Azure API Management Certificate

This page shows how to write Terraform and Azure Resource Manager for API Management Certificate and write them securely.

azurerm_api_management_certificate (Terraform)

The Certificate in API Management can be configured in Terraform with the resource name azurerm_api_management_certificate. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L1
resource "azurerm_api_management_certificate" "certificate" {
  count               = length(var.certificate)
  api_management_name = element(var.api_management_name, lookup(var.certificate[count.index], "api_management_id"))
  data                = filebase64sha256(lookup(var.certificate[count.index], "data"))
  name                = lookup(var.certificate[count.index], "name")
  resource_group_name = var.resource_group_name
resource.tf#L1
resource "azurerm_api_management_certificate" "api_certificate" {
  name                = var.res_api_cert_name
  api_management_name = var.res_apim_name
  resource_group_name = var.res_rg_name
  data                = filebase64(var.res_api_cert_file)
main.tf#L7
resource "azurerm_api_management_certificate" "this" {
  api_management_name = var.api_management_name
  data                = var.data
  name                = var.name
  password            = var.password
  resource_group_name = var.resource_group_name
main.tf#L7
resource "azurerm_api_management_certificate" "this" {
  api_management_name = var.api_management_name
  data                = var.data
  name                = var.name
  password            = var.password
  resource_group_name = var.resource_group_name
main.tf#L244
resource "azurerm_api_management_certificate" "this" {
  count               = var.key_vault_id != null ? length(var.certificate_names) : 0
  name                = var.certificate_names[count.index]
  api_management_name = azurerm_api_management.this.name
  resource_group_name = var.resource_group_name

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

Explanation in Terraform Registry

Manages an Certificate within an API Management Service.

Microsoft.ApiManagement/service/certificates (Azure Resource Manager)

The service/certificates in Microsoft.ApiManagement can be configured in Azure Resource Manager with the resource name Microsoft.ApiManagement/service/certificates. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

  • apiVersion required - string
  • name required - string

    Identifier of the certificate entity. Must be unique in the current API Management service instance.

  • properties required
      • data optional - string

        Base 64 encoded certificate using the application/x-pkcs12 representation.

      • keyVault optional
          • identityClientId optional - string

            SystemAssignedIdentity or UserAssignedIdentity Client Id which will be used to access key vault secret.

          • secretIdentifier optional - string

            Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi

      • password optional - string

        Password for the Certificate

  • type required - string

Frequently asked questions

What is Azure API Management Certificate?

Azure API Management Certificate is a resource for API Management of Microsoft Azure. Settings can be wrote in Terraform.

Where can I find the example code for the Azure API Management Certificate?

For Terraform, the mikamakusa/terraform, avishekansible/AzureLandingZone and kevinhead/azurerm source code examples are useful. See the Terraform Example section for further details.