@Timo Holm azurerm_api_management_backend does have the url and credentials parameters that you can use to set the backend service URL and the Client certificate.
Configure Azure API management operation backend url and client certificate via Terraform
I am using Terraform to provision Azure API management. I have succesfully proviosioned following resources
- azurerm_api_management
- azurerm_api_management_api
- azurerm_api_management_product
- azurerm_api_management_product_api
- azurerm_api_management_api_operation
- azurerm_api_management_named_value
- azurerm_api_management_api_operation_policy
- azurerm_api_management_backend
Idea is to use mutual client certificate authentication between APIM and AKS (which will use Nginx ingress controller auth-tls-verify-client ).
As you can see from the figure, currently I have to manually via Azure Portal, set service URL and select client certificate for the operation to use. How could I configure service URL and client certificate association for the operation via Terraform?
1 additional answer
Sort by: Most helpful
-
Anonymous
2022-10-12T14:58:24.127+00:00 @Timo Holm if you don't want to use a dedicated backend resource and add a backend basic auth or certificate, the way the Azure portal does it from the UI is by using one of the 2 simple authentication policy entries:
<authentication-basic username="" password="" /> <authentication-certificate thumbprint="" />
It seems to add it under the inbound processing section for some reason:
<policies> <inbound> <base /> <authentication-basic username="asdf" password="asdf" /> </inbound> <backend> <base /> </backend> <outbound> <base /> </outbound> <on-error> <base /> </on-error> </policies>