Azure Policy built-in policy definitions for Azure API Management

This page is an index of Azure Policy built-in policy definitions for Azure API Management. For additional Azure Policy built-ins for other services, see Azure Policy built-in definitions. For API Management policy samples, see API Management - Policy index.

The name of each built-in policy definition links to the policy definition in the Azure portal. Use the link in the Version column to view the source on the Azure Policy GitHub repo.

Azure API Management

(Azure portal)
Description Effect(s) Version
API Management service should use a SKU that supports virtual networks With supported SKUs of API Management, deploying service into a virtual network unlocks advanced API Management networking and security features which provides you greater control over your network security configuration. Learn more at: Audit, Deny, Disabled 1.0.0
API Management services should use a virtual network Azure Virtual Network deployment provides enhanced security, isolation and allows you to place your API Management service in a non-internet routable network that you control access to. These networks can then be connected to your on-premises networks using various VPN technologies, which enables access to your backend services within the network and/or on-premises. The developer portal and API gateway, can be configured to be accessible either from the Internet or only within the virtual network. Audit, Disabled 1.0.1

Next steps