Accessing Azure Key Vault from within Azure API Management

Today we look at a common although slightly advanced scenario with API Management: accessing Azure Key Vault from Azure API Management. In an Enterprise, API Management service are often shared between teams. This means a lot of people might open it in the Portal and look at it. It also means that putting secrets in … More Accessing Azure Key Vault from within Azure API Management

API Management exclusive access to Azure Function

[Update 05-04-2019: Erratum on the original article. Logic Apps is actually able to perform public IP filering.] Azure API Management acts as a front door to your APIs. Typically, we do not want users / apps to be able to access the underlying APIs directly since that would bypass the API Management policies, e.g. throttling, … More API Management exclusive access to Azure Function

Accessing Azure Key Vault using Managed Service Identity Logic Apps

Azure Key Vault is a great service to manage secrets, keys & certificates. It uses RBAC to control access. Like all access control system, there is a chain of access. For instance, my user account has access to the vault: this means if my account’s credentials get leaked, the access to the vault is compromised. … More Accessing Azure Key Vault using Managed Service Identity Logic Apps