how to incorporate individual policies for different operations inside a single API in an APIM

Question

how to incorporate individual policies for different operations inside a single API in an APIM

84017655 71

I have a task to set individual policies for different operations in an API in API Management Instance. Currently, we are manually adding policies for different operations from the Azure Portal. But my task is to set individual policies for different operations using Bicep.

I searched for a solution and found a document on Stack overflow, but It is not answering my question:

https://stackoverflow.com/questions/75104897/how-do-i-apply-a-policy-from-azure-api-management-service-to-azure-app-service-r

I could not find any solution in the official mslearn documentation.

Kindly propose a solution and confirm whether I have to keep multiple allOperationsPolicy.xml files in my repo to achieve this.

Also, initiate a private conversation where I can share existing bicep for more clarity.

84017655 71 Reputation points

2025-03-11T11:11:10.0733333+00:00

Any update on this question? Kindly inform If you need more information.
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-13T05:12:04.03+00:00

Hi @84017655

In Bicep, you can set individual policies for different API operations using the Microsoft.ApiManagement/service/apis/operations/policies resource. Either define policies inline or reference external XML files with loadTextContent().
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-14T05:35:11.0233333+00:00

Hi @84017655
Make sure each operation has a unique policy definition. If you're seeing errors, check that the policy XML format is correct and matches APIM requirements.

84017655 71

Hi @Dasari Kamali

Thanks for your response. Can you please initiate a private conversation so that I can freely clarify my confusion?

Right now, after adding new xml file and using the approach that you suggested, the pipeline is failing with this error:

##[error]ValidationError: '<', hexadecimal value 0x3C, is an invalid attribute character. Line 16, position 78.

Error logs:

There were errors in your deployment. Error code: DeploymentFailed.
##[error]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.
##[debug]Processed: ##vso[task.issue type=error;source=TaskInternal;correlationId=6175220a-b690-4d29-9d39-85e9ed77e900;]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.
##[error]Details:
##[debug]Processed: ##vso[task.issue type=error;source=TaskInternal;correlationId=6175220a-b690-4d29-9d39-85e9ed77e900;]Details:
##[error]ValidationError: '<', hexadecimal value 0x3C, is an invalid attribute character. Line 16, position 78.
##[debug]Processed: ##vso[task.issue type=error;source=TaskInternal;correlationId=6175220a-b690-4d29-9d39-85e9ed77e900;]ValidationError: '<', hexadecimal value 0x3C, is an invalid attribute character. Line 16, position 78.
##[error]Check out the troubleshooting guide to see if your issue is addressed: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-resource-group-deployment?view=azure-devops#troubleshooting
##[debug]Processed: ##vso[task.issue type=error;source=TaskInternal;correlationId=6175220a-b690-4d29-9d39-85e9ed77e900;]Check out the troubleshooting guide to see if your issue is addressed: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-resource-group-deployment?view=azure-devops#troubleshooting
##[debug]task result: Failed
##[error]Task failed while creating or updating the template deployment.
##[debug]Processed: ##vso[task.issue type=error;source=TaskInternal;correlationId=6175220a-b690-4d29-9d39-85e9ed77e900;]Task failed while creating or updating the template deployment.
##[debug]Processed: ##vso[task.complete result=Failed;]Task failed while creating or updating the template deployment.

I can securely share more details If you can start a private chat.

Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-17T11:02:52.3466667+00:00

Hi @84017655

The error suggests an issue with the XML formatting in your policy file. Check for unescaped < or > characters in attributes. If using loadTextContent(), ensure the file is properly encoded and formatted.
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-21T05:11:13.95+00:00

Hi @84017655
Sorry, I am unable to see the private message, can we continue the conversation in the comments section.
84017655 71 Reputation points

2025-03-21T09:16:24.01+00:00

Deleted
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-24T03:51:46.8933333+00:00

Hi @84017655
I have copied the content, you can remove it from the comments. I will try and let you know.
84017655 71 Reputation points

