我根据以下手册开发了PowerShell脚本,该手册将API集成到内部VNET中与Application Gateway https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-integrate-internal-vnet-appgateway,并在此基础上集成了API管理>
##log in to the Azure account Connect-AzAccount ##Create Resource group New-AzResourceGroup -Name Network -Location westeurope New-AzResourceGroup -Name Security -Location westeurope New-AzResourceGroup -Name Application -Location westeurope ##Create DDOS protection plan $ddosProtectionPlan = New-AzDdosProtectionPlan -ResourceGroupName Security -Name DdosProtectionPlanName -Location "westeurope" ##create the subnet $appgatewaysubnet = New-AzVirtualNetworkSubnetConfig -Name "apim01" -AddressPrefix "10.0.0.0/24" $apimsubnet = New-AzVirtualNetworkSubnetConfig -Name "apim02" -AddressPrefix "10.0.1.0/24" ##create the VNet $vnet = New-AzVirtualNetwork -Name "appgwvnet" -ResourceGroupName Network -Location westeurope -AddressPrefix "10.0.0.0/16" -Subnet $appgatewaysubnet,$apimsubnet -DdosProtectionPlanId $ddosProtectionPlan.Id ##Assign a subnet variable $appgatewaysubnetdata = $vnet.Subnets[0] $apimsubnetdata = $vnet.Subnets[1] ##Create an API Management Virtual Network object using the subnet $apimsubnetdata $apimVirtualNetwork = New-AzApiManagementVirtualNetwork -SubnetResourceId $apimsubnetdata.Id ##Create an API Management service inside the Virtual Network $apimServiceName = "starAPImanagment123" # API Management service instance name $apimOrganization = "star" # organization name $apimAdminEmail = "[email protected]" # administrator's email address $apimService = New-AzApiManagement -ResourceGroupName Application -Location westeurope -Name $apimServiceName -Organization $apimOrganization -AdminEmail $apimAdminEmail -VirtualNetwork $apimVirtualNetwork -VpnType "Internal" -Sku "Developer" ##Test $gatewayHostname = "api.star.net" # API gateway host $portalHostname = "portal.star.net" # API developer portal host $proxyHostnameConfig = New-AzApiManagementCustomHostnameConfiguration -Hostname $gatewayHostname -HostnameType Proxy $portalHostnameConfig = New-AzApiManagementCustomHostnameConfiguration -Hostname $portalHostname -HostnameType DeveloperPortal $apimService.ProxyCustomHostnameConfiguration = $proxyHostnameConfig $apimService.PortalCustomHostnameConfiguration = $portalHostnameConfig Set-AzApiManagement -InputObject $apimService ##Create a public IP $publicip = New-AzPublicIpAddress -ResourceGroupName Network -name "publicIP01" -location westeurope -AllocationMethod Dynamic ##Create an application gateway IP configuration in the back-end IP pool $gipconfig = New-AzApplicationGatewayIPConfiguration -Name "gatewayIP01" -Subnet $appgatewaysubnetdata ##Configure the front-end IP port for the public IP endpoint $fp01 = New-AzApplicationGatewayFrontendPort -Name "port01" -Port 443 $fipconfig01 = New-AzApplicationGatewayFrontendIPConfig -Name "frontend1" -PublicIPAddress $publicip ##Test2 $listener = New-AzApplicationGatewayHttpListener -Name "listener01" -Protocol "Https" -FrontendIPConfiguration $fipconfig01 -FrontendPort $fp01 -HostName $gatewayHostname -RequireServerNameIndication true $portalListener = New-AzApplicationGatewayHttpListener -Name "listener02" -Protocol "Https" -FrontendIPConfiguration $fipconfig01 -FrontendPort $fp01 -HostName $portalHostname -RequireServerNameIndication true $apimprobe = New-AzApplicationGatewayProbeConfig -Name "apimproxyprobe" -Protocol "Https" -HostName $gatewayHostname -Path "/status-0123456789abcdef" -Interval 30 -Timeout 120 -UnhealthyThreshold 8 $apimPortalProbe = New-AzApplicationGatewayProbeConfig -Name "apimportalprobe" -Protocol "Https" -HostName $portalHostname -Path "/signin" -Interval 60 -Timeout 300 -UnhealthyThreshold 8 $apimPoolSetting = New-AzApplicationGatewayBackendHttpSettings -Name "apimPoolSetting" -Port 443 -Protocol "Https" -CookieBasedAffinity "Disabled" -Probe $apimprobe -RequestTimeout 180 $apimPoolPortalSetting = New-AzApplicationGatewayBackendHttpSettings -Name "apimPoolPortalSetting" -Port 443 -Protocol "Https" -CookieBasedAffinity "Disabled" -Probe $apimPortalProbe -RequestTimeout 180 ##Configure a back-end IP address pool $apimProxyBackendPool = New-AzApplicationGatewayBackendAddressPool -Name "apimbackend" -BackendIPAddresses $apimService.PrivateIPAddresses[0] ##Create rules for the Application Gateway $rule01 = New-AzApplicationGatewayRequestRoutingRule -Name "rule1" -RuleType Basic -HttpListener $listener -BackendAddressPool $apimProxyBackendPool -BackendHttpSettings $apimPoolSetting $rule02 = New-AzApplicationGatewayRequestRoutingRule -Name "rule2" -RuleType Basic -HttpListener $portalListener -BackendAddressPool $apimProxyBackendPool -BackendHttpSettings $apimPoolPortalSetting ##Configure the number of instances and size for the Application Gateway $sku = New-AzApplicationGatewaySku -Name "WAF_Medium" -Tier "WAF" -Capacity 2 ##Configure WAF to be in "Prevention" mode $config = New-AzApplicationGatewayWebApplicationFirewallConfiguration -Enabled $true -FirewallMode "Prevention" ##Create an Application Gateway $appgwName = "apim-app-gw" $appgw = New-AzApplicationGateway -Name $appgwName -ResourceGroupName Network -Location westeurope -BackendAddressPools $apimProxyBackendPool -BackendHttpSettingsCollection $apimPoolSetting, $apimPoolPortalSetting -FrontendIpConfigurations $fipconfig01 -GatewayIpConfigurations $gipconfig -FrontendPorts $fp01 -Sku $sku -WebApplicationFirewallConfig $config -Probes $apimprobe, $apimPortalProbe Get-AzPublicIpAddress -ResourceGroupNam`e Network -Name "publicIP01"`但是我收到一条我听不懂的消息命令管道1上的cmdlet New-AzApplicationGateway提供以下参数的值:(键入!?以获取帮助。)HttpListeners [0]:RwquestRoutingRules [0]:
注意:我没有在脚本中添加任何证明。
请指教
我基于以下手册开发了PowerShell脚本,该手册将API集成在内部VNET中与Application Gateway https://docs.microsoft.com/zh-cn/azure/api-management/api-management -...
您还需要在New-AzApplicationGateway命令中指定侦听器: