Azure APIM(Basic) with Front Door or traffic manager

Katare, Ashish 141 Reputation points
2021-03-18T19:18:27.517+00:00

All we are trying to do here is to minimize the cost because of APIM premium instances. we are having 3 different APIM Premium instances for different regions ( Europe and north America).
I am exploring some options and see if we could use Azure Front door to route the traffic the different geographic location (based on the latency) and it should also provide WAF and we can keep one external API domain to accept the traffic for our external APIs.

Questions around are -

1) Would Front door with Basic APIM would work in above use case or what am in missing for not having the premium APIM.
2) What if i decide to have traffic manager along with Basic APIM instances - would that also work or what is preferred ?

Thank you for looking at the question and appreciate if anyone have any experience around this approach,

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,751 questions
Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
576 questions
Azure Traffic Manager
Azure Traffic Manager
An Azure service that is used to route incoming network traffic for high performance and availability.
110 questions
0 comments
Accepted answer
  1. Mike Urnun 9,666 Reputation points Microsoft Employee
    2021-03-26T03:19:25.25+00:00

    Hello @Katare, Ashish

    Sorry for the late reply but below are my thoughts on your questions:

    Would Front door with Basic APIM would work in above use case or what am in missing for not having the premium APIM.

    APIM as a service comprises multiple components that work together coherently in-sync in order to provide its features -- the gateway component is an essential one that's in charge of running your policies and transforming the requests/responses. With the Premium tier, APIM is providing an ability to deploy Gateway components to various regions of your choice while still letting you handle Management tasks from a single, central plane (and the same goes for the Dev Portal component and its users, etc).

    So there's a one-many relationship from the management plane to your gateway instances, meaning that when/if you make configuration changes, they'll sync automatically to all of your regional Gateway instances (same thing applies for any Patches and Feature Updates that APIM provides over time as well). If you go with the Front Door & APIM Basic approach, you'd end up with multiple Management plane & Dev Portal components as per APIM service instance basis which is not ideal.

    What if I decide to have traffic manager along with Basic APIM instances - would that also work or what is preferred?

    Same scalability issue for the management & dev portal components.

    I hope this clears it up a little bit but feel free to let me know if you have any further questions on this matter.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Katare, Ashish 141 Reputation points
    2021-04-13T10:11:44.073+00:00

    yes, that sounds good and make sense.

    0 comments