last sync: 2025-Sep-12 17:23:06 UTC

[Deprecated]: API Management minimum API version should be set to 2019-12-01 or higher

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: API Management minimum API version should be set to 2019-12-01 or higher
Id 549814b6-3212-4203-bdc8-1548d342fb67
Version 1.1.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 2
1.1.0 (1.1.0-deprecated)
1.0.1
Built-in Versioning [Preview]
Category API Management
Microsoft Learn
Description While we continue to recommend using the latest management API versions, configuring a minimum API version no longer affects the security posture of API Management services. Learn more about policy definition deprecation at aka.ms/policydefdeprecation
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Assessment(s) Assessments count: 1
Assessment Id: b9f2fa58-7571-4e7f-978f-5d224a011c89
DisplayName: API Management minimum API version should be set to 2019-12-01 or higher
Description: To prevent service secrets from being shared with read-only users, the minimum API version should be set to 2019-12-01 or higher.
Remediation description: To set the minimum API version of your API Management instance: 1. In the Azure portal, find your API Management Resource 2. Navigate to the Management API blade 3. Select Management API settings 4. Under Prevent users with read-only permissions from accessing service secrets, select 'Yes' 5. Select 'Save.'
Categories: Compute
Severity: Medium
User impact: High
Threats: DataSpillage
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Effect Default
Disabled
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.ApiManagement/service/apiVersionConstraint.minApiVersion Microsoft.ApiManagement service properties.apiVersionConstraint.minApiVersion True True
Microsoft.ApiManagement/service/sku.name Microsoft.ApiManagement service sku.name True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Enforce recommended guardrails for API Management Enforce-Guardrails-APIM API Management GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2025-08-15 17:23:27 change Minor, new suffix: deprecated (1.0.1 > 1.1.0-deprecated)
2022-07-08 16:32:07 change Patch (1.0.0 > 1.0.1)
2022-06-17 16:31:08 add 549814b6-3212-4203-bdc8-1548d342fb67
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC