Azure API Management

1.    What is Azure APIM?

Ans:

Azure API Management is a fully managed solution that allows users to securely publish, adapt, manage, and monitor APIs. Users can construct an API facade in the Azure portal with a few clicks that serves as a "front door" through which external and internal apps can access data or business logic implemented by our custom-built backend services running on Azure.

 

2. What is API gateway?

Ans:

An API gateway is a solution for managing APIs that lies between a client and a group of backend services. An API gateway serves as a reverse proxy, accepting all API calls, aggregating the numerous services required to fulfil them, and returning the accurate outcome. It can also handle cross-cutting activities including authentication, SSL termination, and rate limitation.

 

3.     Is APIM an API gateway?

Ans:

API Management (APIM) is a technique for creating consistent and modern API gateways for existing back-end services.

 

4.     What's the difference between API management and API gateway?

Ans:

An API gateway is a simple proxy server, whereas API management is the whole solution for managing APIs in production, which comprises a cluster of API gateways, an administrative UI, and so on.

Azure API Management Service is made of three main components.

1.       Azure portal

2.      Developer Portal -> URL -> https://<name>.developer.azure-api.net

3.      API Gateway -> URL -> https://<name>.azure-api.net

API Management enables enterprises to publish APIs to external, vendor, and internal users in order to maximize the value of their data and services.

5.     What is difference between proxy and gateway?

Ans:

1.       A gateway is a network that serves as a point of entry into another network.

2.      A reverse proxy is a server that retrieves data sent from one or more other servers.

3.      The proxy server is effectively requesting permission from the gateway for data to access the network.

 

6.    What is Gateway Routing?

Ans:

Using layer 7 routing and gateway as a reverse proxy to redirect requests to one or more backend services. The gateway serves as a single point of contact for clients and aids in the decoupling of clients from services.

 

7.    What is Gateway Aggregation?

Ans:

We can utilize this gateway pattern, when to combine several requests into a single request. When a single activity needs calls to several backend services, this pattern fits. A single request is sent to the gateway by the client. The gateway forward request to various backend services, then aggregates and returns the results back to the client. This minimizes the level of communication between the client and the backend.

 

8.   What is Gateway Offloading?

Ans:

Should use gateway to offload cross-cutting concerns and functionality from separate services to the gateway. Instead of making each service responsible for implementing these services, it may be more efficient to combine them into a single location. This is especially true for features like authentication and authorization, which require specialist skills to perform correctly.

 

9.     Is Azure APIM a load balancer?

Ans:

API Management will not really handle load balancing, it can be used in combination with a load balancer like Application Gateway or a reverse proxy.

 

11.    How to create Azure API Management service instance from the Azure portal?

Ans:

1.       Select Create a resource from the Azure portal menu/Azure Home page.

2.      Select Integration > API Management from the Create a resource page.

3.      Select subscription, resource group, Instance details, and pricing tier on the Create API Management page, then click the Review+Create button.

4.      Search API Management services from the Azure Portal Home Page once it's been setup.

5.      Select the API Management service that you just built.

 

12.    How to import a Postman collection into Azure API Management?

Ans:

Step1: Convert the Postman Collection to Swagger V2 JSON File

·       There are various free tools that allow you to convert a Postman collection to any format you want, including Swagger in our instance. APIMATIC is one of these tools.

·       APIMATIC API Transformer can be found at https://apimatic.io/transformer.

·       Upload the file description for your Postman collection.

·       Select the Target Description Format -> "Swagger v2.0 (JSON)" -> click "Convert Now".

·       The output file will be downloaded to your computer automatically.

Step2: Upload in the Azure APIM Portal

·       In the Azure Portal, go to my API Management.

·       Select "Add API" from the left pane, then "OpenAPI specification" from the drop-down menu.

·       Click "Create" after importing the file prepared previously in the APIMATIC web tool.

 

13. How can I verify that every coming inbound request has a specific header in APIM?

Ans:

We can verify the every coming inbound request header by setting varaible in inbound policy inside an API in Azure API Management.

Example:

<policies>

    <inbound>

     <set-variable name="checkHeaderVal"

                   value="@(context.Request.Headers.GetValueOrDefault("abc","").Contains("xxxxx") )" />

    </inbound>

</policies>

 

 

14. How to set the backend url from header in APIM?

Ans:

We can set the backend url in the policies.

