Azure Policy built-in policy definitions for Azure API Management

This page is an index of Azure Policy built-in policy definitions for Azure API Management. For additional Azure Policy built-ins for other services, see Azure Policy built-in definitions. If you're looking for policies you can use to modify API behavior in API Management, see API Management policy reference.

The name of each built-in policy definition links to the policy definition in the Azure portal. Use the link in the Version column to view the source on the Azure Policy GitHub repo.

Azure API Management

Name
(Azure portal)
Description Effect(s) Version
(GitHub)
API Management services should use a virtual network Azure Virtual Network deployment provides enhanced security, isolation and allows you to place your API Management service in a non-internet routable network that you control access to. These networks can then be connected to your on-premises networks using various VPN technologies, which enables access to your backend services within the network and/or on-premises. The developer portal and API gateway, can be configured to be accessible either from the Internet or only within the virtual network. Audit, Disabled 1.0.1

Next steps