Reputation: 2032
Use same subscription key for APIM instances in Azure
we are using APIM premium version and ours is a active-active multi region setup. The problem we are facing is when one region UI calls another region API the calls failing because the subscription keys for the APIM on the both the region is different. is there a way I can set the subscription key for default subscription for the scope "service". I have tried the below powershell command from here but the second command fails saying the resource group not found, though from the first command its able to pull the details.
$apimContext = New-AzureRmApiManagementContext -ResourceGroupName "<RGName>" -ServiceName "<apimname>"
Set-AzureRmApiManagementSubscription -Context $apimContext -SubscriptionId "<azuresubscriptionid>" -PrimaryKey "<key1>" -SecondaryKey "<key2>" -State "Active" -Scope "Service"
also I have checked this question, but the link in the answer shows 404.
Instead of resetting the APIM subscription keys is there anyother best practices that we can follow for these kind of scenarios ?
Upvotes: 0
Views: 1223
Answers (3)
Reputation: 640
You can achieve this using the az cli by using the az rest command.
First use listSecrets to get the keys from one instance:
$ az rest --method post \
--uri /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}\
/providers/Microsoft.ApiManagement/service/{serviceName}\
/subscriptions/{sid}/listSecrets?api-version=2022-08-01
{
"primaryKey": "xxx",
"secondaryKey": "xxx"
}
And then use PATCH to update the other:
$ az rest --method patch \
--uri /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}\
/providers/Microsoft.ApiManagement/service/{serviceName}\
/subscriptions/{sid}?api-version=2022-08-01 \
--body '{"properties":{"primaryKey": "xxx","secondaryKey": "xxx"}}'
Upvotes: 0
Reputation: 2032
while @NadineRaiss answer solves the problem. I would like to add the issue what I have faced with powershell. I have set the context in az cli, az account set but if we are using powershell we need to set the context using set-azcontext for setting the powershell context. once I set that and ran the command, I am able to achieve what I wanted.
also, with this method we cannot update global subscription(master), we can only set the custom created product subscription.
Upvotes: 0
Reputation: 641
This article might help you achieve what you want. The user needed to have the same value for the subscription keys between two different environments. In order to do that, he enables the Management API and uses Postman to update the keys via a REST call.
Upvotes: 1
Related Questions
- How to bypass Subscription Key for single endpoint in the API in Azure API Managment
- Fetch Azure API Management subscription key using azure cli
- Azure API Management, single API accept AAD or subscription key
- Change APIM Subscription key header name that's already in use
- How to disable subscription key in Azure API Managment with Powershell
- Custom API key for Azure API management subscription
- API management URL is giving Missing subscription key Issue
- Azure API Management - Subscription keys for Applications?
- Add existing API to Azure API Management Service using powershell
- Azure API management keys