2025-03-26T14:28:57.76+00:00

Hi @Dasari Kamali

Is there any update on this? Were you able to resolve the error?
Sakshi Kokardekar 205 Reputation points MVP

2025-03-27T16:46:33.8533333+00:00

To apply individual policies for different operations in Azure API Management (APIM) using Bicep, you need to define separate policy files for each operation and reference them in your Bicep template. You will indeed need multiple .xml files in your repo, one for each operation policy. I think, In your Bicep template, you'll specify the apiOperation resource and reference the corresponding policy file
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-04-01T04:34:24.6533333+00:00

Hi @84017655 ,I Hope the answer provided by Sakshi Kokardekar is helpful and let us know if you have any further questions on this.

Also, I see a similar thread about this (Unable to deploy APIM due to incorrect segment lengths Error - Microsoft Q&A) wherein in you have solved the issue by passing the policies under service/api is this issue different from that
84017655 71 Reputation points

2025-04-01T07:46:38.1266667+00:00

Hi @Dasari Kamali ,

I am getting Bad request error when I click the link that you provided in your last comment.

However, the ticket that you are referring to was posted by me and Incorrect Segment Length issue got resolved after I corrected Child Parent relation.
84017655 71 Reputation points

2025-04-01T08:11:59.77+00:00
Regarding resposne from Sakshi Kokardekar, I am still confused regarding the correct usage of Microsoft.ApiManagement/service/apis/operations/policies resource. I got the point that I have to use multiple .xml files in my repo, one for each operation policy but I am not sure which property of Microsoft.ApiManagement/service/apis/operations/policies resource to use to link a policy to its corresponding API. For Instance, consider the attached snapshot of API Gateway:

I want to apply an individual policy to GET /api/v5/auth_code - GET operation. What changes do I need to make in this bicep snippet?

Do I need to mention GET /api/v5/auth_code - GET operation name in the name property of Microsoft.ApiManagement/service/apis/operations/policies resource?

Also confirm, do I need to define Microsoft.ApiManagement/service/apis/operations/policies resource again If I want to apply individual policies to POST [/api/v5/appversion - POST] operation of same API in same API Gateway Instance?

resource symbolicname 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' = { parent: resourceSymbolicName name: 'string' properties: { format: 'string' value: 'string' } }
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
84017655 71 Reputation points

2025-04-01T08:30:24.3633333+00:00
Regarding resposne from Sakshi Kokardekar, I am still confused regarding the correct usage of Microsoft.ApiManagement/service/apis/operations/policies resource. I got the point that I have to use multiple .xml files in my repo, one for each operation policy but I am not sure which property of Microsoft.ApiManagement/service/apis/operations/policies resource to use to link a policy to its corresponding API. For Instance, consider the attached snapshot of API Gateway:

I want to apply an individual policy to GET /api/v5/auth_code - GET operation. What changes do I need to make in this bicep snippet?

Do I need to mention GET /api/v5/auth_code - GET operation name in the name property of Microsoft.ApiManagement/service/apis/operations/policies resource?

Also confirm, do I need to define Microsoft.ApiManagement/service/apis/operations/policies resource again If I want to apply individual policies to POST [/api/v5/appversion - POST] operation of same API in same API Gateway Instance?

resource symbolicname 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' = { parent: resourceSymbolicName name: 'string' properties: { format: 'string' value: 'string' } }

84017655 71

Hi @VenkateshDodda-MSFT

Thanks for your response.

Regarding this bicep resoruce definition that you shared, do you mean that I have to define a parameter by the name apiretrieveresource and set its value to API operation name (for instance GET /api/v5/auth_code - GET)?

resource getresourceechoapipolicy 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' = {
  name: 'policy'
  parent: apiretrieveresource 
#update the resource block name of API Operation Name
  dependsOn: [
    apiretrieveresource  #update the resource block name of API Operation Name
    apiManagementService #update the resource block name of APIM instance
  ]
  properties: {
    value: loadTextContent('./policydefinition.xml')
    format: 'xml'
  }
}

