design API gateway in Azure for Django API

revanth kumar 0 Reputation points
2024-02-22T05:06:43.69+00:00

I have my Api written in python Django, now client is asking to design an Api gateway in azure, but the catch is he said he would deploy api in his internal servers. Api also uses database, which is inside his firewall, now i want to know how to design Api gateway to send outside requests to my api which is inside client firewall.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,066 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Luis Arias 6,461 Reputation points
    2024-02-22T09:06:48.1833333+00:00

    Hi revanth kumar,

    This design is depending on the comunication from Internal (Onpremise) network and azure virtual network, There are many options and here’s a high-level design for two possible escenaries :

    Connection thorught VPN to azure

    +----------------+     +-----------------+     +-----------------+     +-----------------+
    |                |     |                 |     |                 |     |                 |
    |  External      |     |  Azure API      |     |  Internal       |     |  Django API     |
    |  Client        | --> |  Management     | --> |  Network(FW)    | --> |  & Database     |
    |                |     |  (API Gateway)  |     |  (VNet/VPN)     |     |                 |
    +----------------+     +-----------------+     +-----------------+     +-----------------+
    
    

    Considerations:

    • API Gateway Setup: Use Azure API Management.
    • Internal Deployment: Deploy Azure API Management instance to a virtual network in internal mode.
    • Connect to Internal Servers: Use internal mode on API Management and the VNet. Route all internal traffic via VNets/VPN. For external traffic, use a Web Application Firewall (WAF) with VNet User Defined Routes (UDR).
    • Database Connection: API and Database in the same network it doesn't require additional config
    • Django API: Set up your Django API to accept calls under certain patterns.

    Insight: You might also need to consider aspects like security, scalability, and maintainability while designing your solution in the other azure services.

    Connection thorught Firewall publishing APIs

    +----------------+     +-----------------+     +-----------------+     +-----------------+
    |                |     |                 |     |                 |     |                 |
    |  External      |     |  Azure API      |     |  Firewall       |     |  Django API     |
    |  Client        | --> |  Management     | --> |  (Public Access)| --> |  & Database     |
    |                |     |  (API Gateway)  |     |                 |     |                 |
    +----------------+     +-----------------+     +-----------------+     +-----------------+
    

    Considerations:

    • API Gateway Setup: Use Azure API Management.
    • Connect to Internal Servers: The API Gateway forwards the request to the Firewall (which allows public access or white-list access). The Firewall then sends the request to the Django API & Database.
    • Database Connection: API and Database in the same network it doesn't require additional config
    • Django API: Set up your Django API to accept calls under certain patterns.

    Insight: It’s important to ensure that the APIs are secure and that the firewall is properly configured to only allow authorized traffic

    Additional references:

    Let me know if this help you.

    Luis,

    If the information helped address your question, please Accept the answer.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.