Issue while deploying Azure App Service / API - azure-api-management

We have .NET Web service which we developed. We had deployed the Azure App Service, Azure API Management and configured the API to point to the Azure App Service.
When we deployed the code directly to Azure App Service using the Azure Devops and tried calling the API,it gives an error message that the service not found or web app is moved.
Could someone help on how we can deploy .NET code to API using Azure Devops release pipeline.
Thanks

I was able to fix the issue. the issue was with the web.config using the link - https://www.beringer.net/beringerblog/wcf-webservice-doesnt-respond-via-https-hosted-microsoft-azure/

Related

How to access secured API Management APIs linked to an Azure Static Web Application for local development with swa cli

How to call the secured API management linked APIs configured in azure portal when developing locally using SWA CLI? All I observed in the SWA configuration is meant for functions as APIs not the APIM.
https://learn.microsoft.com/en-us/azure/static-web-apps/apis-api-management
When adding API Management APIs to an azure static web app, an automatic proxy product is created on APIM securing access to the API for this app via /api prefix on the static web app domain. I did not see any mentions of how this works for local development to pass the user claims from SWA emulator to the API via that proxy?
I was trying to do this recently and I don't think it's possible. My solution was to add a proxy to my dev server (in my case vite) to proxy all requests to the /api route to the Api Management URL, setting the necessary subscription key header.

How does the code for each API exposed via AZURE API Gateway Stored?

I am new to Azure API Manager, I have used Apigee Edge before where you can store each api proxy code in either git or SVN. But in Azure I am not sure how each API that is exposed via the gateway is stored. I can see there is a repository for the whole API Manager instance. Does that mean all the APIs are bundled to the same Gateway Instance and stored there?
I am planning to build a CI/CD pipeline to create the APIs in the API Manager for that I need to understand how the APIs code will be stored.
Your help is appreciated. Thanks.
Besides the GIT repository for the apimanagement instance, you can fetch it in form of ARM templates. Refer this blog.
https://azure.microsoft.com/en-in/blog/build-a-ci-cd-pipeline-for-api-management/

How to protect the Backend API against calls other than Azure API Management

I have an ASP.NET Core REST API Service hosted on an Azure Web App. I own its source code and I can change it if required.
I am planning to publish REST API Service with Azure API Management.
I am adding Azure AD authentication to the Azure API Management front. So, the API management front is secured. All the steps are is described here.
All good so far. Here is the question (or challange?) :
Considering that my backend REST API Service is hosted on Azure and publicly accessible, how do I protect it against the request calls other than the API Management Calls?
How the backend service knows the identity and AAD group claims of the incoming call and access to its claims?
A link to a code sample or online documentation would be a great help.
Update
While there are some overlaps with the follwoing question:
How to prevent direct access to API hosted in Azure app service
... part of this question is still outstanding:
How the backend service knows the identity and AAD group claims of the incoming call and access to its claims?
You can enable static IP restriction on your WebApp to only allow incoming traffic from the VIP of your APIM Service facing ( keep in mind in some specific scenarios , the VIP may change and will be required to update the whitelist again).
Clients ==> AAD==> VIP APIM Service <==> (VIP APIM allowed) Web App
https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions

Can i add publish setting file from VSTS to deploy project on Microsoft azure

i am trying to deploy the project from VSTS to azure i have publish setting file i need to know how to use publish setting file in pipeline to deploy the project on azure. or any other solution to deploy on azure.
Yes, you can store the plain password in the secret variable of build/release, then specify the password through MSBuild argument (/p:Password={variable}).
After that you can specify the public profile (.pubxml file instead of .publishsettings file) in Visual Studio Build task (e.g. /p:SkipInvalidConfigurations=true /p:DeployOnBuild=true /p:PublishProfile="{profile name}")
Alternately you can write a script and add a Batch Script task to run the script to deploy on Azure. Please refer to Deploying to Azure from VSTS using publish profiles and msdeploy for details.
You can also use the Azure App Service Deploy task to deploy the Azure Web App. Please refer to How to deploy to Azure using Team Services Release Management for details.

How to add BlueMix Monitoring and Analytics to a docker-hosted app?

Our app (Meteor/NodeJS) is deployed in a docker container in Bluemix, and I'd like to add the Monitoring and Analytics service to the app. The documentation lists how to integrate it with a NodeJS app deployed directly to Bluemix, and also mentions how to integrate with a Ruby-based app. Seems like there should just be an npm package to install, but I see nothing in the docs on how to do this.
The Monitoring and Analytics Service is only for Cloud Foundry based Application in IBM Bluemix based on Java Liberty, Node.js SDK or Ruby. The buildpacks have additional configuration and components inside to enable integration with the M&A Service.
https://console.ng.bluemix.net/docs/services/monana/index.html#monana_oview
For IBM Bluemix Container Service with Docker you need to use the built-in Monitoring and Logging for Containers
https://www.ibm.com/blogs/bluemix/2015/11/built-in-monitoring-and-logging-for-bluemix-containers/