API Manager creation automation

Volodymyr Litovka 121 Reputation points

Hi, I recently faced an issue which I don't know how (if ever) it's possible to fix, may be someone can help with this. I'm using Terraform, but as far as I understand it does not depend on automation tool. So, I need to create APIM with custom domains with certificates in Keyvault. The only possible chain is:

  1. Create API Management
  2. Extract System Assigned Managed Identity
  3. Create Key Vault access policy, allowing the identity to read secrets
  4. Update API Manager with custom domain(s)

The problem here is that it takes unreasonably long time - (1) is about 20-30 minutes and then (4) is not quicker. So, I tried to optimize it using another chain of steps -

  1. Create User Assigned Managed Identity
  2. Create Key Vault policy allowing the identity to read secrets
  3. Create API Management with configured custom domains, using the User-Assigned identity

which should be twice quicker BUT it does not work, because only System Assigned Identity can be used to access Key Vault.

Here is the question - is it possible to create APIM with custom domains with certificates in Keyvault in faster, than my 1st way?

Thank you.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,851 questions
0 comments No comments
{count} votes