Update azure api inbound policy from powershell

Question

Firstly Thanks for looking into this.

I've a requirement to update the inbound policy of an API managed by Azuremanagementservice from powershell. For this I have tried accessing the API from powershell unfortunately ended up at no progress.

What I am looking for via powershell a) Access API under AzuremanagementService b) Update the inbound operation policy

Thanks

Answer 1

If you want to set policies by Azure PowerShell, try the code below(adding a root level inbound IP block policy for demo):

$newPolicy = '<policies>
                <inbound>
                    <ip-filter action="forbid">
                        <address-range from="192.168.0.1" to="192.168.0.2" />
                    </ip-filter>
                </inbound>
                <backend>
                    <forward-request />
                </backend>
                <outbound />
                <on-error />
             </policies>'

$apim_context = New-AzApiManagementContext -ResourceGroupName "<resource group name>" -ServiceName "<API management service name>"

Set-AzApiManagementPolicy -Context $apim_context  -Policy $newPolicy

Result:

For more about Set-AzApiManagementPolicy operations, please see this reference doc.

UPDATE

If you want to modify the policy at API level, you need to use command below to get all ApiId:

Get-AzApiManagementApi -Context $apim_context | Select-Object Name,ApiId

I specify the ApiID as "echo-api":

Set-AzApiManagementPolicy -Context $apim_context  -Policy $newPolicy -ApiId 'echo-api'

Result:

For more about set policy using PowerShell, please see here.

Answer 2

You can do this by using the REST API:
Api Operation Policy - Create Or Update

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/apis/{apiId}/operations/{operationId}/policies/policy?api-version=2019-12-01