Recently I am setting up some Azure API management services and thinking about how to automate the process of backing up and restoring API management configurations in case of disaster recovery scenarios.
I understand there are many ways to do that. I will start with a C# app first and show you how I achieved to back up the Azure API management service’s configurations to a blob storage via API calls.
Creating Azure AD Application for Token Authentications
- Login Azure AD and navigate to the App registrations
- Create a new application registration
- Fill in the application name and select Native for the application type
- Enter a URL for the URL redirection field
- Complete the app registration
- Go to settings -> Add “Windows Azure Service Management API” as required permissions
Once finish the steps above, you will have Azure App Id & redirect URL, we will use these values to retrieve the authtoken to access azure environment.
I installed “Microsoft.IdentityModel.Clients.ActiveDirectory” NuGet package in my local visual studio environment and use below code to retrieve the token
var authenticationContext = new AuthenticationContext(“https://login.microsoftonline.com/{tenant id}”);
var result = authenticationContext.AcquireToken(“https://management.azure.com/”, {application id}, new Uri({redirect uri});
My local visual studio code looks like below:
Once the tenant Id, Application Id, Redirect URL are correctly specified in the , you will get below token result:
Calling Azure API to back up or restore API Management service
Back up an API Management Service
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/backup?api-version={api-version}
Restore an API Management Service
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/restore?api-version={api-version}
The API request header Content-Type value needs to be set to “application/json”
In the body of request, specify the target Azure Storage account name, access key, blob container name, and backup name
‘{
storageAccount : {storage account name for the backup},
accessKey : {access key for the account},
containerName : {backup container name},
backupName : {backup blob name}
}’
Below is the code I created to make the API call to trigger backup.
Once the code is successfully run and the backup process is initiated, I receive 202 response code. on the Azure API management service side, I can see my http client retrieves the token and completes the back up from the API management service activity log:
If we go to the backup storage location, we will be able to see the successful backup in the target storage container, the storage account can be different regions in order to provide Geo-redundancy.
To restore the API service, you can follow the same process of one click re-run the app, retrieve authtokens and call the restore API interface. Once it’s complete the restore, the logs in the API management service will look like below:
Hopefully this can be helpful when it comes to API management service. I will try to make the Net code to work on Azure functions next and share with you guys later. 🙂