 

<policies>

    <inbound>

        <set-variable name="backendURL"

                     value="@(context.Request.Headers.GetValueOrDefault("uri","https://techgeeknext.com/"))" />

        <set-backend-service base-url="[parameters('backendURL')]"/>

        <base />

    </inbound>

    <backend>

        <base />

    </backend>

    <outbound>

        <base />

    </outbound>

    <on-error>

        <base />

    </on-error>

</policies>

 

15. In the Azure APIM policy, how can we verify if the value supplied in the header is a Guid or not?

Ans:

<set-variable name="xguidId" value="@(context.Request.Headers.GetValueOrDefault("x-guid-id", Guid.NewGuid().ToString()))" />

    <choose>

        <!--If the variable x-guid-id is not specified, the request will be denied. -->

        <when condition="@(Guid.TryParse(context.Variables.GetValueOrDefault<string>("xguidId"), out Guid newGuid) == false)">

            <return-response>

                <set-status code="400" reason="Please provide a correct guid." />

            </return-response>

        </when>

    </choose>

           

15. What is Azure API?

Azure API is used in providing a central interface for creating, provisioning, and managing API for Cloud and Web Application and Services. It also enables applications for communicating with each other. By using Azure API, users can monitor the health of APIs, identifying errors, configuring throttling, rating limits, etc.

 

16. What are API-Centric Applications?

API Centric Application uses APIs for exchanging data with all the other applications. It also enables front-end and back-end for communicating. In building API-Centric Applications all developers can design functions and classes for operating with elements and can be implemented in a variety of languages.

 

17. What is API Management?

Azure API Management(APIM) helps us in creating consistent and modern API Gateways in existing Back-end Services.It helps in publishing APIs for external, partner and internal developers for unlocking the potential of its Data and Services.API Management also provides core competencies for ensuring an API Program by developer engagement, business insights, analytics, security, and protection.



18. What are the features of APIM?

·       Managing APIs across On-premises and Clouds - helps in deploying API Gateway side-by-side by the APIs hosted in azure.

·       Protecting our resources - helps in controlling data and services which are exposed to employees, partners, and customers.

·       Accelerating Business - used for building apps and delivering immediate value to our customers by API first approaches.

·       Improving API discoverability - helps in creating a customizable developer portal for all our APIs.

 

19. What are the components used in APIM?

Components used in APIM are:

·       API Gateway - helps in accepting API Calls and Routes.

·       Azure Portal - helps in defining or importing API Schema.

·       Developer Portal - helps in reading API Documentation.

 

20. What are Groups in APIM?

Groups in APIM are used in managing the visibility of products to the developers. There are 3 types of groups:

·     Administrators - used for managing APIM Services instances, by creating APIs Operations and products which are used by Developers.

·       Developers - they are customers that helps in building application using our APIs.

·       Guests - help by granting read-only access like the ability for viewing APIs.

 

21. How do we Create an instance in APIM?

We can create an instance by using:

·       Azure CLI

·       Azure Portal

·       Azure PowerShell

·       Visual Studio Code

·       ARM Template

 

22. How can we manage my API Management instance programmatically?

Yes, we can manage API Management Programmatically by using APIM REST API, Azure APIM Service Management library SDK, Windows Deployment Services.

 

23. How can we use Azure API Management as a passthrough?

We can use Azure API Management as a passthrough by using the following command:

<policies>

    <inbound>

        <base />

        <set-variable name="baseUrlSearch" value="https://mysearchapi.com/" />

        <set-variable name="matchSearch" value="proxy/search" />

        <set-variable name="isRoutingComplete" value="false" />

        <set-variable name="apiVersionDefaultSearch" value="1.0" />

        <choose>

            <when condition="@{return context.Request.Url.Path.Contains(context.Variables.GetValueOrDefault<string>("matchSearch"));}">

                <set-backend-service base-url="@(context.Variables.GetValueOrDefault<string>("baseUrlSearch"))" />

                <rewrite-uri template="@(context.Request.Url.Path.Replace(context.Variables.GetValueOrDefault<string>("matchSearch"), ""))" />

                <set-header name="Api-Version" exists-action="skip">

                    <value>@(context.Variables.GetValueOrDefault<string>("apiVersionDefaultSearch"))</value>

                </set-header>

                <set-variable name="isRoutingComplete" value="true" />

            </when>

            <when condition="@(!context.Variables.GetValueOrDefault<bool>("isRoutingComplete"))">

                <return-response>

                    <set-status code="400" reason="Bad Request Through Proxy" />

                </return-response>

            </when>

        </choose>

    </inbound>

    <outbound>

        <base />

    </outbound>

</policies>

 

24. How can we run SignalR hub through Azure API Management?

We can used Azure SignalR Service for negotiating the endpoint.

25.    How can we prevent direct access to API hosted in Azure app service?

We can prevent the direct access by using the following steps:

Shared Secret helps in a certain value in APIM and in checking the value at our backend.

Managed Identity helps in enabling managed identity in APIM Services and in sending the token to our backend.

IP Filter helps in checking APIM IP as source at the backend.

VNet helps in putting our backend in the same VNet and in blocking access from the backend.


No comments:

Post a Comment

Subscribe to: Posts (Atom)