I have a virtual network (vnet) configured, it has subnets defined for private endpoints, web apps, databases and vpn point to site etc...
The point is simple, I dont want any of my services accessible via the internet.
I am trying to configure an azure api management service (APIM) in order to be the gateway to access all my api's in the vnet.
Is there a method of setting this up? as it would seem the only way to do this is via adding the APIM to the VNET which only works with with a premium AMS service and that's way out of my price range?
I dont think the APIM private inbound endpoint works the way I want them to
Cheers
Yes, you can integrate APIM into a VNet to connect to private backends. But yes, that requires Premium tier.
See here https://learn.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet?tabs=stv2
The alternative would be to lock down all your backend services using network filtering to only allow traffic originating from your APIM, even if they still have public endpoints.