API Management Deployment - Service Activation Failed

Taranjeet Malik 451 Reputation points

Hi there

I've deployed Azure API Management instance inside a VNet (Internal mode). This APIM instance sits in a spoke VNet (Subscription) and the Hub subscription has all the shared services such as Firewall, Gateway, Active Directory DNS. Internet traffic is currently not forced tunneled to on-prem and exits directly through Azure Firewall. Have completed the following configurations before APIM deployment:

  1. Created a custom Azure DNS Zone and a self-signed SSL Certificate with the required names.
  2. Linked this zone to Hub as well as spoke VNets.
  3. Created required DNS Records for the APIM resources (Gateway, portal etc.).
  4. Created NSG rules to allow inbound and outbound traffic for APIM. This also includes enabling DNS traffic to Active Directory DNS in the Hub Subscription.
  5. Created Azure Firewall rules to allow traffic to services (such as Azure AD) required by AIM
  6. Created Route Table for the APIM Subnet to bypass the API Management traffic to go directly to Internet.
  7. Enabled Service Endpoints for Storage, Key Vault, and Even Grid services on APIM subnet.
  8. Created a Public IP Address resource for APIM Management Plane functions.

I've reviewed the following articles:




Problem statement: The APIM deployment finished with following error:

ERROR: {"status":"Failed","error":{"code":"DeploymentFailed","target":"/subscriptions/

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,873 questions
0 comments No comments
{count} votes