New-AzApiManagement
Creates an API Management deployment.
Syntax
New-AzApiManagement
-ResourceGroupName <String>
-Name <String>
-Location <String>
-Organization <String>
-AdminEmail <String>
[-Sku <string>]
[-Capacity <Int32>]
[-VpnType <PsApiManagementVpnType>]
[-VirtualNetwork <PsApiManagementVirtualNetwork>]
[-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
[-AdditionalRegions <PsApiManagementRegion[]>]
[-CustomHostnameConfiguration <PsApiManagementCustomHostNameConfiguration[]>]
[-SystemCertificateConfiguration <PsApiManagementSystemCertificate[]>]
[-SslSetting <PsApiManagementSslSetting>]
[-SystemAssignedIdentity]
[-UserAssignedIdentity <String[]>]
[-EnableClientCertificate]
[-Zone <String[]>]
[-DisableGateway <Boolean>]
[-MinimalControlPlaneApiVersion <String>]
[-PublicNetworkAccess <String>]
[-PublicIpAddressId <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
The New-AzApiManagement cmdlet creates an API Management deployment in Azure API Management.
Examples
Example 1: Create a Developer tier API Management service
New-AzApiManagement -ResourceGroupName "ContosoGroup02" -Name "ContosoApi2" -Location "Central US" -Organization "Contoso" -AdminEmail "admin@contoso.com"
PublicIPAddresses : {104.43.240.65}
PrivateIPAddresses :
Id : /subscriptions/a200340d-6b82-494d-9dbf-687ba6e33f9e/resourceGroups/ContosoGroup02/providers/Microsoft.ApiManagement/service/ContosoApi2
Name : ContosoApi2
Location : Central US
Sku : Developer
Capacity : 1
CreatedTimeUtc : 2/24/2020 10:34:12 PM
ProvisioningState : Succeeded
RuntimeUrl : https://contosoapi2.azure-api.net
RuntimeRegionalUrl : https://contosoapi2-centralus-01.regional.azure-api.net
PortalUrl : https://contosoapi2.portal.azure-api.net
DeveloperPortalUrl : https://contosoapi2.developer.azure-api.net
ManagementApiUrl : https://contosoapi2.management.azure-api.net
ScmUrl : https://contosoapi2.scm.azure-api.net
PublisherEmail : admin@contoso.com
OrganizationName : Contoso
NotificationSenderEmail : apimgmt-noreply@mail.windowsazure.com
VirtualNetwork :
VpnType : None
PortalCustomHostnameConfiguration :
ProxyCustomHostnameConfiguration : {contosoapi2.azure-api.net}
ManagementCustomHostnameConfiguration :
ScmCustomHostnameConfiguration :
DeveloperPortalHostnameConfiguration :
SystemCertificates :
Tags : {}
AdditionalRegions : {}
SslSetting : Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementSslSetting
Identity :
EnableClientCertificate :
ResourceGroupName : ContosoGroup02
This command creates a Developer tier API Management service. The command specifies the organization and the administrator address. The command does not specify the SKU parameter. Therefore, the cmdlet uses the default value of Developer.
Example 2: Create a Standard tier service that has three units
New-AzApiManagement -ResourceGroupName "ContosoGroup02" -Name "ContosoApi" -Location "Central US" -Organization "Contoso" -AdminEmail "admin@contoso.com" -Sku Standard -Capacity 3
This command creates a Standard tier API Management service that has three units.
Example 3: Create a Consumption tier service
New-AzApiManagement -ResourceGroupName Api-Default-North-Europe -Name consumptionskuservice -Location 'West Europe' -Sku Consumption -Organization microsoft -AdminEmail contoso@contoso.com -SystemAssignedIdentity -EnableClientCertificate
PublicIPAddresses :
PrivateIPAddresses :
Id : /subscriptions/subid/resourceGroups/Api-Default-North-Europe/providers/Microsoft.ApiManagement/service/consumptionskuservice
Name : consumptionskuservice
Location : West Europe
Sku : Consumption
Capacity : 0
ProvisioningState : Succeeded
RuntimeUrl : https://consumptionskuservice.azure-api.net
PortalCustomHostnameConfiguration :
ProxyCustomHostnameConfiguration : {consumptionskuservice.azure-api.net}
ManagementCustomHostnameConfiguration :
ScmCustomHostnameConfiguration :
DeveloperPortalHostnameConfiguration :
SystemCertificates :
Tags : {}
AdditionalRegions : {}
SslSetting : Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementSslSetting
Identity : Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementServiceIdentity
EnableClientCertificate : True
ResourceGroupName : Api-Default-North-Europe
This command creates a consumption tier API Management service with Client Certificate enabled in west Europe.
