AzResourceTypeAdvertizer

last sync: 2025-Apr-29 17:44:12 Etc/UTC

Service - Microsoft Azure Resource type
microsoft.apimanagement/service

Azure Resource Provider Resource provider (RP) - Microsoft API Management [Microsoft.ApiManagement]
RP Microsoft.ApiManagement
RP display name Microsoft API Management
Azure Resource Type
RP Resource types		 Resource types: 185
Azure Policy Alias
RP aliases		 RP aliases: 1219
Azure Policy definition
RP Azure Policy		 Azure Policy definitions: 25
if: 25
then.deployment: 1
then.details: 0
then.existenceCondition: 0
then.operations: 0
Azure RBAC Role Based Access Control
RP RBAC operations		 RP RBAC operations: 471
RP RBAC operationType action: 63
RP RBAC operationType delete: 118
RP RBAC operationType read: 166
RP RBAC operationType write: 124
Azure RBAC Role definition
RP RBAC Roles & Operation actions		 Unique RBAC Roles: 29
RBAC Roles with action operationType: 10
RBAC Roles with delete operationType: 12
RBAC Roles with read operationType: 28
RBAC Roles with write operationType: 13
Azure Application
RP related 1st party Service Principals		 n/a
All Azure RPs Microsoft Learn
AzResourceTypesAdvertizer (Microsoft only)
Azure Resource Type Resource type (RT) - Service [microsoft.apimanagement/service]
RT information
RT microsoft.apimanagement/service
RT display name Service
RT type only
(without RP)		 service
RT sub- Resource types sub-Resource types: 169
RT schema RT schema API versions: 22
2024-06-01-preview
2024-05-01
2023-09-01-preview
2023-05-01-preview
2023-03-01-preview
2022-09-01-preview
2022-08-01
2022-04-01-preview
2021-12-01-preview
2021-08-01
2021-04-01-preview
2021-01-01-preview
2020-12-01
2020-06-01-preview
2019-12-01-preview
2019-12-01
2019-01-01
2018-06-01-preview
2018-01-01
2017-03-01
2016-10-10
2016-07-07
All Microsoft Azure RTs AzResourceTypesAdvertizer
Aliases and Azure Policy
Azure Policy Alias
Aliases		 aliases: 133
Azure Policy definition
Azure Policy		 Azure Policy definitions: 14
if: 14
then.deployment: 0
then.details: 0
then.existenceCondition: 0
then.operations: 0
RBAC Operations and Roles & Roles related operation actions
Azure RBAC Role Based Access Control
RBAC operations		 RBAC operations: 14
RBAC operationType action: 11
RBAC operationType delete: 1
RBAC operationType read: 1
RBAC operationType write: 1
Azure RBAC Role definition
RBAC Roles & Operation actions		 Unique RBAC Roles: 23
RBAC Roles with action operationType: 5
RBAC Roles with delete operationType: 6
RBAC Roles with read operationType: 23
RBAC Roles with write operationType: 6
Capabilities & Locations
Azure Resource Diagnostic settings logs
Diagnostic logs		 True
log-categories
Azure Resource Diagnostic settings metrics
Diagnostic metrics		 True
metrics
Azure Customer-managed key
Customer-managed key (CMK) [experimental]		 Unknown
Enforce Encryption with a customer-managed key (CMK) at scale
Azure Managed identity
System-Assigned-Resource-Identity		 True
Azure Resource Mover
Cross-ResourceGroup-Resource-Move		 True
Azure Resource Mover
Cross-Subscription-Resource-Move		 True
Azure Resource Tags
Tags		 True
Azure Extension
Extension		 False
Azure Private Endpoint
Private-Endpoint		 True
Azure Private Endpoint location Azure Private Endpoint location
Supported Locations for Private-Endpoint		 Supported Locations for Private-Endpoint: 44
australiacentral, australiaeast, australiasoutheast, brazilsouth, canadacentral, canadaeast, centralindia, centralus, eastasia, eastus, eastus2, francecentral, germanywestcentral, indonesiacentral, israelcentral, italynorth, japaneast, japanwest, jioindiawest, koreacentral, koreasouth, mexicocentral, newzealandnorth, northcentralus, northeurope, norwayeast, polandcentral, qatarcentral, southafricanorth, southcentralus, southeastasia, southindia, spaincentral, swedencentral, switzerlandnorth, uaenorth, uksouth, ukwest, westcentralus, westeurope, westindia, westus, westus2, westus3
Non supported Locations for Private-Endpoint Non supported Locations for Private-Endpoint: 14
brazilus, eastusstg, centraluseuap, eastus2euap, southcentralusstg, southafricawest, australiacentral2, jioindiacentral, francesouth, germanynorth, norwaywest, switzerlandwest, uaecentral, brazilsoutheast
Azure location
Location		 True
Azure Resource type location Azure Resource type location
Locations		 Locations: 43
australiacentral, australiaeast, australiasoutheast, brazilsouth, canadacentral, canadaeast, centralindia, centralus, eastasia, eastus, eastus2, francecentral, germanywestcentral, indonesiacentral, israelcentral, italynorth, japaneast, japanwest, koreacentral, koreasouth, mexicocentral, newzealandnorth, northcentralus, northeurope, norwayeast, polandcentral, qatarcentral, southafricanorth, southcentralus, southeastasia, southindia, spaincentral, swedencentral, switzerlandnorth, uaenorth, uksouth, ukwest, westcentralus, westeurope, westindia, westus, westus2, westus3
Not locations Not locations: 54
asia, asiapacific, australia, australiacentral2, brazil, brazilsoutheast, brazilus, canada, centraluseuap, centralusstage, eastasiastage, eastus2euap, eastus2stage, eastusstage, eastusstg, europe, france, francesouth, germany, germanynorth, global, india, indonesia, israel, italy, japan, jioindiacentral, jioindiawest, korea, mexico, newzealand, northcentralusstage, norway, norwaywest, poland, qatar, singapore, southafrica, southafricawest, southcentralusstage, southcentralusstg, southeastasiastage, spain, sweden, switzerland, switzerlandwest, taiwan, uae, uaecentral, uk, unitedstates, unitedstateseuap, westus2stage, westusstage
