I have two instances of API Management(APIM), in two different regions. The endpoints are protected behind subscription keys. As known, you cannot set these, so they are different for each APIM instance. I am using Azure Traffic Manager in front of the APIM instance to handle load balancing and as an failover component. But when using two instances, with different keys, theres a major issue. Since traffic manager only redirects your requests, you will have unauthorized request to one of the endpoints. Anyone figured out how to deal with this?
3 Answers
2
votes
You can set subscription key to any value provided it's unique in instance: https://docs.microsoft.com/en-us/rest/api/apimanagement/2019-01-01/subscription/update
1
votes
0
votes
Traffic manager is just a layer 7 DNS based load balancer. You can use Traffic Manager to load balance only when both the instances are using the same key.
There are different profiles in Traffic Manager but there are no way to detect or choose a backend instance based the keys which is used.
Alternatively you can use Application gateway instead of the Traffic Manager and route the traffic based on the path to the instances.