Share via

Remediation steps for API Management minimum API version should be set to 2019-12-01 or higher

MartinSt 0 Reputation points
2024-10-14T09:00:51.8333333+00:00

We get an advisory recommendation on our Azure API Management on stv2.1, but the remediation steps make no sense for this issue "API Management minimum API version should be set to 2019-12-01 or higher"

Manual remediation: To set the minimum API version of your API Management instance:

  1. In the Azure portal, find your API Management Resource
  2. Navigate to the Management API blade
  3. Select Management API settings
  4. Under Prevent users with read-only permissions from accessing service secrets, select 'Yes'
  5. Select 'Save.'

Shouldn't 4. say something like (note Microsoft can't spell minimum either):

  1. Under "Enforce minumum API version", select 'Yes' and specify '2019-12-01' or later as the Minimum API version
Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,282 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. LeelaRajeshSayana-MSFT 17,101 Reputation points
    2024-10-14T17:20:35.41+00:00

    Hi @MartinSt Greetings! Welcome to Microsoft Q&A forum. Thank you for posting this question here.

    Let me share some pretext on the above recommendation. All API versions prior to 2021-08-01 had been retired effective June 1, 2024. You should have received a communication about this retirement and asking you to update to the latest recommended versions. Please refer the documentation API version retirements (June 2024) for more information on the recommendations, impact and next steps for update.

    Since the version 2019-12-01 is older than 2021-08-01 and is retired, you would not be able to use it to Enforce minimum API version. You can, however, use the same step and set the minimum version to 2021-08-01 from portal.

    The underlying cause for this recommendation is an issue identified with 2019-12-01 version where users with read-only permissions are able to view the service secrets. Since the minimum version cannot be set this, the alternate recommendation is to deny the secret access to the read-only users.

    Hope this answers your question.

    If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.