Skip to content

Files

Latest commit

dlepowdlepow
cross-refs, Acrolinx
Dec 20, 2021
5b87b2c · Dec 20, 2021

History

History
24 lines (16 loc) · 1.12 KB

api-management-key-vault-network.md

File metadata and controls

24 lines (16 loc) · 1.12 KB
author ms.service ms.topic ms.date ms.author
dlepow
api-management
include
01/26/2021
danlep

Requirements for Key Vault firewall

If Key Vault firewall is enabled on your key vault, the following are additional requirements:

  • You must use the API Management instance's system-assigned managed identity to access the key vault.
  • In Key Vault firewall, enable the Allow Trusted Microsoft Services to bypass this firewall option.

Virtual network requirements

If the API Management instance is deployed in a virtual network, also configure the following network settings:

  • Enable a service endpoint to Azure Key Vault on the API Management subnet.
  • Configure a network security group (NSG) rule to allow outbound traffic to the AzureKeyVault and AzureActiveDirectory service tags.

For details, see Network configuration when setting up Azure API Management in a VNet.