84017655 71 Reputation points

2025-04-02T02:55:36.6166667+00:00

@VenkateshDodda-MSFT ,

As per official Microsoft documentation, I am supposed to reference the symbolic name of 'Microsoft.ApiManagement/service/apis/operations@2024-06-01-preview' resource in parent property of 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' resource as shown below:

https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/service/apis/operations/policies?pivots=deployment-language-bicep
84017655 71 Reputation points

2025-04-02T02:56:54.4933333+00:00

@VenkateshDodda-MSFT ,

As per official Microsoft documentation, I am supposed to reference the symbolic name of 'Microsoft.ApiManagement/service/apis/operations@2024-06-01-preview' resource in parent property of 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' resource as shown below:

https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/service/apis/operations/policies?pivots=deployment-language-bicep
84017655 71 Reputation points

2025-04-02T02:57:44.3+00:00

@VenkateshDodda-MSFT ,

As per official Microsoft documentation, I am supposed to reference the symbolic name of 'Microsoft.ApiManagement/service/apis/operations@2024-06-01-preview' resource in parent property of 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' resource as shown below:
VenkateshDodda-MSFT 25,111 Reputation points Microsoft Employee Moderator

2025-04-02T08:00:53.3433333+00:00

@84017655 Thanks for your follow up questions on this.

yes, need to pass the symbolic name to the Parent property in resource block of operation policies.

As mentioned earlier, since I am declaring one resource block for operations and one resource block for policies which is child of operations. For the parent property of policies block I am passing the Operation Name as its value.

Refer to this sample mentioned here in the documentation which is taking about child resource outside parent resource.

84017655 71

@VenkateshDodda-MSFT Thanks for your response.

Since I have nested both operation and policy resource inside main APIM resource, using dependsOn construct is not required in my scenario. Please review my bicep:


//APIM
param apimName string
param appServiceUrl string
param appServiceSwaggerUrl string
param apiVersion string
param aiName string
param apiName string
param environment string

var funcName = 'func-test-weu-${environment}'
var funcRGName = 'rg-test-weu-${environment}'
var backendName = 'func-test-weu-${environment}-backend'

var apiPath = toLower(apiName)
var apiDisplayName = '${apiName}-${apiVersion}'
resource testFunction 'Microsoft.Web/sites@2024-04-01' existing = {
  scope: resourceGroup(funcRGName)
  name: funcName
}

resource apim 'Microsoft.ApiManagement/service@2021-01-01-preview' existing = {
  name: apimName

  // Api Version Set
  resource apiVersionSet 'api-version-sets@2018-06-01-preview' = {
    name: apiName
    properties: {
      displayName: apiName
      versioningScheme:  'Header'
      versionHeaderName: 'X-test-Api-Version'
    }
  }

  // Api Collection
  resource apiResource 'apis@2023-03-01-preview' = {
      name: apiDisplayName
      properties: {
        displayName: apiDisplayName
        serviceUrl: appServiceUrl
        path: '${apiPath}/api'
        format: 'openapi+json-link'
        value: appServiceSwaggerUrl
        apiVersion: apiVersion
        protocols: [
          'https'
        ]
        subscriptionRequired: true
        subscriptionKeyParameterNames: {
          header: 'X-test-Subscription-Key'
        }
        apiVersionSetId: apiVersionSet.id
      }
      
      // Validation Policy
      // resource validationPolicy 'policies' = {
      //   name: 'policy'
      //   properties: {
      //     value: loadTextContent('allOperationsPolicy.xml')
      //     format: 'rawxml'
      //   }
      // }

      // Individual Operation
      resource operation 'operations@2024-06-01-preview' = {
        name: 'policy'
        properties: {
          displayName: 'GET /api/v5/auth_code - GET'
          method: 'GET'
          urlTemplate: 'GET /api/v5/auth_code - GET'
        }
        
        resource individualPolicy 'policies@2024-06-01-preview' = {
          name: 'policy'
          dependsOn: [
            apim
          ]
          properties: {
            value: loadTextContent('appversion.xml')
          }
        }
      }


      // Diagnostics
      resource apiDiagnostics 'diagnostics' = {
        name: 'applicationinsights'
        properties: {
          loggerId: resourceId('Microsoft.ApiManagement/service/loggers', apimName, aiName)
          logClientIp: false
          alwaysLog: 'allErrors'
          sampling: {
            samplingType: 'fixed'
            percentage: 100
          }
        }
      }
  }
}

// getting a default key of the function to link to APIM
@description('Generate named value to store function key')
resource testKey 'Microsoft.ApiManagement/service/namedValues@2021-01-01-preview' = {
  parent:apim
  name: '${funcName}-key'
  properties: {
    displayName: '${funcName}-key'
    secret: true
    value: listkeys('${testFunction.id}/host/default', testFunction.apiVersion).functionKeys.default
    tags: [
      'key'
      'function'
      'auto'
    ]
  }
}


//Backend needs to be deployed before APIM can link with backend, otherwise pipeline will throw Validation error: ##[error]ValidationError: Error in element 'set-backend-service' on line 43, column 10: Backend with id 'func-test-weu-dev-backend' could not be found

@description('Register the backend for the Function')
resource testFunctionBackend 'Microsoft.ApiManagement/service/backends@2024-06-01-preview' = {
  parent: apim
  name: backendName
  properties: {
    url: 'https://${test.properties.defaultHostName}/api'
    protocol: 'http'
   
    credentials: {
      header: {
        'x-functions-key': [
          '{{${testKey.name}}}'
        ]
      }
    }
  }
}

So, my earlier question remains the same: To apply policies to GET /api/v5/auth_code - GET operation name, where in bicep snippet do I need to mention GET /api/v5/auth_code - GET operation name?

VenkateshDodda-MSFT 25,111 Reputation points Microsoft Employee Moderator

2025-04-02T08:40:20.55+00:00

@84017655 I have reached out to your over private message could you please check and help with requested information on this.
84017655 71 Reputation points

2025-04-02T08:44:56.53+00:00

@VenkateshDodda-MSFT I cannot view your private message. Your message seems to be empty as shown below:
VenkateshDodda-MSFT 25,111 Reputation points Microsoft Employee Moderator

2025-04-02T09:06:37.9433333+00:00

@84017655 Can you please refresh the complete browser and check now.

Accepted answer

0 additional answers

Your answer

84017655 71 Reputation points

2025-03-11T11:11:10.0733333+00:00

Any update on this question? Kindly inform If you need more information.
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-13T05:12:04.03+00:00

Hi @84017655

In Bicep, you can set individual policies for different API operations using the Microsoft.ApiManagement/service/apis/operations/policies resource. Either define policies inline or reference external XML files with loadTextContent().
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-14T05:35:11.0233333+00:00

Hi @84017655
Make sure each operation has a unique policy definition. If you're seeing errors, check that the policy XML format is correct and matches APIM requirements.
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-17T11:02:52.3466667+00:00

Hi @84017655

The error suggests an issue with the XML formatting in your policy file. Check for unescaped < or > characters in attributes. If using loadTextContent(), ensure the file is properly encoded and formatted.
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-21T05:11:13.95+00:00

Hi @84017655
Sorry, I am unable to see the private message, can we continue the conversation in the comments section.
84017655 71 Reputation points

2025-03-21T09:16:24.01+00:00

Deleted
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-03-24T03:51:46.8933333+00:00

Hi @84017655
I have copied the content, you can remove it from the comments. I will try and let you know.
84017655 71 Reputation points

2025-03-26T14:28:57.76+00:00

Hi @Dasari Kamali

Is there any update on this? Were you able to resolve the error?
Sakshi Kokardekar 205 Reputation points MVP

2025-03-27T16:46:33.8533333+00:00

To apply individual policies for different operations in Azure API Management (APIM) using Bicep, you need to define separate policy files for each operation and reference them in your Bicep template. You will indeed need multiple .xml files in your repo, one for each operation policy. I think, In your Bicep template, you'll specify the apiOperation resource and reference the corresponding policy file
Dasari Kamali 425 Reputation points Microsoft External Staff Moderator

2025-04-01T04:34:24.6533333+00:00

Hi @84017655 ,I Hope the answer provided by Sakshi Kokardekar is helpful and let us know if you have any further questions on this.

