After introducing MCP servers. within Azure API Management and me blogging about it, now we have A2A API support. This makes APIM a very good choice for protecting, accelerating and observing your AI apps. Obviously I was tempted to find out how this new API type can be deployed via Bicep as proper documentation is lacking.
Azure Policy checks Azure resources and operations by matching their properties against defined business rules. It helps to enforce organizational standards and to assess compliance at-scale. Azure Policy is commonly used to enforce governance across Azure, ensuring consistency, regulatory compliance, security controls, cost management, and operational standards. Unfortunately, Azure Policy has its secrets; it has some limitations that are either not documented or the documentation is not so easy to find. With this blog post, I am not trying to bash on Azure Policy as I love the service and I think its architecture is very good, but due to the way some Azure APIs are written it can limit what Azure Policy can do.
Azure Front Door is a global, scalable service that acts as a content delivery network (CDN) and application load balancer to improve application performance and availability. The way you expose application on Azure FD is by creating origins. For each origin you have to add one or more origins. When configuring the origin you have the option to configure health probe. The health probe makes sure the origins are up. If an origin is not up it will traffic will not be sent to it. The results from the health probes is visible via OriginHealthPercentage metric. Now let’s have a closer look to metric OriginHealthPercentage as the results from it might be a little bit confusing, especially when you send the metric to Log Analytics workspace and viewed there.
Recently Azure has announced retirement of Azure Cache for Redis and Azure Cache for Redis Enterprise. This of course leads folks to look at Azure Managed Redis. Note that underneath Azure Cache for Redis and Azure Managed Redis use the same resource type but with different SKUs. Overall my general impression is that not many existing customers have moved from Azure Cache for Redis to Azure Cache for Redis Enterprise. The integration with Redis to other services and applications in most cases happen via providing connection string with credentials. It is well known how to list the credentials from Azure Cache for Redis with Bicep but may be it is not so known with how to do that with Azure Managed Redis due its different Azure architecture.
Azure APIM is essential feature in building AI applications. Being part of that it is important to protect your APIs and couple years ago Azure has provided such capability in Defender for Cloud called Defender for APIs. Previously I have demonstrated how to configure Defender for Cloud plans in Enable Defender for Cloud Auto provisioning agents via Bicep. For Defender for APIs plan it is the same resource type Microsoft.Security/pricings but the name of the resource is ‘Api’. Additionally, you will set pricingTier to Standard to enable it and subPlan to P1, P2, P3, P4 or P5. As this is the initial configuration only in this blog post we will look at what to do next.
Cloud Administrator in Azure World 