Azure-Samples
diff --git a/‎samples/azure-maps/README.md‎
Lines changed: 33 additions & 0 deletions b/‎samples/azure-maps/README.md‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎samples/azure-maps/create.ipynb‎
Lines changed: 318 additions & 0 deletions b/‎samples/azure-maps/create.ipynb‎
Lines changed: 318 additions & 0 deletions
@@ -0,0 +1,33 @@
+# Samples: Api Management proxing calls to Azure Maps
+
+This is a sample demonstrating how to use Azure API Management (APIM) to proxy calls to the Azure Maps service. This setup allows you to manage, secure, and monitor access to Azure Maps through APIM.
+
+⚙️ **Supported infrastructures**: All infrastructures
+
+👟 **Expected *Run All* runtime (excl. infrastructure prerequisite): ~[NOTEBOOK RUNTIME] minute**
+
+## 🎯 Objectives
+
+1. Learn how to set up APIM to proxy requests to Azure Maps on a path to operation based mapping.
+1. Learn how to set up APIM to proxy requests to Azure Maps on a generic path.
+1. See how to secure access to Azure Maps using APIM policies for all 3 authentication methods (subscription key, Azure Entra AD, and SAS Tokens).
+1. Show how to connect to the v1 enpoint of Azure Maps using APIM.
+
+## 📝 Scenario
+
+This sample demonstrates how to use APIM to proxy requests to the Azure Maps service. By doing so, you can leverage APIM's capabilities to manage, secure, and monitor access to Azure Maps. This particular setup will show you how to map specific paths to Azure Maps APIs, as well as how to handle generic paths. Additionally, the sample will illustrate how to secure access to Azure Maps using different authentication methods supported by APIM policies.
+
+## 🛩️ Lab Components
+
+This lab sets up:
+
+- An Azure Maps resource in Azure
+- APIM managed identity with Storage Blob Data Reader permissions
+- An API that demonstrates proxying requests to Azure Maps specific to APIs (geocode, search, etc.)
+  - Also in that api there will be an operation that demonstrates a generic path to Azure Maps
+
+## ⚙️ Configuration
+
+1. Decide which of the [Infrastructure Architectures](../../README.md#infrastructure-architectures) you wish to use.
+    1. If the infrastructure _does not_ yet exist, navigate to the desired [infrastructure](../../infrastructure/) folder and follow its README.md.
+    1. If the infrastructure _does_ exist, adjust the `user-defined parameters` in the _Initialize notebook variables_ below. Please ensure that all parameters match your infrastructure.
@@ -0,0 +1,318 @@
+{
+ "cells": [
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "### 🛠️ 1. Initialize notebook variables\n",
+    "\n",
+    "Configures everything that's needed for deployment. \n",
+    "\n",
+    "[ADD ANY SPECIAL INSTRUCTIONS]\n",
+    "\n",
+    "**Modify entries under _1) User-defined parameters_ and _3) Define the APIs and their operations and policies_**."
