Ensure that your Azure API Management API gateways are configured to use HTTP/2 in order to increase the API performance on the client-side. HTTP/2 represents a major revision of the HTTP protocol, that has the primary goal of reducing the impact of latency and connection load on servers by implementing full request and response multiplexing, minimizing protocol overhead via compression of HTTP header fields, and by adding support for HTTP request prioritization and server push.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
efficiency
Enabling HTTP/2 for your Azure API Management API gateways can significantly enhance the performance, efficiency, and scalability of your API infrastructure, resulting in a more responsive and efficient API ecosystem.
Audit
To determine if the HTTP/2 support is enabled for your Azure API Management API gateways, perform the following actions:
Remediation / Resolution
To enable the HTTP/2 support for your Azure API Management API gateways, perform the following actions:
References
- Azure Official Documentation
- Azure security baseline for API Management
- Manage protocols and ciphers in Azure API Management
- Api Management Service - Create Or Update
- Azure PowerShell Documentation
- az apim list
- az apim show
- az apim update