Example 4: Create an API Management service and Enable TLS 1.0 protocol
$enableTls=@{"Tls10" = "True"}
$sslSetting = New-AzApiManagementSslSetting -FrontendProtocol $enableTls -BackendProtocol $enableTls
New-AzApiManagement -ResourceGroupName Api-Default-CentralUS -Name "testtlspowershell" -Sku Standard -Location "CentralUS" -Organization "Microsoft" -AdminEmail "bar@contoso.com" -SslSetting $sslSetting
PublicIPAddresses : {23.99.140.18}
PrivateIPAddresses :
Id : /subscriptions/subid/resourceGroups/Api-Default-CentralUS/providers/Microsoft.ApiManagement/service/testtlspowershell
Name : testtlspowershell
Location : Central US
Sku : Standard
Capacity : 1
ProvisioningState : Succeeded
RuntimeUrl : https://testtlspowershell.azure-api.net
RuntimeRegionalUrl : https://testtlspowershell-centralus-01.regional.azure-api.net
PortalUrl : https://testtlspowershell.portal.azure-api.net
ManagementApiUrl : https://testtlspowershell.management.azure-api.net
ScmUrl : https://testtlspowershell.scm.azure-api.net
PublisherEmail : bar@contoso.com
OrganizationName : Microsoft
NotificationSenderEmail : apimgmt-noreply@mail.windowsazure.com
VirtualNetwork :
VpnType : None
PortalCustomHostnameConfiguration :
ProxyCustomHostnameConfiguration : {testtlspowershell.azure-api.net}
ManagementCustomHostnameConfiguration :
ScmCustomHostnameConfiguration :
DeveloperPortalHostnameConfiguration :
SystemCertificates :
Tags : {}
AdditionalRegions : {}
SslSetting : Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementSslSetting
Identity :
EnableClientCertificate :
ResourceGroupName : Api-Default-CentralUS
This command creates a Standard SKU Api Management service and Enable TLS 1.0 on Frontend client to ApiManagement Gateway and Backend client between ApiManagement Gateway and Backend.
Example 5: Create an API Management service in Availability Zones
New-AzApiManagement -ResourceGroupName "contoso-rg" -Name "apim-test-pshell-azs" -Location "Central US" -Organization "Contoso" -AdminEmail "admin@contoso.com" -Sku Premium -Capacity 3 -Zone @("1","2","3")
PublicIPAddresses : {52.238.252.170}
PrivateIPAddresses :
Id : /subscriptions/aa7def4e-6bcd-4b28-b8d5-7613a618e753/resourceGroups/contoso-rg/providers/Microsoft.ApiManagement/service/apim-test-pshell-azs
Name : apim-test-pshell-azs
Location : Central US
Sku : Premium
Capacity : 3
CreatedTimeUtc : 7/30/2021 7:47:12 PM
ProvisioningState : Succeeded
RuntimeUrl : https://apim-test-pshell-azs.azure-api.net
RuntimeRegionalUrl : https://apim-test-pshell-azs-centralus-01.regional.azure-api.net
PortalUrl : https://apim-test-pshell-azs.portal.azure-api.net
DeveloperPortalUrl : https://apim-test-pshell-azs.developer.azure-api.net
ManagementApiUrl : https://apim-test-pshell-azs.management.azure-api.net
ScmUrl : https://apim-test-pshell-azs.scm.azure-api.net
PublisherEmail : admin@contoso.com
OrganizationName : Contoso
NotificationSenderEmail : apimgmt-noreply@mail.windowsazure.com
VirtualNetwork :
VpnType : None
PortalCustomHostnameConfiguration :
ProxyCustomHostnameConfiguration : {apim-test-pshell-azs.azure-api.net}
ManagementCustomHostnameConfiguration :
ScmCustomHostnameConfiguration :
DeveloperPortalHostnameConfiguration :
SystemCertificates :
Tags : {}
AdditionalRegions : {}
SslSetting : Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementSslSetting
Identity :
EnableClientCertificate :
Zone : {1, 2, 3}
DisableGateway : False
MinimalControlPlaneApiVersion :
ResourceGroupName : contoso-rg