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": 25,
+   "metadata": {},
+   "outputs": [
+    {
+     "name": "stdout",
+     "output_type": "stream",
+     "text": [
+      "👉🏽 \u001b[1;34mResource group name      : apim-infra-simple-apim-1\u001b[0m \n",
+      "\n",
+      "✅ \u001b[1;32mNotebook initialized\u001b[0m ⌚ 22:31:28.796962 \n"
+     ]
+    }
+   ],
+   "source": [
+    "import subprocess\n",
+    "import utils\n",
+    "from apimtypes import *\n",
+    "\n",
+    "# 1) User-defined parameters (change these as needed)\n",
+    "rg_location = 'eastus2'\n",
+    "index       = 1\n",
+    "deployment  = INFRASTRUCTURE.SIMPLE_APIM\n",
+    "tags        = ['azure-maps']       # ENTER DESCRIPTIVE TAG(S)\n",
+    "api_prefix  = 'am-'                            # OPTIONAL: ENTER A PREFIX FOR THE APIS TO REDUCE COLLISION POTENTIAL WITH OTHER SAMPLES\n",
+    "azure_maps_url = 'https://atlas.microsoft.com'  # OPTIONAL: ENTER THE AZURE MAPS URL IF DIFFERENT FROM DEFAULT\n",
+    "\n",
+    "# 2) Service-defined parameters (please do not change these)\n",
+    "rg_name = utils.get_infra_rg_name(deployment, index)\n",
+    "supported_infrastructures = [INFRASTRUCTURE.SIMPLE_APIM, INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.APIM_ACA]             # ENTER SUPPORTED INFRASTRUCTURES HERE, e.g., [INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.AFD_APIM_FE]\n",
+    "utils.validate_infrastructure(deployment, supported_infrastructures)\n",
+    "\n",
+    "# 3) Define the APIs and their operations and policies\n",
+    "\n",
+    "# Policies\n",
+    "# Named values must be set up a bit differently as they need to have two surrounding curly braces\n",
+    "map_async_geocode_batch_v1_keyauth_post_xml = utils.read_policy_xml('./map_async_geocode_batch_v1_keyauth_post.xml')\n",
+    "map_default_route_v2_aad_get_xml = utils.read_policy_xml('./map_default_route_v2_aad_get.xml')\n",
+    "map_geocode_v2_aad_get_xml = utils.read_policy_xml('./map_geocode_v2_aad_get.xml')\n",
+    "\n",
+    "# Map API \n",
+    "mapApi_v2_default_get = GET_APIOperation2('get-default-route','Get default route','/*','This is the default route that will allow all requests to go through to the backend api',map_default_route_v2_aad_get_xml)\n",
+    "mapApi_v1_async_post = APIOperation('async-geocode-batch','Async Geocode Batch','/geocode/batch/async',HTTP_VERB.POST, 'Post geocode batch async endpoint',map_async_geocode_batch_v1_keyauth_post_xml)\n",
+    "mapApi_v2_geocode_get = GET_APIOperation2('get-geocode','Get Geocode','/geocode','Get geocode endpoint',map_geocode_v2_aad_get_xml)\n",
+    "api1 = API('map-api', 'Map API', '/map', 'This is the proxy for Azure Maps', operations=[mapApi_v2_default_get, mapApi_v1_async_post,mapApi_v2_geocode_get], tags = tags, serviceUrl=azure_maps_url)\n",
+    "\n",
+    "# API n\n",
+    "# ...\n",
+    "\n",
+    "# APIs Array\n",
+    "# apis: List[API] = [api1, apin]\n",
+    "apis: List[API] = [api1]\n",
+    "\n",
+    "# 4) Set up the named values\n",
+    "nvs: List[NamedValue] = [\n",
+    "]\n",
+    "\n",
+    "utils.print_ok('Notebook initialized')"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "### 🚀 2. Create deployment using Bicep\n",
+    "\n",
+    "Creates the bicep deployment into the previously-specified resource group. A bicep parameters file will be created prior to execution."
