This post intends to cover the answers to the questions which a Azure developer can face at an Interview i.e. Azure Developer Interview Questions and Answers on Azure APIM(API management)
For logic app related read following - Developer Interview questions on Logic App
1. What are the available ways to create an Azure APIM instance?
- Azure APIM instances can be created by using:
- Azure Portal
- Azure CLI
- ARM Template
- Azure PowerShell
- Visual Studio Code
2. Can we use any policy in any of the Scope/sections/stages?
- No that's not how it is.
Each policy has some intention to it, and based on it's intention and applicability it is available in respective scope/section/stages.
For example rate limit policy - it is for limiting incoming request. So it doesn't make sense to be used in Outbound scope as you would want to limit the rate at first step itself .
3. What is errorOn section available for?
- A section that must be explicitly added and is run when a request processing error occurs. This section is absent by default in policies.
It can be used to alter the way errors are handled, for as by logging them, producing fresh responses, or retrying requests.
This section has access to the context.The LastError property has data about the error's origin, cause, message, scope, and section.
Additionally, it can employ specific rules, such as return-response, set-status, send-request, or choose, to deal with the error state.
4. What is importance of subscriptions and products in Azure APIM?
- Following are the importance of subscriptions and products in Azure Apim
- Enable API publishers to control and secure access to their APIs using subscription keys.
- Allow API consumers to discover and request access to the APIs they need.
- Define the scope of access for each subscription, which can be either a product, a single API, or all APIs.
- Support key management and regeneration for security purposes.
- Facilitate B2B integration and scaling by lowering the barrier to integrate business processes and exchange data
5. Can we export single API definition using Azure Portal?
- No.
Still there is no such provision. When you export, all the api's get exported.
6. What is Products in Azure API management (APIM)?
- In Azure API Management, products are collections of one or more APIs that share a usage cap, a set of usage guidelines, and a subscription requirement.
Products enable API providers to manage developers' access to and use of their APIs.
Both open and protected products are possible. Protected products need a subscription and a subscription key to access the APIs, but open products can be accessed by anyone without a subscription.
7. Is Azure APIM a Proxy?
- Existing APIs can use Azure API Management as a proxy to alter input and output before the information is received or sent.
Azure API Management's API gateway hides the backend architecture from API consumers and routes queries from client apps to the appropriate backend services.
Using the proxy policy, Azure API Management also supports sending requests to backends through an HTTP proxy.
8.What type of APIs does Azure APIM supports?
- An endpoint that manages API calls, credentials, use quotas, caching, and other things is the API gateway.
The gateway supports REST, RESTful, and SOAP API connections. Additionally, it is able to link to the Logic Apps, App Services, Function Apps and Public APIs, or APIs that are accessible to everyone online and can be used.
9.What is the base URL of Azure APIM?
-When we create Azure APIM by default it takes base url as: <apim-service-name>. azure-api.net
The APIs exposed by API Management can be accessed at this URL.
However, you can also configure a custom domain name for your API Management instance, such as tech-findings.com, using a valid certificate and DNS records.
The custom domain name can be applied to different API Management endpoints, such as Gateway, Developer portal, Management, and SCM.
10.What are named values in APIM?
- To manage constant string values and secrets across all API configurations and policies, Named Values in APIM are a global collection of name/value pairs.
Named values can contain literal strings, policy expressions, or secrets stored in Azure Key Vault.
By using the syntax {{name}}, named values can be referred to in policy statements.
Using the Azure portal, the REST API, or the Azure CLI, named values can be created and managed.
11. What is policies in Azure APIM?
- Policies are the real meat of APIM service. By configuring policies in Azure APIM with XML and C# statements, API behavior can be modified.
Policies are a group of instructions that are executed sequentially on an API request or response at the gateway between the managed API and the API consumer.
Many different tasks, including format conversion, rate limiting, filtering, authentication, caching, and more, can be carried out by policies.
Policies can also access variables and functions that control traffic and alter API behavior without changing any code or the back end by using policy expressions. Policies may be applied to specific APIs or to reusable policy fragments that span multiple APIs.
12.What is cache store value in APIM?
- With the help of a specific key, a value can be stored in the cache by using the cache store value policy in APIM.
The cache store value policy can specify whether the value should be encrypted as well as how long it should be kept in the cache.
To implement custom caching scenarios, combine the cache store value policy and cache lookup value policy.
13.How do I add operations to APIM?
-Depending on how you want to define and configure them, there are various ways to add operations to APIM.
Several techniques include:
Utilizing the Azure portal: You can manually add an operation to an API using the Azure portal, where you can also specify the operation's URL, method, display name, description, request and response parameters, policies, and other details.
Using the Azure CLI: The az apim api operation create command in the Azure CLI can be used to add a new operation to an API. Using the az apim api operation commands, you can also delete, list, show, or update an already-existing operation.
Using Bicep or ARM templates: You can use Bicep or ARM templates to deploy a service/apis/operations resource type that defines the properties of the operation in an API. You can specify the name, parent API, description, display name, method, policies, request and response parameters, and more.
14. How to group API's in APIM?
- Products can be used in APIM as a way to organize APIs. Products are collections of one or more APIs that share a usage cap, a set of usage guidelines, and a subscription requirement.
Products enable API providers to manage developers' access to and consumption of their APIs.
In APIM, groups can also be used to organize APIs. Groups are employed to control a product's developer visibility. Administrators, Developers, and Guests are the three immutable system groups in APIM.
The APIM service instances are managed by administrators, who also design the operations, products, and APIs. Developers are logged-in users of the developer portal who create applications by using the APIs. Guests are users of the developer portal who are not authenticated and who can only view the APIs, not use them.
15.What is the difference between inbound and backend APIM?
-The policies that control inbound requests from API consumers to the APIM gateway are found in the inbound section.
The work that inbound policies can do includes transformation, caching, rate limiting, authentication, and authorization.
The backend section, on the other hand, contains the policies that control requests that are sent from the APIM gateway to the backend service that implements the API.
Backend policies are capable of setting query parameters, headers, retry logic, mocking responses, and other things.
Whereas policies that control outbound responses from the APIM gateway to the API consumers are found in the outbound section.
The work that outbound policies can do includes transformation, caching, logging, and other things.
16.What is the difference between APIM external and internal?
- There are two types of VNet connectivity for an APIM instance: internal and external. APIM is able to manage APIs that are not accessible via the internet thanks to VNet connectivity.
When backend services are present on the network and APIM endpoints are reachable via the open internet, the mode is known as APIM external.
A VPN gateway or an ExpressRoute circuit can be used in external mode to connect to a VNet.
When the APIM endpoints are only reachable within a VNet whose access you control, this is known as APIM internal mode.
Using Azure VPN connections or Azure ExpressRoute, you can use internal mode to securely enable external third-party access to APIs hosted in your private datacenter.
17. Is there any restrictions on number of policy each section can have in APIM?
-
Backend Section:
Single Policy: The backend section can only contain one policy element.
Default Base Element: API Management automatically configures the forward-request policy at the global scope and the base element at other scopes.
Customization: You can replace the default policy with another (e.g., send-request), but only one policy is allowed.
Other Sections (Inbound, Outbound, On-Error):
No Numerical Limit: These sections can technically contain multiple policies.
Performance Considerations: Excessive policies can impact request processing time and APIM performance.