Ensure API management services use virtual networks

Error: API management services do not use virtual networks

Bridgecrew Policy ID: BC_AZR_NETWORKING_31
Checkov Check ID: CKV_AZURE_107
Severity: LOW

API management services do not use virtual networks


A virtual network is a logical network in Azure that is isolated from other networks. When you configure your API management service to use a virtual network, you can control the inbound and outbound network traffic to and from your service using network security groups (NSGs) and service endpoints. This can help to improve the security of your service and protect it from unauthorized access or attacks.

Fix - Buildtime


  • Resource: azurerm_api_management
  • Argument: virtual_network_configuration
resource "azurerm_api_management" "example" {
 +                virtual_network_configuration {
                    subnet_id = azure_subnet.subnet_not_public_ip.id