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": 27,
+   "metadata": {},
+   "outputs": [
+    {
+     "name": "stdout",
+     "output_type": "stream",
+     "text": [
+      "⚙️ \u001b[1;34maz group show --name apim-infra-simple-apim-1\u001b[0m \n",
+      "⚙️ \u001b[1;34maz group show --name apim-infra-simple-apim-1\u001b[0m \n",
+      "📝 Updated the policy XML in the bicep parameters file 'params.json'\n",
+      "⚙️ \u001b[1;34maz deployment group create --name simple-apim --resource-group apim-infra-simple-apim-1 --template-file main.bicep --parameters params.json --query \"properties.outputs\"\u001b[0m \n",
+      "👉🏽 \u001b[1;34mAPIM API Gateway URL     : https://apim-w6pw4mtuew6ga.azure-api.net\u001b[0m \n",
+      "\n",
+      "✅ \u001b[1;32mDeployment completed\u001b[0m ⌚ 22:44:24.722798 \n"
+     ]
+    }
+   ],
+   "source": [
+    "import utils\n",
+    "\n",
+    "# 1) Define the Bicep parameters with serialized APIs\n",
+    "bicep_parameters = {\n",
+    "    'apis': {'value': [api.to_dict() for api in apis]},\n",
+    "    'namedValues': {'value': [nv.to_dict() for nv in nvs]}\n",
+    "}\n",
+    "\n",
+    "# 2) Infrastructure must be in place before samples can be layered on top\n",
+    "if not utils.does_resource_group_exist(rg_name):\n",
+    "    utils.print_error(f'The specified infrastructure resource group and its resources must exist first. Please check that the user-defined parameters above are correctly referencing an existing infrastructure. If it does not yet exist, run the desired infrastructure in the /infra/ folder first.')\n",
+    "    raise SystemExit(1)\n",
+    "\n",
+    "# 3) Run the deployment\n",
+    "output = utils.create_bicep_deployment_group(rg_name, rg_location, deployment, bicep_parameters)\n",
+    "\n",
+    "# 4) Print a deployment summary, if successful; otherwise, exit with an error\n",
+    "if not output.success:\n",
+    "    raise SystemExit('Deployment failed')\n",
+    "\n",
+    "if output.success and output.json_data:\n",
+    "    apim_gateway_url = output.get('apimResourceGatewayURL', 'APIM API Gateway URL')\n",
+    "\n",
+    "utils.print_ok('Deployment completed')"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "### ✅ 3. Verify API Request Success\n",
+    "\n",
+    "Assert that the deployment was successful by making simple calls to APIM. \n",
+    "\n",
+    "❗️ If the infrastructure shields APIM and requires a different ingress (e.g. Azure Front Door), the request to the APIM gateway URl will fail by design. Obtain the Front Door endpoint hostname and try that instead."
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": 28,
+   "metadata": {},
+   "outputs": [
+    {
+     "name": "stdout",
+     "output_type": "stream",
+     "text": [
+      "\n",
+      "ℹ️ \u001b[1;32mCalling Hello World (Root) API\u001b[0m ⌚ 22:50:43.490816 \n",
+      "👉🏽 \u001b[1;34mGET https://apim-w6pw4mtuew6ga.azure-api.net/\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse status          : \u001b[1;32m200 - OK\u001b[0m\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse headers         :\n",
+      "{'Content-Length': '32', 'Date': 'Thu, 12 Jun 2025 03:50:44 GMT', 'Request-Context': 'appId=cid-v1:788e87f2-9135-4c09-896d-02870631a447'}\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse body            :\n",
+      "Hello World from API Management!\u001b[0m \n",
+      "\n",
+      "ℹ️ \u001b[1;32mCalling Default Route with AAD Auth API\u001b[0m ⌚ 22:50:44.075994 \n",
+      "👉🏽 \u001b[1;34mGET https://apim-w6pw4mtuew6ga.azure-api.net/map/default/geocode?query=15127%20NE%2024th%20Street%20Redmond%20WA/\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse status          : \u001b[1;32m200 - OK\u001b[0m\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse headers         :\n",