Also, I see a similar thread about this (Unable to deploy APIM due to incorrect segment lengths Error - Microsoft Q&A) wherein in you have solved the issue by passing the policies under service/api is this issue different from that
84017655 71 Reputation points

2025-04-01T07:46:38.1266667+00:00

Hi @Dasari Kamali ,

I am getting Bad request error when I click the link that you provided in your last comment.

However, the ticket that you are referring to was posted by me and Incorrect Segment Length issue got resolved after I corrected Child Parent relation.
84017655 71 Reputation points

2025-04-01T08:11:59.77+00:00

Regarding resposne from Sakshi Kokardekar, I am still confused regarding the correct usage of Microsoft.ApiManagement/service/apis/operations/policies resource. I got the point that I have to use multiple .xml files in my repo, one for each operation policy but I am not sure which property of Microsoft.ApiManagement/service/apis/operations/policies resource to use to link a policy to its corresponding API. For Instance, consider the attached snapshot of API Gateway:

I want to apply an individual policy to GET /api/v5/auth_code - GET operation. What changes do I need to make in this bicep snippet?

Do I need to mention GET /api/v5/auth_code - GET operation name in the name property of Microsoft.ApiManagement/service/apis/operations/policies resource?

Also confirm, do I need to define Microsoft.ApiManagement/service/apis/operations/policies resource again If I want to apply individual policies to POST [/api/v5/appversion - POST] operation of same API in same API Gateway Instance?

resource symbolicname 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' = { parent: resourceSymbolicName name: 'string' properties: { format: 'string' value: 'string' } }
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
84017655 71 Reputation points

2025-04-01T08:30:24.3633333+00:00

Regarding resposne from Sakshi Kokardekar, I am still confused regarding the correct usage of Microsoft.ApiManagement/service/apis/operations/policies resource. I got the point that I have to use multiple .xml files in my repo, one for each operation policy but I am not sure which property of Microsoft.ApiManagement/service/apis/operations/policies resource to use to link a policy to its corresponding API. For Instance, consider the attached snapshot of API Gateway:

I want to apply an individual policy to GET /api/v5/auth_code - GET operation. What changes do I need to make in this bicep snippet?

Do I need to mention GET /api/v5/auth_code - GET operation name in the name property of Microsoft.ApiManagement/service/apis/operations/policies resource?

Also confirm, do I need to define Microsoft.ApiManagement/service/apis/operations/policies resource again If I want to apply individual policies to POST [/api/v5/appversion - POST] operation of same API in same API Gateway Instance?

resource symbolicname 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' = { parent: resourceSymbolicName name: 'string' properties: { format: 'string' value: 'string' } }
84017655 71 Reputation points

2025-04-02T02:32:31.4866667+00:00

Hi @VenkateshDodda-MSFT

Thanks for your response.

Regarding this bicep resoruce definition that you shared, do you mean that I have to define a parameter by the name apiretrieveresource and set its value to API operation name (for instance GET /api/v5/auth_code - GET)?

resource getresourceechoapipolicy 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' = { name: 'policy' parent: apiretrieveresource #update the resource block name of API Operation Name dependsOn: [ apiretrieveresource #update the resource block name of API Operation Name apiManagementService #update the resource block name of APIM instance ] properties: { value: loadTextContent('./policydefinition.xml') format: 'xml' } }
84017655 71 Reputation points

2025-04-02T02:55:36.6166667+00:00

@VenkateshDodda-MSFT ,

As per official Microsoft documentation, I am supposed to reference the symbolic name of 'Microsoft.ApiManagement/service/apis/operations@2024-06-01-preview' resource in parent property of 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' resource as shown below:

https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/service/apis/operations/policies?pivots=deployment-language-bicep
84017655 71 Reputation points

