security. Use our guide for centralized control and a secure microservices architecture. Ready to roll into effective implementation?

Interested in our
Approach & Solutions?

Don’t settle when it comes to making critical decisions.
Get in Touch – and explore the possibilities!

Leave a Reply

Your email address will not be published. Required fields are marked *