Azure Subscriptions and Services Supported by AppViewX

Azure Subscriptions

Azure subscriptions are logical containers for providing and managing tenant access to Azure resources and services.

AppViewX supports two Azure subscription types: single and multi. The difference between single and multiple subscriptions in Azure implementations lies in how resources are organized, managed, and accessed.

  • Single Subscription: Resources are hosted and managed in a single subscription.
  • Multi Subscription: Resources are divided across subscriptions, allowing for isolated management and granular access control to resources.

Azure Services

AppViewX supports the following Azure services:
  • Key Vault

    The Azure Key Vault is a key management solution from Microsoft that offers the following features:

    • Secrets Management: The key vault can be used for securely storing and managing access to tokens, passwords, API keys, and other secrets.

    • Key Management: The key vault simplifies the creation and management of encryption keys used for data encryption.

    • Certificate Management: Azure key vault simplifies the certificate lifecycle management of TLS/SSL certificates

  • Application Gateway

    The Azure Application Gateway is a web traffic load balancer that helps to optimize and secure web applications traffic. The application gateway operates at the application layer of the OSI model and makes routing decisions based on attributes of an HTTP request, for example the URI path or the host headers.

  • Virtual Machines
    Azure Virtual Machines (VMs) are scalable and flexible computing resources provided by Microsoft Azure. They enable users to run virtualized Windows or Linux servers in the cloud. Azure VMs allow you to quickly deploy and manage virtualized infrastructure to support various applications, workloads, and services.
    Important: Please note the following limitations for Azure virtual machines:
    • Currently, only the Linux-based VMs (and not Windows-based VMs) are discovered.
    • The discovered/onboarded VMs are listed in the server device inventory.

      You are required to manually update the VM credentials in the server inventory to proceed with certificate lifecycle management for the VM.

      To access the server inventory, Go to (Menu) > CERT+ > ADMINISTRATION > Device Management and open the Server tab.

  • App Service

    App Services is a fully managed platform for building, deploying, and scaling web apps, mobile app backends, and RESTful APIs.

    Note:
    • For all app services in an Azure subscription, AppViewX can discover and manage public and private certificates that have been referenced via a key vault; a single key vault can be used for all app services.
    • For app services certificates, can be pushed directly to app services or it can be pushed to key vault and referenced from app services. However, currently, there is no support for certificates directly onboarded to the app services.
  • Enterprise Application

    The Enterprise Application service in Azure is a key component of Azure Active Directory (Azure AD) used to manage access to applications in a secure and streamlined manner. It allows organizations to integrate both Microsoft and third-party applications with Azure AD for identity and access management.

    Its key features include:
    • Single Sign-On access to multiple applications
    • Secure application management by enabling access policy configuration, access control based on users and groups, and multi-factor authentication.
    • Role-based Access Control (RBAC)
    • Conditional access to applications, including MFA for sensitive applications
    • Monitoring and reporting for application usage, sign-in activities, security risks, and anomalies
    • Identity management by integration with Azure AD
  • API Management

    The API Management service helps create, manage, secure, and monitor APIs. It provides a centralized platform for API publishers to control their APIs, while enabling developers to consume them in a secure and efficient manner.

    Its key features include:
    • API Gateway that routes all incoming requests to the appropriate backend services
    • Developer Portal that can be customized to help developers discover and access APIs
    • API versioning with revision tracking
    • Authentication and authorization mechanisms for secure access control to APIs
    • Rate limiting and throttling to protect backend services from excessive or abusive traffic
    • Analytics and monitoring
    • Policy Engine to implement additional logic at the API Gateway
  • App Registration

    The App Registration service enbales identity and access management, API security, and integration capabilities. It is used for registering and configuring applications for interactions with Azure services.

    App Registration service is essential when you want to allow your application to authenticate users or access resources such as APIs in a secure way.

    Its key features include:
    • Application Identity Management
    • Authentication Support
    • Access permissions and scope definition for APIs
    • Multi-Tenant and Single-Tenant support
    • Enterprise Application Integration
    • Roles and Role-Based Access Control
    • Token Issuance and Validation for Authentication and Authorization
    • Auditing and Monitoring
    • Conditional Access and Multi-Factor Authentication
  • Front Door

    Azure Front Door is a modern, high-performance, and secure cloud Content Delivery Network (CDN) that serves as the global entry point for your applications. It optimizes traffic by routing users to the nearest edge location for faster, more reliable access, while built-in caching, acceleration, and a Web Application Firewall (WAF) provide enhanced performance and protection—making it ideal for global websites and SaaS applications.