Choosing between Azure API Management serverless and other pricing tiers

Azure API Management (APIM) is an old and mature Azure service. With the rise of API-driven architectures, APIM has become a first-class citizen in most Azure solutions. A while back, Microsoft proposed a serverless flavor of APIM, namely the Consumption tier. This pricing tier offers what we like about serverless: automatic scalability, cost friendliness, and nearly zero operations.

However, there are also a few downsides when using the serverless tier. The online Microsoft documentation already lists all the features available in each tier. Still, I thought it would be more relevant to list the use cases instead of the features, especially for people still discovering Azure. Below is a list of use cases and when it makes sense to use serverless and when it does not.

1. Since the developer portal is unavailable for the Consumption tier, you will have to onboard API consumers your way.

2. Because the serverless tier does not offer a VIP (Virtual IP address), nor does it integrate with virtual networks, it is impossible to lock down the network and restrict traffic to your APIM instance only. However, if your backend services integrate with Azure Active Directory, you can leverage APIM’s managed identity (system and user-assigned) to authenticate APIM against your backend. It will make sure traffic goes through the API gateway. However, beware that not all the policies are available for the serverless tier. It means you won’t be able to enforce as many controls as with the other APIM tiers.

In conclusion, the Consumption tier is suitable for companies who do not want to invest too much money in their APIs and deal with basic API needs. It would help if you considered using another tier when you have stricter security and high availability requirements.