Exam AZ-301 topic 2 question 8 discussion

Correct Ans: 1 (Since there is only one API, we just need to add that one API) 2 (Two products need to be published, one for the internal applications and one for the partner applications) 2 (You need two policy elements. One to convert the data to JSON and another to strip the header information.)

1) 1 2) 1 3) 2

112. we can use flow policy to check if request is internal or external . please correct me if I am wrong .

given answer is correct 1 API,1 Product to publish and 2 policy elements to add. No of API to be publis is for sure 1 as rest of the cross cutting concerns can be handled by API gateway and policies. Products are how APIs are surfaced to developers. Products in API Management have one or more APIs, and are configured with a title, description, and terms of use. Products can be Open or Protected. Protected products must be subscribed to before they can be used, while open products can be used without a subscription. When a product is ready for use by developers, it can be published. so You can have one product that is published for the Internal development team. Policy 1 :-You can have one policy element to ensure that XML data is transformed to JSON for the Internal users when it is published to Azure Policy 2:- you can have one policy element to set the header of the response, so that it is sent as per the requirement to external consultant https://docs.microsoft.com/en-us/azure/api-management/api-management-policies

Answer should be 1,2,2. Need 1 API, published via 2 products (1 for internal consumption and other for partner) and 2 policies (outbound) scoped at the respective product levels.

1. 2. 2.

1, 2, 2 correct answer

From MS website: "Policies can be configured globally or at the scope of a Product, API, or Operation." You need two policies but they must not be applied both to internal and external users. By creating 2 products you can assign each policy to one product.

1, 2, 2. Need to products since partner and internal rquire different policies. https://docs.microsoft.com/en-us/azure/api-management/set-edit-policies#configure-scope

Correct Ans: 1 (Since there is only one API, we just need to add that one API) 2 (Two products need to be published, one for the internal applications and one for the partner applications) 2 (You need two policy elements. One to convert the data to JSON and another to strip the header information.)

answer is correct

Requirements: - Internal apps must receive data in JSON - Partner apps must have header information stripped Number of APIs to add: > 1 Min. number of products to publish: > 2 (one for internal users, one for partners) Min. number of policies elements to add: > 2 - One for header stripping, one for transformation. Needs to be configured on the individual product (not the API itself!). APIM support conditional policies but couldn't find a way to make use of it in this scenario, so we my life with one product only. Conclusion: > 1, 2, 2 tested and verified in Lab Link: https://docs.microsoft.com/en-us/azure/api-management/api-management-transformation-policies#ConvertXMLtoJSON https://www.ithero.nl/post/2018/03/31/Using-policies-in-API-Management-to-remove-response-headers-from-the-backend-Web-API-that-leak-information.aspx

The correct answer is 1,1,2 but the correct solution would be 1,2,2. The problem is that nothing in the 2 requirements tells you that you are going to need 2 different products, a product being "a product contains one or more APIs as well as a usage quota and the terms of use. Once a product is published, developers can subscribe to the product and begin to use the product's APIs". It is our common sens that tells you that we are going to need it. In a real life situation, you would raise a flag and say are you sure you don't want to dissociate, or in the case you are the Architect you would introduce the non functional requirement. But the correct response will most certainly be the response that bases on the stated requirements.

There are a lot of commenters here saying 2) 2. But not providing any guidence or link to documentation stating it is so. Why can't we use a single product and simply treat the internal applications as another consumer of the product?

1 2 2 Check Shivens explanation for more info

Correct Ans: 1 (there is only one API, we just need to add that one API) 1(Association of one or more APIs. Each API Management instance comes with two sample products: Starter and Unlimited. You publish an API by associating the API with a product, Unlimited in this example. You can include several APIs in a product and offer them to developers through the developer portal- https://docs.microsoft.com/en-us/azure/api-management/import-and-publish ) 2 (You need two policy elements. One to convert the data to JSON and another to strip the header information- https://docs.microsoft.com/en-us/azure/api-management/api-management-policies )

1) 1 2) 2 (One for Internal and One for Partner) 3) 2