Skip to content

antoniocaccamo/labs-apim

Repository files navigation

labs apim

scenario

sequenceDiagram
  
    title: oauth2 client credential 
  
    box gray Internet 
    participant C as Client 
    end

    box rgb(0, 80, 255) Azure
    participant AAD as Azure AD
    participant AG as Application<br/>Gateway 
    participant APM as API <br/> Management 
    participant R as Resource<br/>Server
    end

    
    autonumber
    Note over C, R:  requires app registration on Azure AD <br> for Client and Resource Server 
    %% token acquisition 
    C ->> AAD: access token request
    AAD ->> C: 
    
    %% api call
    C  ->> AG: api call 
    AG ->> APM:   
    activate C
    APM ->> APM: apply security policy
    APM ->> +R: forward request 
    R --> AAD:  validate jwt token
%%  R ->> R: serve
    R ->> -APM: response
    APM ->> AG: forward  response
    AG ->> C: 
    deactivate C
Loading

documentation

steps

  • main infrstructure with terraform
  • domain registered
  • wild certificate
  • API software
  • WEB software
  • Private DNS
  • APIM instance
  • APP GW instance

reference links

App GW & APIM

Azure Terraform

  1. Terraform Azure Modules

Let's encrypt

  1. Wildcard SSL certificate by Let's Encrypt