Ability to assign public static IP address to public endpoint
When the API consumer is adding firewall rules, the changes to public IP address causes maintenance churn. There are some instances where the API management is used under test and qa controlled by devops and the endpoint address changes every time the resource is recreated. Requesting the ability for API management to be treated like any other resource in the devops process.
Please see this FAQ – https://docs.microsoft.com/en-us/azure/api-management/api-management-faq#is-the-api-management-gateway-ip-address-constant-can-i-use-it-in-firewall-rules. If you don’t re-create API Management instance on every deployment the IP address will remain the same (and deployments will take significantly less time too). Does this address your concern?
is it possible now to assign a public static ip resource to APIM ?
We have a need to reset the environments sometimes without the static ip resource its not possible to keep the ip address.
Joran Markx commented
In our use case we would like to
- ensure that an IP is a separate resource to be able to monitor it with DDoS Protection Standard
- ensure the IP retains valid in case of a disaster recovery (recover from availability zone failure)
For my case we never recreate the overall instance when deploying an API or other operaiton on APIM. But in case of a need to restore an overall APIM (serious outage, return back to a previous version, need to duplicate on another region ...) we would need to be able to keep the same adress.
It would be great to be able to re provisioning an overall APIM instance (for exemple with Terraform) and be able to assign the public IP (usefull for reset of dev environments for example).
Even in production env, according to documentation, you are not sure your public IP will not change in case of major outage.
Veerendra Kumar Balla commented
This won't really solve all the scenarios. When APIM is deployed on to VNET with internal option and connected to ER network, we have requirement to assign static IP which is controlled by corp team. Inbound public traffic must first land on to static ip and then it's routed to private IP. Our ER policy doesn't support using public IP allocated by azure, and we have to use our own IP controlled by corp network team. In these scenarios we must need ability to assign our own static IP. Please consider this request