Ensure that your Azure API Management service instances are using system-assigned managed identities in order to allow secure access to other Microsoft Azure protected resources such as Azure Key Vaults. System-assigned managed identities minimizes risks, simplifies management, and maintains compliance with evolving cloud services.
excellence
Using system-assigned managed identities for Azure API Management services enhances security by allowing the API service instances to authenticate and authorize with Azure resources without the need for explicit credentials, reducing the risk associated with credential management and providing a seamless and more secure integration with other cloud services.
Audit
To determine if your Azure API Management services are configured to use system-assigned managed identities, perform the following actions:
Remediation / Resolution
To ensure that your Azure API Management service instances are configured to use system-assigned managed identities, perform the following actions:
References
- Azure Official Documentation
- What are managed identities for Azure resources?
- Use managed identities in Azure API Management
- Authenticate with managed identity
- Azure PowerShell Documentation
- az apim list
- az apim show
- Get-AzApiManagement
- Set-AzApiManagement
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Use System-Assigned Managed Identities for Azure API Management Services
Risk Level: Medium