Is there a holistic way to secure my Azure app services and function apps? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“I’m looking for a holistic approach to secure my azure backends like app services and function apps. By secure, I mean control what can talk to these services and how. I looked into securing backend services with API-M but that that doesn’t prevent me from going directly to the backend (around API-M)”

Check out the discussion here:


Participating in this discussion were:

Some comments and relevant links shared by the team:

  • Need to understand the deployment scenario and why this is an issue. Are APIs being presented externally? Want to block internal access for compliance/security reasons? API management provides a means to secure the APIs and control access. The backend APIs may still be accessible to services/connections unless the resources are secured separately.
  • Protect the API backend – 

Christian Buckley

Christian is a Microsoft Regional Director and M365 Apps & Services MVP, and an award-winning product marketer and technology evangelist, based in Silicon Slopes (Lehi), Utah. He is the Director of North American Partner Management for leading ISV Rencore (, leads content strategy for TekkiGurus, and is an advisor for both revealit.TV and WellnessWits. He hosts the monthly #CollabTalk TweetJam, the weekly #CollabTalk Podcast, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.