APIM 背后的消费计划 Azure Function
Consumption plan Azure Function behind an APIM
出于网络隔离的目的,我只想通过我的 APIM 公开一个 azure 函数,并阻止任何直接的 HTTP 调用。
消费计划中 运行,因此 I cannot use the virtual network integration and private endpoint。
除了切换到高级或专用应用程序服务计划之外,还有其他解决方案吗?
当使用 Azure Functions 的消费计划和 APIM 的基本 SKU 时,有一种解决方法仅允许从 APIM 实例访问 Azure Functions API。
解决步骤:
- As Application Gateway is already configured for public access, assigned public IP address is used to communicate API Management instance. Therefore, NAT Gateway for communication with API Management instance is optional (not required).
- Configure API Management instance to accept only traffic from Application Gateway instance. Along with source IP restriction, subscription key is also acceptable.
- Configure Function app to accept only traffic from API Management instance. Along with source IP restriction, API host key and authentication are also acceptable.
参考 Accept only traffic from a front-end service (API Management, Functions) 了解实际解决方法。
出于网络隔离的目的,我只想通过我的 APIM 公开一个 azure 函数,并阻止任何直接的 HTTP 调用。
消费计划中 运行,因此 I cannot use the virtual network integration and private endpoint。
除了切换到高级或专用应用程序服务计划之外,还有其他解决方案吗?
当使用 Azure Functions 的消费计划和 APIM 的基本 SKU 时,有一种解决方法仅允许从 APIM 实例访问 Azure Functions API。
解决步骤:
- As Application Gateway is already configured for public access, assigned public IP address is used to communicate API Management instance. Therefore, NAT Gateway for communication with API Management instance is optional (not required).
- Configure API Management instance to accept only traffic from Application Gateway instance. Along with source IP restriction, subscription key is also acceptable.
- Configure Function app to accept only traffic from API Management instance. Along with source IP restriction, API host key and authentication are also acceptable.
参考 Accept only traffic from a front-end service (API Management, Functions) 了解实际解决方法。