This command creates a Premium SKU Api Management service in Zones
Example 6: Create an API Management service in Internal Mode into Virtual Network with Stv2
$virtualNetwork = New-AzApiManagementVirtualNetwork -SubnetResourceId "/subscriptions/4f5285a3-9fd7-40ad-91b1-d8fc3823983d/resourceGroups/contosogroup/providers/Microsoft.Network/virtualNetworks/apimvnet/subnets/ps"
$publicIpAddressId = "/subscriptions/4f5285a3-9fd7-40ad-91b1-d8fc3823983d/resourceGroups/contosogroup/providers/Microsoft.Network/publicIPAddresses/apim-external-vnet-ipv4"
New-AzApiManagement -ResourceGroupName "contosogroup" -Location "West US2" -Name "pstestinternalvnet2" -Organization "Contoso" -AdminEmail "admin@contoso.com" -VirtualNetwork $virtualNetwork -VpnType "Internal" -Sku "Premium" -PublicIpAddressId $publicIpAddressId
PublicIPAddresses : {20.99.249.73}
PrivateIPAddresses : {10.0.2.4}
Id : /subscriptions/4f5285a3-9fd7-40ad-91b1-d8fc3823983d/resourceGroups/contosogroup/providers/Microsoft.ApiManagement/service/pstestinternalvnet2
Name : pstestinternalvnet2
Location : West US 2
Sku : Premium
Capacity : 1
CreatedTimeUtc : 3/24/2022 11:09:57 PM
ProvisioningState : Succeeded
RuntimeUrl : https://pstestinternalvnet2.azure-api.net
RuntimeRegionalUrl : https://pstestinternalvnet2-westus2-01.regional.azure-api.net
PortalUrl : https://pstestinternalvnet2.portal.azure-api.net
DeveloperPortalUrl : https://pstestinternalvnet2.developer.azure-api.net
ManagementApiUrl : https://pstestinternalvnet2.management.azure-api.net
ScmUrl : https://pstestinternalvnet2.scm.azure-api.net
PublisherEmail : admin@contoso.com
OrganizationName : Contoso
NotificationSenderEmail : apimgmt-noreply@mail.windowsazure.com
VirtualNetwork : Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementVirtualNetwork
VpnType : Internal
PortalCustomHostnameConfiguration :
ProxyCustomHostnameConfiguration : {pstestinternalvnet2.azure-api.net}
ManagementCustomHostnameConfiguration :
ScmCustomHostnameConfiguration :
DeveloperPortalHostnameConfiguration :
SystemCertificates :
Tags : {}
AdditionalRegions : {}
SslSetting : Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementSslSetting
Identity :
EnableClientCertificate :
Zone :
DisableGateway :
MinimalControlPlaneApiVersion :
PublicIpAddressId : /subscriptions/4f5285a3-9fd7-40ad-91b1-d8fc3823983d/resourceGroups/contosogroup/providers/Microsoft.Network/publicIPAddresses/apim-external-vnet-ipv4
PlatformVersion : stv2
PublicNetworkAccess : Enabled
PrivateEndpointConnections :
ResourceGroupName : contosogroup
The cmdlet deploys the API Management service into Virtual Network using stv2 platform version.
Example 7: Create an API Management service for an external virtual network for Stv1
$virtualNetwork = New-AzApiManagementVirtualNetwork -SubnetResourceId "/subscriptions/a8ff56dc-3bc7-4174-b1e8-3726ab15d0e2/resourceGroups/ContosoGroup/providers/Microsoft.Network/virtualNetworks/westUsVirtualNetwork/subnets/backendSubnet"
New-AzApiManagement -ResourceGroupName "ContosoGroup" -Location "West US" -Name "ContosoApi" -Organization Contoso -AdminEmail admin@contoso.com -VirtualNetwork $virtualNetwork -VpnType "External" -Sku "Premium"
This command creates a Premium-tier API Management service in an Azure virtual network subnet having an external-facing gateway endpoint with a master region in the West US in stv1 model
Parameters
-AdditionalRegions
Additional deployment regions of Azure API Management.
