CODEWITHSUNDEEP
azureterraformapimterraform-cdk
Gregory Danenberg
Gregory Danenberg

Reputation: 529

Azure apim named value for backend setup

I have an APIM named value that points to a secret in Key Vault.
I'm seeking a solution to utilize this 'named value' as a header value when defining the APIM backend.
Here is a snippet of the code in CDK for Terraform:

        apim_backend = api_management_backend.ApiManagementBackend(self, "openai_apim_backend",
        name="cdktf-openai-backend",
        resource_group_name=openai_resource_group_name,
        api_management_name=apim_name,
        protocol="http",
        url="https://example.privatelink.openai.azure.com",
        credentials={
            "header": {
                "api-key": <<here should be named value>>,
                "Content-Type": "application/json"
            }
        }
    )

Is it possible?

Upvotes: 0

Views: 338

Answers (1)

Mohamed Azarudeen Z
Mohamed Azarudeen Z

Reputation: 1327

I guess its possible. To reference an (APIM) in your CDK for Terraform code when defining the backend.

Assuming you have already created a Named Value in your APIM instance that references a Key Vault secret, you would need to retrieve the secret value using the APIM REST API and then use that value in your CDK code.

import requests

# Your APIM details
apim_name = "your_apim_name"
resource_group_name = "your_resource_group_name"
named_value_name = "your_named_value_name"

# Fetch the secret value from the Named Value
apim_named_value_url = f"https://{apim_name}.management.azure-api.net/namedValues/{named_value_name}?api-version=2021-01-01"
apim_named_value_response = requests.get(apim_named_value_url, headers={"Authorization": "Bearer YOUR_APIM_TOKEN"})

if apim_named_value_response.status_code == 200:
    named_value_secret = apim_named_value_response.json()["properties"]["value"]
else:
    # Handle the error

# Use the secret in your CDK code
apim_backend = api_management_backend.ApiManagementBackend(
    self,
    "openai_apim_backend",
    name="cdktf-openai-backend",
    resource_group_name=resource_group_name,
    api_management_name=apim_name,
    protocol="http",
    url="https://example.privatelink.openai.azure.com",
    credentials={
        "header": {
            "api-key": named_value_secret,
            "Content-Type": "application/json"
        }
    }
)

Upvotes: 0

Related Questions