In MS Azure, I set up an API Management Service - let's call it "MyAPIMS". Within that, I added a web app as an API - let's call that "MyWebAPI". Within this API, I added a "set-header" policy within the Inbound processing section. So now if I go into that API's Inbound processing policy xml, it looks like this:
<inbound>
<base />
<set-backend-service id="apim-generated-policy" backend-id="Web-App" />
<set-header name="Referred-From" exists-action="append">
<value>Me</value>
</set-header>
</inbound>
I need to figure out how to add this policy via powershell script. So I decided I'd try just directly using powershell commands to get this policy that I manually set up and see the result. First, I get the context:
$apimContext = New-AzApiManagementContext -ResourceGroupName "MyGroup" -ServiceName "myAPIMS"
If I output "$apimContext", it displays the resource group name and service name just fine. So then I get the API:
$MyApi = Get-AzApiManagementApi -Context $apimContext -Name "MyWebAPI"
With that, if I output "$MyApi.Id", it displays the ID of MyWebAPI as:
/subscriptions/[mysub]/resourceGroups/[mygroup]/providers/Microsoft.ApiManagement/service/MyAPIMS/apis/MyWebAPI
But then, if I try getting the API's policy, it does nothing. Here's what I tried:
Get-AzApiManagementPolicy -Context $apimContext -ApiId $MyApi.Id -SaveAs "C:\Source\MyApiPolicy.xml"
No new file shows up in that location. If I don't specify -SaveAs, it does not display any output in the terminal.
It works if I do not specify the -ApiId (as in, I can save the tenant-scope policy just fine). So I don't understand what is it about getting the policy for the specific API that it doesn't like.
The issue is that you're passing $MyApi.Id to Get-AzApiManagementPolicy. You should be passing $MyApi.ApiId which will translate to the name of your API.
The Id property is the ARM resource id, whereas the cmdlet is expecting the API name.