Assessment tooling
Azure Advisor
Azure Advisor 		Azure Advisor recommendations: 23
HighAvailability [High] Dependency network status check failed
HighAvailability [High] Deploy an Azure API Management instance to multiple Azure regions for increased service availability
HighAvailability [High] Enable and configure autoscale for API Management instance on production workloads.
HighAvailability [High] Hostname certificate rotation failed
HighAvailability [High] Migrate API Management service to stv2 platform
HighAvailability [High] The legacy portal was deprecated 3 years ago and retired in October 2023. However, we are seeing active usage of the portal which may cause service disruption soon when we disable it.
HighAvailability [Medium] SSL/TLS renegotiation blocked
OperationalExcellence [High] Only allow tracing on subscriptions intended for debugging purposes. Sharing subscription keys with tracing allowed with unauthorized users could lead to disclosure of sensitive information contained in tracing logs such as keys, access tokens, passwords, internal hostnames, and IP addresses.
OperationalExcellence [High] Self-hosted gateway instance(s) were identified that use gateway tokens that will expire soon
OperationalExcellence [Medium] Use api-versions newer than 2021-08-01 to manage service configuration
OperationalExcellence [Medium] Use Azure AD-based authentication for more fine-grained control and simplified management
OperationalExcellence [Medium] Validate JWT policy is being used with security keys that have insecure key size for validating Json Web Token (JWT).
Performance [High] Upgrade your API Management resource to an alternative version
Security [High] API Management APIs should use only encrypted protocols
Security [High] Azure API Management platform version should be stv2
Security [Low] API Management direct management endpoint should not be enabled
Security [Medium] API Management calls to API backends should be authenticated
Security [Medium] API Management calls to API backends should not bypass certificate thumbprint or name validation
Security [Medium] API Management minimum API version should be set to 2019-12-01 or higher
Security [Medium] API Management secret named values should be stored in Azure Key Vault
Security [Medium] API Management services should use a virtual network
Security [Medium] API Management should disable public network access to the service configuration endpoints
Security [Medium] API Management subscriptions should not be scoped to all APIs
Azure Proactive Resilience Library v2 (APRLv2)
Azure Proactive Resilience Library v2 (APRLv2) 		Azure Proactive Resilience Library v2 recommendations: 6
DisasterRecovery [High] Configure API management service in multiple Azure regions
HighAvailability [High] Migrate API Management services to Premium SKU to support Availability Zones
HighAvailability [High] Enable Availability Zones on Premium API Management instances
HighAvailability [High] Azure API Management platform version should be stv2
HighAvailability [Low] Enable auto-scale for production workloads on API Management services
HighAvailability [Medium] Enable caching to improve performance in Azure API Management
PSRule for Azure
PSRule for Azure 		PSRule for Azure rules: 21
Operational Excellence [Awareness] Use API descriptors
Operational Excellence [Awareness] Use product descriptors
Operational Excellence [Awareness] Use valid API Management service names
Operational Excellence [Important] API Management API versions prior to 2021-08-01 will be retired
Operational Excellence [Important] API Management products do not have legal terms set
Reliability [Important] API management instances should use availability zones in supported regions
Reliability [Important] API Management instances should use multi-region deployment
Reliability [Important] API Management uses current certificates
Reliability [Important] Multi-region deployment gateways
Security [Awareness] API Management Service has default products present
Security [Critical] API Management allows unencrypted traffic to backends
Security [Critical] Onboard Defender for APIs
Security [Critical] Use secure ciphers for API Management
Security [Critical] Use secure TLS versions for API Management
Security [Important] API Management allows unencrypted communication with clients
Security [Important] API Management uses a managed identity
Security [Important] Avoid wildcards in APIM CORS policies
Security [Important] Require a subscription for products
Security [Important] Require approval for products
Security [Important] Use base APIM policy element
Security [Important] Use encrypted named values
Azure Quick Review (AZQR)
Azure Quick Review (AZQR) 		Azure Quick Review (AZQR) recommendations: 12
Governance [Low] APIM should comply with naming conventions
Governance [Low] APIM should have tags
HighAvailability [High] APIM should have a SLA
HighAvailability [High] Azure API Management platform version should be stv2
HighAvailability [High] Enable Availability Zones on Premium API Management instances
HighAvailability [High] Migrate API Management services to Premium SKU to support Availability Zones
MonitoringAndAlerting [Low] APIM should have diagnostic settings enabled
Security [High] APIM should have private endpoints enabled
Security [High] APIM should only accept a minimum of TLS 1.2
Security [High] APIM should should not accept weak or deprecated ciphers.
