Configure Azure API management operation backend url and client certificate via Terraform

Timo Holm 71 Reputation points

I am using Terraform to provision Azure API management. I have succesfully proviosioned following resources

  • azurerm_api_management
  • azurerm_api_management_api
  • azurerm_api_management_product
  • azurerm_api_management_product_api
  • azurerm_api_management_api_operation
  • azurerm_api_management_named_value
  • azurerm_api_management_api_operation_policy
  • azurerm_api_management_backend

Idea is to use mutual client certificate authentication between APIM and AKS (which will use Nginx ingress controller auth-tls-verify-client ).

As you can see from the figure, currently I have to manually via Azure Portal, set service URL and select client certificate for the operation to use. How could I configure service URL and client certificate association for the operation via Terraform?


Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,745 questions
0 comments No comments
{count} votes

1 additional answer

Sort by: Most helpful
  1. Anonymous

    @Timo Holm if you don't want to use a dedicated backend resource and add a backend basic auth or certificate, the way the Azure portal does it from the UI is by using one of the 2 simple authentication policy entries:

    <authentication-basic username="" password="" />  
    <authentication-certificate thumbprint="" />  

    It seems to add it under the inbound processing section for some reason:

    		<base />  
    		<authentication-basic username="asdf" password="asdf" />  
    		<base />  
    		<base />  
    		<base />  


    0 comments No comments