0

I am trying to set up a new environment on azure.

The main idea is to have multiple Function Apps accessible only using API Management, so Im trying to set apps restriction to only Virtual Network.

I've done:

  • created Virtual Network with default subnet with address space 192.168.0.0/24
  • created APIM with Virtual Network set to External and connected to that VNet I've created
  • created Function apps within ConsumptionPlan with IP restriction only from the created VNet
  • imported APIs from Functions to APIM
  • set up AAD login

Now when I try to access some function endpoint directly (using the URL of the function app), it throws me 403 error, what is fine. When I call some endpoint using APIM, it redirects me to the function app URL and throws me 403 again. When I add my IP to allowed list of the function, I can connect, but also directly using function URL.

My idea was to have accessible e.g. https://apim.azure-api.net/endpoint-url and not directly https://functionapp.azurewebsites.net/endpoint-url (only using APIM)

Any ideas how could I proceed with this?

bbz
  • 91
  • 1
  • 8
  • When accessing the APIM endpoint, it shouldn't be redirecting you though. It should just forward the request and return the response. Could you check your API policies and share them here too if possible? – PramodValavala Nov 21 '19 at 09:17
  • I haven't set any policies..I just imported the APIs from Function Apps – bbz Nov 21 '19 at 13:43

0 Answers0