2025-04-02T02:56:54.4933333+00:00

@VenkateshDodda-MSFT ,

As per official Microsoft documentation, I am supposed to reference the symbolic name of 'Microsoft.ApiManagement/service/apis/operations@2024-06-01-preview' resource in parent property of 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' resource as shown below:

https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/service/apis/operations/policies?pivots=deployment-language-bicep
84017655 71 Reputation points

2025-04-02T02:57:44.3+00:00

@VenkateshDodda-MSFT ,

As per official Microsoft documentation, I am supposed to reference the symbolic name of 'Microsoft.ApiManagement/service/apis/operations@2024-06-01-preview' resource in parent property of 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' resource as shown below:
VenkateshDodda-MSFT 25,111 Reputation points Microsoft Employee Moderator

2025-04-02T08:00:53.3433333+00:00

@84017655 Thanks for your follow up questions on this.

yes, need to pass the symbolic name to the Parent property in resource block of operation policies.

As mentioned earlier, since I am declaring one resource block for operations and one resource block for policies which is child of operations. For the parent property of policies block I am passing the Operation Name as its value.

Refer to this sample mentioned here in the documentation which is taking about child resource outside parent resource.
VenkateshDodda-MSFT 25,111 Reputation points Microsoft Employee Moderator

2025-04-02T08:40:20.55+00:00

@84017655 I have reached out to your over private message could you please check and help with requested information on this.
84017655 71 Reputation points

2025-04-02T08:44:56.53+00:00

@VenkateshDodda-MSFT I cannot view your private message. Your message seems to be empty as shown below:
VenkateshDodda-MSFT 25,111 Reputation points Microsoft Employee Moderator

2025-04-02T09:06:37.9433333+00:00

@84017655 Can you please refresh the complete browser and check now.

Answer 1

@84017655 Thanks for your follow up questions on this.

As suggested by Sakshi Kokardekar you need to define separate policy files for each operation and reference them in your Bicep template. You will indeed need multiple .xml files in your repo, one for each operation policy. I think, In your Bicep template, you'll specify the apiOperation resource and reference the corresponding policy file

I want to apply an individual policy to GET /api/v5/auth_code - GET operation. What changes do I need to make in this bicep snippet? Do I need to mention GET /api/v5/auth_code - GET operation name in the name property of Microsoft.ApiManagement/service/apis/operations/policies resource?

You have to pass the value name property under Microsoft.ApiManagement/service/apis/operations/policies as policy only and here the sample policy resource block which we have used to create to policy for a specific operation under an API.

resource getresourceechoapipolicy 'Microsoft.ApiManagement/service/apis/operations/policies@2024-06-01-preview' = {
  name: 'policy'
  parent: apiretrieveresource 
#update the resource block name of API Operation Name
  dependsOn: [
    apiretrieveresource  #update the resource block name of API Operation Name
    apiManagementService #update the resource block name of APIM instance
  ]
  properties: {
    value: loadTextContent('./policydefinition.xml')
    format: 'xml'
  }
}

Also confirm, do I need to define Microsoft.ApiManagement/service/apis/operations/policies resource again If I want to apply individual policies to POST [/api/v5/appversion - POST] operation of same API in same API Gateway Instance?

Yes, you have to define multiple resource blocks since you want to add policy at operation level inside an API.

Hope this helps, let me know if you have any further questions on this.

Gayatri Gupta 0 Reputation points

2025-05-09T09:54:11.4+00:00

Hello @VenkateshDodda-MSFT , Please help to clarify one of my doubts on this bicep templates creation for the apis , api operations and operations-policies. In my project , I have defined multiple resource blocks to add different policies at operation level inside an API. My APIM resource is having multiple API resources which I am creating based on a parameter.json file. I am able to deploy the APIM service, the necessary APIs and the all operation/global policies but I am struggling a bit with the policy association at the individual operation level. As I am new to BICEP scripts , I would highly appreciate any help extended for me on how to successfully define each modules and then connect them according to their dependencies in one generic deploy.bicep .

Share via

how to incorporate individual policies for different operations inside a single API in an APIM

0 additional answers

Your answer