Current deny policy implementation in APIM was based on the following parameters.
IP address
IP range
Application
API context
User
However, based on the role of deny policies in the context of API management, the deny policies for IP range, IP address and API were removed from the feature. IP filtering is more suited to be done from a WAF level, and instead of using a deny policy to block all calls to an API, the API can be undeployed instead.
Therefore the deny policy support for APK will focus on deny policies for
Meeting Notes (11/10/2023)
Current deny policy implementation in APIM was based on the following parameters.
However, based on the role of deny policies in the context of API management, the deny policies for IP range, IP address and API were removed from the feature. IP filtering is more suited to be done from a WAF level, and instead of using a deny policy to block all calls to an API, the API can be undeployed instead.
Therefore the deny policy support for APK will focus on deny policies for