+      "{'Content-Type': 'application/json; charset=utf-8', 'Date': 'Thu, 12 Jun 2025 03:50:46 GMT', 'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Vary': 'Accept-Encoding', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains', 'x-ms-azuremaps-region': 'East US', 'X-Content-Type-Options': 'nosniff', 'X-Cache': 'CONFIG_NOCACHE', 'X-MSEdge-Ref': 'Ref A: 3E47F785F9DE487E9C530EC0D2124173 Ref B: BL2AA2030110019 Ref C: 2025-06-12T03:50:46Z', 'Request-Context': 'appId=cid-v1:788e87f2-9135-4c09-896d-02870631a447'}\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse body            :\n",
+      "{\n",
+      "    \"type\": \"FeatureCollection\",\n",
+      "    \"features\": [\n",
+      "        {\n",
+      "            \"type\": \"Feature\",\n",
+      "            \"geometry\": {\n",
+      "                \"type\": \"Point\",\n",
+      "                \"coordinates\": [\n",
+      "                    -122.138669,\n",
+      "                    47.630359\n",
+      "                ]\n",
+      "            },\n",
+      "            \"bbox\": [\n",
+      "                -122.14631082421619,\n",
+      "                47.62649628242932,\n",
+      "                -122.1310271757838,\n",
+      "                47.634221717570675\n",
+      "            ],\n",
+      "            \"properties\": {\n",
+      "                \"type\": \"Address\",\n",
+      "                \"confidence\": \"High\",\n",
+      "                \"matchCodes\": [\n",
+      "                    \"Good\"\n",
+      "                ],\n",
+      "                \"geocodePoints\": [\n",
+      "                    {\n",
+      "                        \"calculationMethod\": \"Rooftop\",\n",
+      "                        \"usageTypes\": [\n",
+      "                            \"Display\"\n",
+      "                        ],\n",
+      "                        \"geometry\": {\n",
+      "                            \"type\": \"Point\",\n",
+      "                            \"coordinates\": [\n",
+      "                                -122.138669,\n",
+      "                                47.630359\n",
+      "                            ]\n",
+      "                        }\n",
+      "                    },\n",
+      "                    {\n",
+      "                        \"calculationMethod\": \"Rooftop\",\n",
+      "                        \"usageTypes\": [\n",
+      "                            \"Route\"\n",
+      "                        ],\n",
+      "                        \"geometry\": {\n",
+      "                            \"type\": \"Point\",\n",
+      "                            \"coordinates\": [\n",
+      "                                -122.1386667,\n",
+      "                                47.630218\n",
+      "                            ]\n",
+      "                        }\n",
+      "                    }\n",
+      "                ],\n",
+      "                \"address\": {\n",
+      "                    \"addressLine\": \"15127 NE 24th St\",\n",
+      "                    \"streetName\": \"NE 24th St\",\n",
+      "                    \"streetNumber\": \"15127\",\n",
+      "                    \"postalCode\": \"98052\",\n",
+      "                    \"locality\": \"Redmond\",\n",
+      "                    \"formattedAddress\": \"15127 NE 24th St, Redmond, WA 98052\",\n",
+      "                    \"countryRegion\": {\n",
+      "                        \"name\": \"United States\",\n",
+      "                        \"ISO\": \"US\"\n",
+      "                    },\n",
+      "                    \"adminDistricts\": [\n",
+      "                        {\n",
+      "                            \"shortName\": \"WA\"\n",
+      "                        },\n",
+      "                        {\n",
+      "                            \"shortName\": \"King County\"\n",
