Azure API Management - Throttling & Access Restriction Policies

Подписаться 6 тыс.

Просмотров 3,7 тыс.

50% 1

A link to my full APIM course on Udemy - updated Aug 2023
www.udemy.com/...
Access Restriction Policies provide an extra protection for your APIs in an API Management. In this video we're going to cover these policies (Check HTTP header, Limit call rate by subscription, Limit call rate by key, Restrict caller IPs, Set usage quota by subscription, Set usage quota by key, Validate JWT).

Опубликовано:

15 окт 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 12

@MayankSingh-zy7qq 3 года назад

In the Access Restriction Policies please cover Validate-JWT. Thank you very much.

@husseinawad673 Год назад

Sure

@AleksandarIvanov69 Год назад

Thank you! For the algorithm 😁

@husseinawad673 Год назад

Welcome!

@harishkommuri5350 3 года назад

Hi, thanks for the wonderful contents, could you make record few sessions on Azure Active Directory with .NET CORE for beginners(from scratch).

@husseinawad673 Год назад

Great suggestion!

@ganirban82 3 года назад

HI , Thanks for your wonderful course. I have a doubts and it is as below.. Microsoft recommended use Envoy-proxy as api-gateway(URL-rewriting) as below repo.(microservices patterns) github.com/dotnet-architecture/eShopOnContainers Also , we can use Azure front-door or application gateway kind service for a Public facing End point for client access and then linked to APIM and linked to VM -scale set or AKS infrastructure as backend pool. Is there any guidance to take decision where we can use Envoy-proxy as api-gateway or use Azure FD \ AG services with backed pool. Many Thanks,

@husseinawad673 3 года назад

Good point! APP-GW is a WAF to protect your application and apply path-based routing to route traffic to a particular endpoint. This works best for instance to route certain traffic to media server and other traffic to web server. We cannot replace APIM with App-GW, and have that architecture functions as expected. APIM on the other hand, is designed to to have the front end APIs that consumes backend functions. Plus, the additional policies that you can use in APIM. Also, keep in mind the authorization part, it's already been taken care of in APIM through the subscription keys. Have you thought how this could be achieved with App-GW? Hope this helps!

@husseinawad673 3 года назад

I suggest you have a look at this video ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-KfwgSEIUxMg.html. I've talked about how we can the App-GW as the front door for APIM that's hosted in an internal VNET with no public accessibility.

@ganirban82 3 года назад

@@husseinawad673 , Thank for replay. It means if developer forgot to implement jwt-bearer token security at rest-api in code then we can use APIM and its other features but can not apply path-based routing to route traffic to a particular endpoint. if , in rest-api code already implemented security with jwt-bearer token then we can use APP-GW(public facing ips) and apply path-based routing to route traffic to a particular endpoint. Is it correct? Many Thanks,

@husseinawad673 3 года назад

@@ganirban82 it's not like for like comparison. It's not only about jwt as well. App-GW isn't a replacement for APIM, even if you managed to get work somehow (which i don't think so), it's going to add many customisation and complexity to your solution, plus missing some key features that's already provided in APIM. Does this make sense?

@ganirban82 3 года назад

@@husseinawad673 ,Thank for replay. Got idea like-- 1) using APIM for implanting policies, security, cashing, throttling for external Restful API 2) Using APP-GW for WAF with apply path-based routing to route traffic to a particular endpoint. it can best use to private (secure) network api endpoints.. Many Thanks,