Here’s how to set up containerized Azure API Gateway for Seamless Microservices Security:
Create Azure API Management (APIM) Instance:
- Go to the Azure portal and create a new Azure API Management instance.
- Under the “Deployment + infrastructure” section, add a new Self-hosted Gateway by providing a name and location.
- Select the created gateway, note down the gateway token, deployment parameters and configuration endpoints.
Configure Container Environment and Container Apps:
- Create a container app to package existing APIs from an image. Ensure that the application ingress traffic is set to “Limited to Container Apps Environment.”
- Create another container app in the same Container Environment of the Container App APIs, refer to the deployment parameters of the gateway for containerizing the APIM gateway using the image “mcr.microsoft.com/azure-api-management/gateway:v2.”. Configure the ingress traffic to allow “Accept traffic from anywhere.”
- Add environment variables from deployment parameters
Enable API in Gateways:
- Navigate to the gateways in the APIM instance.
- In the APIs section, add the APIs that you want to expose through the gateway.
Onboarding Container APIs and Configuring Policies:
- On-board each container API and configure the corresponding backend container internal URL.
- At the “All APIs” level, implement a JWT validation policy to enforce OAuth mechanism.
Test & Validate:
- Using Postman, send an HTTP request to the APIM self-hosted container app URL with the appropriate backend API path.
- Include the OAuth token generated from the client credentials in the request.
Note: Accessing the backend container APIs from the APIM Developer portal or through external URLs of the APIM gateway is not feasible.
Points to remember:
- Make sure that the container apps are running and accessible.
- Double-check the environment variables and API configurations.
- Monitor the APIM instance for any errors or issues in the developer portal.
By following these steps, you should be able to set up an Azure API Management instance, configure container environments and apps, enable APIs in gateways, and test the setup using Postman.