+      "                        }\n",
+      "                    ]\n",
+      "                }\n",
+      "            }\n",
+      "        }\n",
+      "    ]\n",
+      "}\u001b[0m \n",
+      "\n",
+      "ℹ️ \u001b[1;32mCalling Hello World (ACA Backend 2) API\u001b[0m ⌚ 22:50:47.215265 \n",
+      "👉🏽 \u001b[1;34mGET https://apim-w6pw4mtuew6ga.azure-api.net/aca-2/\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse status          : \u001b[1;31m404 - Resource Not Found\u001b[0m\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse headers         :\n",
+      "{'Content-Length': '54', 'Content-Type': 'application/json', 'Date': 'Thu, 12 Jun 2025 03:50:47 GMT', 'Request-Context': 'appId=cid-v1:788e87f2-9135-4c09-896d-02870631a447'}\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse body            :\n",
+      "{ \"statusCode\": 404, \"message\": \"Resource not found\" }\u001b[0m \n",
+      "\n",
+      "ℹ️ \u001b[1;32mCalling Hello World (ACA Backend Pool) API\u001b[0m ⌚ 22:50:47.865951 \n",
+      "👉🏽 \u001b[1;34mGET https://apim-w6pw4mtuew6ga.azure-api.net/aca-pool/\u001b[0m \n",
+      "👉🏽 \u001b[1;34m▶️ Run 1/3:\u001b[0m \n",
+      "👉🏽 \u001b[1;34m⌚ 0.39 seconds\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse status          : \u001b[1;31m404 - Resource Not Found\u001b[0m\u001b[0m \n",
+      "👉🏽 \u001b[1;34m▶️ Run 2/3:\u001b[0m \n",
+      "👉🏽 \u001b[1;34m⌚ 0.07 seconds\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse status          : \u001b[1;31m404 - Resource Not Found\u001b[0m\u001b[0m \n",
+      "👉🏽 \u001b[1;34m▶️ Run 3/3:\u001b[0m \n",
+      "👉🏽 \u001b[1;34m⌚ 0.07 seconds\u001b[0m \n",
+      "👉🏽 \u001b[1;34mResponse status          : \u001b[1;31m404 - Resource Not Found\u001b[0m\u001b[0m \n",
+      "\n",
+      "✅ \u001b[1;32mAll done!\u001b[0m ⌚ 22:50:48.559041 \n"
+     ]
+    }
+   ],
+   "source": [
+    "import utils\n",
+    "from apimrequests import ApimRequests\n",
+    "\n",
+    "# [ADD RELEVANT TESTS HERE]\n",
+    "\n",
+    "# 1) Issue a direct request to API Management\n",
+    "# reqsApim = ApimRequests(apim_gateway_url)\n",
+    "# reqsApim.singleGet('/request-headers', msg = 'Calling Request Headers API via API Management Gateway URL. Response codes 200 and 403 are both valid depending on the infrastructure used.')\n",
+    "\n",
+    "# # 2) Issue requests against Front Door.\n",
+    "# # Check if the infrastructure architecture deployment uses Azure Front Door.\n",
+    "# utils.print_message('Checking if the infrastructure architecture deployment uses Azure Front Door.', blank_above = True)\n",
+    "# afd_endpoint_url = utils.get_frontdoor_url(deployment, rg_name)\n",
+    "\n",
+    "# if afd_endpoint_url:\n",
+    "#     reqsAfd = ApimRequests(afd_endpoint_url)\n",
+    "#     reqsAfd.singleGet('/request-headers', msg = 'Calling Request Headers API via via Azure Front Door. Expect 200.')\n",
+    "\n",
+    "reqs = ApimRequests(apim_gateway_url)\n",
+    "\n",
+    "reqs.singleGet('/', msg = 'Calling Hello World (Root) API')\n",
+    "reqs.singleGet('/map/default/geocode?query=15127%20NE%2024th%20Street%20Redmond%20WA/', msg = 'Calling Default Route with AAD Auth API')\n",
+    "reqs.singleGet('/aca-2/', msg = 'Calling Hello World (ACA Backend 2) API')\n",
+    "reqs.multiGet('/aca-pool/', 3, msg = 'Calling Hello World (ACA Backend Pool) API')\n",
+    "utils.print_ok('All done!')"
+   ]
+  }
+ ],
+ "metadata": {
+  "kernelspec": {
+   "display_name": ".venv",
+   "language": "python",
+   "name": "python3"
+  },
+  "language_info": {
+   "codemirror_mode": {
+    "name": "ipython",
+    "version": 3
+   },
+   "file_extension": ".py",
+   "mimetype": "text/x-python",
+   "name": "python",
+   "nbconvert_exporter": "python",
+   "pygments_lexer": "ipython3",
+   "version": "3.12.11"
+  }
+ },
+ "nbformat": 4,
+ "nbformat_minor": 2
+}