Security [High] APIM: Renew expiring certificates
Security [Medium] APIM should use Managed Identities
Infrastructure as Code (IaC)
ARM (Azure Resource Manager)
ARM (Azure Resource Manager) templates		 ARM (Azure Resource Manager) template API versions: 22
latest
2024-06-01-preview
2024-05-01
2023-09-01-preview
2023-05-01-preview
2023-03-01-preview
2022-09-01-preview
2022-08-01
2022-04-01-preview
2021-12-01-preview
2021-08-01
2021-04-01-preview
2021-01-01-preview
2020-12-01
2020-06-01-preview
2019-12-01-preview
2019-12-01
2019-01-01
2018-06-01-preview
2018-01-01
2017-03-01
2016-10-10
2016-07-07
Azure Bicep
Bicep templates		 Bicep template API versions: 22
latest
2024-06-01-preview
2024-05-01
2023-09-01-preview
2023-05-01-preview
2023-03-01-preview
2022-09-01-preview
2022-08-01
2022-04-01-preview
2021-12-01-preview
2021-08-01
2021-04-01-preview
2021-01-01-preview
2020-12-01
2020-06-01-preview
2019-12-01-preview
2019-12-01
2019-01-01
2018-06-01-preview
2018-01-01
2017-03-01
2016-10-10
2016-07-07
Terraform
Terraform provider 		Terraform providers: 3
api_management
api_management_custom_domain
api_management_policy
AzAPI Terraform
AzAPI Terraform templates		 AzAPI Terraform template API versions: 22
latest
2024-06-01-preview
2024-05-01
2023-09-01-preview
2023-05-01-preview
2023-03-01-preview
2022-09-01-preview
2022-08-01
2022-04-01-preview
2021-12-01-preview
2021-08-01
2021-04-01-preview
2021-01-01-preview
2020-12-01
2020-06-01-preview
2019-12-01-preview
2019-12-01
2019-01-01
2018-06-01-preview
2018-01-01
2017-03-01
2016-10-10
2016-07-07
Pulumi
Pulumi provider 		Pulumi providers: 1
apimanagement/apimanagementservice
OpenTofu
OpenTofu provider 		OpenTofu TF providers: 3
api_management
api_management_custom_domain
api_management_policy
Azure Verified Modules (AVM) Bicep Azure Verified Modules (AVM) Bicep
Azure Verified Modules (AVM) Bicep 		API Management Service
Azure Verified Modules (AVM) Terraform Azure Verified Modules (AVM) Terraform
Azure Verified Modules (AVM) Terraform 		• GitHub: API Management Service
• Terraform registry: API Management Service
REST-API (Representational State Transfer - Application Programming Interface)
REST-API versions REST-API versions: 24
2024-06-01-preview
2024-05-01
2023-09-01-preview
2023-05-01-preview
2023-03-01-preview
2022-09-01-preview
2022-08-01
2022-04-01-preview
2021-12-01-preview
2021-08-01
2021-04-01-preview
2021-01-01-preview
2020-12-01
2020-06-01-preview
2019-12-01-preview
2019-12-01
2019-01-01
2018-06-01-preview
2018-01-01
2017-03-01
2016-10-10
2016-07-07
2015-09-15
2014-02-14
REST-API version default 2021-08-01
API profiles n/a
Resource naming
Azure Naming Tool
Azure Naming Tool 		The Azure Naming Tool was created to help administrators define and manage their naming conventions, while providing a simple interface for users to generate a compliant name.
Resource naming details 
{
  "property": "",
  "ShortName": "apim",
  "scope": "global",
  "lengthMin": "1",
  "lengthMax": "50",
  "validText": "Alphanumerics, and hyphens. Start with letter, and end with alphanumeric.",
  "invalidText": "",
  "invalidCharacters": "",
  "invalidCharactersStart": "",
  "invalidCharactersEnd": "",
  "invalidCharactersConsecutive": "",
  "regx": "^(?:[a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]{0,48}[a-zA-Z0-9])$",
  "staticValues": ""
}