Secure Azure Functions Using API Management
    • Dark
      Light
    • PDF

    Secure Azure Functions Using API Management

    • Dark
      Light
    • PDF

    Article summary

    #ServerlessTips - Azure Functions
    Author: Steef-Jan Wiggers Azure MVP

    With an HTTP triggered Azure Function it will have an available endpoint that a client application or service can call. This endpoint consists of the name of your function app, the standard DNS azurewebsite.net., api/(name of your function), and an accesskey (code) for your function:

    https://<name of your function app>.azurewebsites.net/api/<name of your function>?code=<function key>

    You can manage the function and function host keys in the manage tab of your function or the function app settings.

    The security for your functions' endpoints can be further enhanced by leveraging API Management service in Azure. With API Management you have an API gateway that can expose your function endpoint more securely by leveraging policies such as enforce authentication with basic authentication, restrict caller IPs, validate JWT tokens and rate limiting.

    Azure Functions do offer a proxy capability, which allows you to secure you HTTP triggered functions too. However, this proxy capability has limited features compared to API Management.

    With API Management you do add extra costs to your function – yet comes with more security features and other capabilities that can be valuable for exposing your functions to the outside world.

    Lastly, you can import your function in API Management easily, refer Import an Azure Function App as an API in Azure API Management on Microsoft docs.

    Azure-functions.png


    Was this article helpful?

    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence