description | page_type | products | urlFragment | languages | ||||
---|---|---|---|---|---|---|---|---|
This template deploys an API Management service configured with User Assigned Identity. It uses this identity to fetch SSL certificate from KeyVault and keeps it updated by checking every 4 hours. |
sample |
|
api-management-key-vault-create |
|
The Template deploys API Management service Standard Tier with integration with Managed Identities. Please refer to documentation at aka.ms/apimmsi.
The template shows how to create an API Management with SSL retrieved from Key Vault using a single click deployment using User Assigned identities.
With System Assigned identity, associating an API Management with SSL was a two step process. With User Assigned identities, this is single step.
It deploys the following components
- User Assigned Managed Identity
- Key Vault which is granted access to the Managed Identity
- API Management service which is assigned access to the Key Vault using User Assigned Identity.
- The API Management protocols and ciphers are configured to enhance security
If you're new to Azure API Management, see:
- Azure API Management service
- Azure API Management documentation
- Azure API Management Configure custom domain
- Azure API Management Configure protocols and ciphers
- Azure Key Vault template reference
- Quickstart templates
If you're new to Azure Key Vault, see:
- Azure Key Vault service
- Azure Key Vault documentation
- Azure Key Vault RBAC permission model
- Azure Key Vault template reference
- Quickstart templates
If you're new to the template development, see:
Tags: API, API Management, Azure API Management, Azure Key Vault, Key Vault, Secret, Certificate, Managed Identity, Microsoft.ManagedIdentity/userAssignedIdentities, Microsoft.KeyVault/vaults, Microsoft.KeyVault/vaults/secrets, Microsoft.Authorization/roleAssignments, Microsoft.ApiManagement/service, UserAssigned, Proxy