Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,918 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Good afternoon
I am currently advising a company for compliance with the PCI DSS standard in Azure and the following scenario arises. They have an API manager where all the APIs are configured without discrimination, both those that consume and do not consume card data in the Backend. My question is the following, what is the recommended architecture to be able to isolate those APIs that must be part of PCI DSS and separate them from those that are not PCI DSS, or failing that, if it were not necessary to isolate them, so that I can make sure The APIs do not talk to each other and do not have direct communication.
I thank you in advance for your response.
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more