Skip to content

Commit bc44b95

Browse files
Stacyrch140Stacyrch140
authored
Merge pull request #300787 from dlepow/apimcrl
[APIM] CRL endpoint dependency for VNet injection (classic)
2 parents e734f03 + 2a196fd commit bc44b95

File tree

2 files changed

+3
-1
lines changed

2 files changed

+3
-1
lines changed

articles/api-management/virtual-network-reference.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ author: dlepow
66

77
ms.service: azure-api-management
88
ms.topic: reference
9-
ms.date: 04/17/2025
9+
ms.date: 06/17/2025
1010
ms.author: danlep
1111
ms.custom: references_regions
1212
---
@@ -42,6 +42,7 @@ When an API Management service instance is hosted in a VNet, the ports in the fo
4242
|-------|--------------|----------|---------|------------|-----------|-----|--------|-----|
4343
| Inbound | Internet | * | VirtualNetwork | [80], 443 | TCP | Allow | **Client communication to API Management** | External only |
4444
| Inbound | ApiManagement | * | VirtualNetwork | 3443 | TCP | Allow | **Management endpoint for Azure portal and PowerShell** | External & Internal |
45+
| Outbound | VirtualNetwork | * | Internet | 80 | TCP | Allow | **Validation and management of Microsoft-managed and customer-managed certificates** | External & Internal |
4546
| Outbound | VirtualNetwork | * | Storage | 443 | TCP | Allow | **Dependency on Azure Storage** | External & Internal |
4647
| Outbound | VirtualNetwork | * | AzureActiveDirectory | 443 | TCP | Allow | [Microsoft Entra ID, Microsoft Graph,](api-management-howto-aad.md) and Azure Key Vault dependency (optional) | External & Internal |
4748
| Outbound | VirtualNetwork | * | AzureConnectors | 443 | TCP | Allow | [managed connections](credentials-overview.md) dependency (optional) | External & Internal |

includes/api-management-recommended-nsg-rules.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ Configure custom network rules in the API Management subnet to filter traffic to
2323
| Inbound | ApiManagement | * | VirtualNetwork | 3443 | TCP | Allow | Management endpoint for Azure portal and PowerShell | External & Internal |
2424
| Inbound | AzureLoadBalancer | * | VirtualNetwork | 6390 | TCP | Allow | Azure Infrastructure Load Balancer | External & Internal |
2525
| Inbound | AzureTrafficManager | * | VirtualNetwork | 443 | TCP | Allow | Azure Traffic Manager routing for multi-region deployment | External only |
26+
| Outbound | VirtualNetwork | * | Internet | 80 | TCP | Allow | Validation and management of Microsoft-managed and customer-managed certificates | External & Internal |
2627
| Outbound | VirtualNetwork | * | Storage | 443 | TCP | Allow | Dependency on Azure Storage for core service functionality | External & Internal |
2728
| Outbound | VirtualNetwork| * | SQL | 1433 | TCP | Allow | Access to Azure SQL endpoints for core service functionality | External & Internal |
2829
| Outbound | VirtualNetwork | * | AzureKeyVault | 443 | TCP | Allow | Access to Azure Key Vault for core service functionality | External & Internal |

0 commit comments

Comments
 (0)