Is there a holistic way to secure my Azure app services and function apps? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“I’m looking for a holistic approach to secure my azure backends like app services and function apps. By secure, I mean control what can talk to these services and how. I looked into securing backend services with API-M but that that doesn’t prevent me from going directly to the backend (around API-M)”

Check out the discussion here:

 

Participating in this discussion were:

Some comments and relevant links shared by the team:

  • Need to understand the deployment scenario and why this is an issue. Are APIs being presented externally? Want to block internal access for compliance/security reasons? API management provides a means to secure the APIs and control access. The backend APIs may still be accessible to services/connections unless the resources are secured separately.
  • Protect the API backend – https://docs.microsoft.com/en-us/azure/api-management/transform-api 

Christian Buckley

Christian is the Microsoft GTM Director for AvePoint Inc., and a Microsoft Regional Director and Office Apps & Services MVP based in Silicon Slopes (Lehi), Utah. He hosts the AvePoint Office 365 Hours (#O365hours) series, monthly #CollabTalk TweetJam, the #CollabTalk Podcast, and leads the monthly Microsoft 365 Ask-Me-Anything (#M365AMA) live stream. He is based in Lehi, Utah (Silicon Slopes).