Type: | PsApiManagementRegion[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AdminEmail
Specifies the originating email address for all notifications that the API Management system sends.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Capacity
Specifies the SKU capacity of the Azure API Management service. The default is one (1).
Type: | Nullable<T>[Int32] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-CustomHostnameConfiguration
Custom hostname configurations. Default value is $null. Passing $null will set the default hostname.
Type: | PsApiManagementCustomHostNameConfiguration[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisableGateway
Flag only meant to be used for Premium SKU ApiManagement Service and Non Internal VNET deployments. This is useful in case we want to take a gateway region out of rotation. This can also be used to standup a new region in Passive mode, test it and then make it Live later.
Type: | Nullable<T>[Boolean] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EnableClientCertificate
Flag only meant to be used for Consumption SKU ApiManagement Service. This enforces a client certificate to be presented on each request to the gateway. This also enables the ability to authenticate the certificate in the policy on the gateway.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Location
Specifies the location to create the Api Management service. To obtain valid locations, use the cmdlet Get-AzResourceProvider -ProviderNamespace "Microsoft.ApiManagement" | where {$_.ResourceTypes[0].ResourceTypeName -eq "service"} | Select-Object Locations
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-MinimalControlPlaneApiVersion
Minimal Control Plane Apis version to allow for managing the API Management service.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
Specifies a name for the API Management deployment.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Organization
Specifies the name of an organization. API Management uses this address in the developer portal in email notifications.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-PublicIpAddressId
Standard SKU PublicIpAddress ResoureId for integration into stv2 Virtual Network Deployments
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PublicNetworkAccess
Whether or not public endpoint access is allowed for this service.Possible values include: 'Enabled', 'Disabled'
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceGroupName
Specifies the name of the of resource group under which this cmdlet creates an API Management deployment.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Sku
The tier of the Azure API Management service. Valid values are Developer, Basic, Standard, Premium and Consumption. The default value is Developer.
Type: | Nullable<T>[PsApiManagementSku] |
Accepted values: | Developer, Basic, Standard, Premium, Consumption |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-SslSetting
The Ssl Setting of the ApiManagement Service. Default value is $null
Type: | PsApiManagementSslSetting |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-SystemAssignedIdentity
Generate and assign an Azure Active Directory Identity for this server for use with key management services like Azure KeyVault.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SystemCertificateConfiguration
Certificates issued by Internal CA to be installed on the service. Default value is $null.
Type: | PsApiManagementSystemCertificate[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Tag
Tags dictionary.
Type: | Dictionary<TKey,TValue>[System.String,System.String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-UserAssignedIdentity
Assign User Identities to this server for use with key management services like Azure KeyVault.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VirtualNetwork
Virtual Network Configuration of master Azure API Management deployment region.
Type: | PsApiManagementVirtualNetwork |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VpnType
Virtual Network Type of the ApiManagement Deployment. Valid Values are
- "None" (Default Value. ApiManagement is not part of any Virtual Network")
- "External" (ApiManagement Deployment is setup inside a Virtual Network having an Internet Facing Endpoint)
- "Internal" (ApiManagement Deployment is setup inside a Virtual Network having an Intranet Facing Endpoint)
Type: | PsApiManagementVpnType |
Accepted values: | None, External, Internal |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Zone
A list of availability zones denoting where the api management service is deployed into.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Inputs
Nullable<T>[[Microsoft.Azure.Commands.ApiManagement.Models.PsApiManagementSku, Microsoft.Azure.PowerShell.Cmdlets.ApiManagement, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]]
Nullable<T>[[System.Int32, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]
Dictionary<TKey,TValue>[[System.String, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e],[System.String, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]
PsApiManagementCustomHostNameConfiguration[]
PsApiManagementSystemCertificate[]
Outputs
Related Links
Azure PowerShell