Microsoft Azure Architect Design (AZ-301) Practice Exam

To which Azure component should you direct the web apps to manage security and permissions for accessing web APIs?

• A. Azure AD
• B. Azure Resource Manager
• C. Azure API Management
• D. Azure Security Center

The correct answer is: Azure API Management

The correct choice for managing security and permissions for accessing web APIs in conjunction with web apps is Azure API Management. This service provides an effective way to create a secure gateway for your APIs. It acts as a façade for your backend services, allowing you to manage those APIs through policies that can enforce security measures such as authentication, authorization, and access control. Azure API Management allows you to integrate with Azure Active Directory and other authentication providers, thus enabling various security features like token validation and OAuth 2.0 support. It also facilitates the management of API keys, usage quotas, and rate limits, which are vital for protecting APIs from unauthorized access and abuse. While Azure Active Directory is crucial for identity and access management, Azure API Management specifically focuses on API lifecycle management, including access security. Azure Resource Manager is primarily concerned with deployment and management of resources in Azure, and Azure Security Center serves to enhance the security posture of your entire Azure environment rather than focusing solely on API management. Therefore, directing web apps to Azure API Management is the optimal approach for effectively handling security and permissions for web API access.