API Management (Consumption tier)
An API Management gateway tuned for the serverless Consumption tier — scale-to-zero, billed per call — with a system-assigned managed identity, TLS hardening, and HTTP/2 enabled.
Verification
Live-testedReally deployed, verified, idempotent and destroyed in a cloud sandbox.
Conformance
- Static validation (fmt · validate · tflint)
- Security scan (Checkov)
- Plan tests (mocked: validation rules · outputs)
Provenance
- SHA-256 checksum
- Signature (pending)
Functional
- Live-tested — applied, verified, destroyed
Last verified 2026-06-30 · how we verify
Documentation
azure-api-management
Azure API Management gateway tuned for the serverless Consumption tier —
scale-to-zero, billed per call, provisions in minutes (not the 30-45+ minutes a
Developer/Standard instance takes). Secure by default: a system-assigned managed
identity (no static credentials), TLS hardening that disables SSL 3.0 / TLS 1.0 /
TLS 1.1 / 3DES, and HTTP/2 enabled — the hardening is applied on tiers that
expose those settings and auto-skipped on Consumption, whose managed gateway
already enforces TLS 1.2+. Consumes an existing resource group; optional VNet
integration for the tiers that support it. Works with Terraform and OpenTofu
(>= 1.6), azurerm provider >= 4.0, < 5.0.
Requirements
| Requirement | Version |
|---|---|
| Terraform / OpenTofu | >= 1.6 |
hashicorp/azurerm | >= 4.0, < 5.0 |
Verification
Static-validated (fmt, validate, tflint). Live apply/destroy testing pending cloud sandbox availability — see catalog status.
License
Commercial — IaC Bazaar EULA. © IaC Bazaar. Original work (not derived from a third-party module).
Usage code & full reference unlock after purchase
The complete copy-paste usage, the full input/output reference, and operational notes ship with your licence — shown here and bundled in the download.
- Usage
- Inputs
- Outputs
- Security notes