Azure API Management: Chicken or the egg dilemma.

Sometimes in your IaC, you may need to get the API definitions from the backend AppService. At the same time, you may need to restrict access to the AppService based on the source IP address:

Create two modules:[code_snippet_source id=1 line_numbers=true]

module “apimanagementapi-0000” {

data “http” “swagger” {
  url = “${var.service_url}/swagger/v1/swagger.json”
   request_headers = {
    Accept = “application/json”

resource “azurerm_api_management_api” “api” {
    content_format = “openapi+json”
    content_value = data.http.swagger.body

Leave a Reply

Your email address will not be published. Required fields are marked *