This year’s MS Build was very different – we all know that. But for most of us, me included, was the first opportunity to join the event officially. And what event it was.
Ran across three time zone, with a mix of live sessions, Teams Live events and smaller Teams events, like focus groups, which allowed the attendees to really interact with the product groups and advocates from Microsoft.
This year there were some interesting announcements around the Azure Integration Services technologies. I’ve recently shared those announcements on a Auckland Azure User Group meetup, and thought that, since I already had everything collated, it would be a good idea to just share this with you on the blog as well. So, let’s talk about what is now available, or just \around the corner for AIS
Continue reading “MS Build Recap – The AIS Edition”
Last week I had an interesting request from a client. They have been creating generic APIs, using a variety of different backend systems (on-prem APIs, Azure Functions, Logic Apps, cloud APIs). Those APIs were grouped by product but even within a product they would like to restrict access to only some operations, so product A would have access to a group of operations, while product B would have access to different group. Initially I thought that role based access driven by claims, but the issue was that we didn’t have control of the identity providers, or the back end services. In the end we would have to find a solution within API Management to create this ACL like style.
Initally I didn’t like the idea to create our own access controls in APIM, but faced with the other constraints, I slowly warmed up to the idea and learned a couple of things about policies along the way.
Continue reading “API Management – Restrict Operation Access per Product”
API Management what enabled? If you haven’t keeping up with the news from MS Ignite 2019, the title might be a bit confusing. Arc (not A.R.C as I read it initially) is a new Service in Azure that allow customer to deploy and manage Azure Services anywhere – and anywhere in this case means any cloud, on-premises infrastructure and at the edge. You can find more about that service here.
During MS Ignite, the API Management team launched the public preview of a new feature, that takes advantage of the Arc technology to deploy API Management gateways anywhere. So let’s take a look of what that looks like.
Continue reading “API Management – Arc Enabled”
Well, that is a mouthful of a title, but I wanted to capture the exact issue, because I couldn’t find any page to help with this specific error and managed to get it fixed thanks to Vladimir Vinogradsky pointing me out to a tip in one of the APIM docs.
So my scenario was this: my team was working on an API that is protected with a client certificate policy – quite simple, very straightforward. At the API level it had the following policy:
Continue reading “API call with client certificate policy failing to execute due to message size on Azure API Management”
As you might remember, in June I was at the Integrate 2018, doing a presentation called Exposing BizTalk to the World. It was my second time presenting on what became the premier conference on Microsoft Integration and it was a fantastic experience. It wouldn’t be fair to talk about Integrate without thanking Theta for sponsoring my trip and time of work and BizTalk360 for organizing a great event.
But why am I talking about this almost four months later? Apart from the shameless plug, during that presentation suggested a couple of ways to expose BizTalk endpoints. One of the options was using API Management to expose BizTalk receive locations, and the other was using Azure Relay to bypass firewall and securely expose BizTalk endpoints.
A couple of weeks ago, I’ve actually combine both technologies to securely expose a BizTalk endpoint. On this scenario, the client needed to create an API that would be exposed to partners, but wanted to reuse a series of BizTalk processes that were already implemented. As this was a pilot that should highlight the agility and fast time to market that can be achieved with the cloud, we didn’t have time to go through the process of exposing their environment through the firewall and whitelist API Management. Continue reading “Combining API Management with Azure Relays”
I’ve been working during the last week or so on setting up a DR strategy for a solution that is based on API Management, Azure Functions and Service Bus. Most of the deployment to the secondary site is dealt by VSTS, but one of the main issues on the proposed strategy was the fact that APIM instance utilized is Standard, which doesn’t allow multi-region deployments. This way, to guarantee that all APIM configuration, including users, API policies and subscriptions, I had to leverage from the backup/restore functionality available in APIM, based on the Management API.
The API calls for backup and restores are quite straight forward, but use a authorization token that must be requested before the API call can be executed. So, to automate the process to generate the token and execute the backup or restore API calls, I decided to use Logic Apps. Continue reading “Automating API Management Backup and Restore with Logic Apps”
A while ago I saw a question in the forums where someone was trying to use a POST operation using the API Management action in Logic Apps and the action card didn’t have any way to input the body object.
To replicate the issue I’ve create a very simple logic app, so simple in fact that I didn’t even bother to define a trigger schema. After creating a new API using that logic app, to my surprise I also couldn’t find any input for the message body. Continue reading “API Management Gotcha – Empty Body Definition”