Network misconfigurations

Azure API management service without virtual network

Compliance Frameworks


It was detected that {AzureApiManagement} is not using a virtual network. Azure API Management can be deployed inside an Azure virtual network (VNet) to access backend services within the network. With Azure virtual networks (VNets), you can place your API Management instance in a non-internet-routable network to which you control access. In a virtual network, your API Management instance can securely access other networked Azure resources and also connect to on-premises networks using various VPN technologies. For more information, see
  • Recommended Mitigation

    It's recommended to set up VNet connectivity for your API Management instance in order to enable advanced API Management networking and security features.