Picture

Global Shared APIM facilitates the exposing of APIs by different BUs in the organization in a secure and isolated way. The architecture was planned in such a way that it allows all the essential APIM tasks to be completed through DevOps custom tasks and onboarded BUs cannot access each other’s APIs too. All this is possible in a highly cost-effective way as shown in the Billing page (Link to Billing Page

Picture

API Management is a solution proposal of a shared service. GIS has built a service to onboard clients in a dedicated Azure DevOps project. On their side clients will manage their products and APIs. 

As shown in the figure above, BU Mgr Extension (Custom Azure DevOps task) will be used to perform tasks such as  

  • Create a product 

  • API Onboarding 

  • Create/Update users and groups 

  • Create/Update subscription 

  • Create/Update a product policy 

  • Create/Update a product tag 

  • Update a product 

Similarly, BU Dev Extension will be used to perform tasks such as

  • Onboard APIs with the help of OpenAPI specification file

  • Add policies for various APIs 

Core Extension’s use is reserved for Global Shared APIM team to manage the overall platform. All the platform and API logs are sent to Log Analytics Workspace to effectively troubleshoot the issues (if or when they occur) 

To effectively use the Global Shared APIM platform, Azure DevOps technical knowledge about releases definitions, variables, task groups and other required features should be learned. 

Global Shared APIM context: tags and naming convention 

When deploying products in Global Shared APIM, naming convention and tags must be respected to deploy any product. 

Feature constraints: 

Sodexo shared product approach brings some additional constraints: 

  • Named values can't be used. It's reserved for platform internal use only. Developers should use Azure Keyvault alternative within API policy as an alternative. 

  • Azure Portal is also not accessible. 

Limits

  • API Management solution must be consumed only with this Azure DevOps extension. We are closely working with Microsoft on features enhancements. 

  • No action with Azure REST API or PowerShell is allowed.