I wish to change the name of the Azure APIM Self hosted gateway, however I am unable to so from the Azure portal nor do I get anu option to update the Name. I wish to know if there is any way that we can update it using Azure Powershell or CLI.
Feel free to ask me for more info.
Thank you.
I tried to change the Name from the Az Portal but I do not see any such option to modify the nane there.
I updated the Name of Self hosted gateway in the ARM template and deployed it but that didnt work. It just added a new SHG with the updated name and kept the old one (the one I want to modify) as it is.
There is no way to change/rename the APIM self-hosted gateway name once it is created. You need to create a new gateway with new name and delete the old one.
Related
I've tried following this:
https://www.youtube.com/watch?v=C6V_mBo-gnE
But the setup has changed, because you need some more properties now:
see more here: https://www.poppastring.com/blog/azure-lets-encrypt-dashboardconnectionstring-field-is-required
The property names does not fit the names in Azure either, so more confusion for me.
Is it possible to just do this from the certify client? I managed to do this for Godaddy, but the DNS Update Method "Azure DNS API" is also confusing..
Sorry I can only find old guides for this..
Both of these should be set to your Azure Storage Account connection string, e.g. DefaultEndpointsProtocol=https;AccountName=[myaccount];AccountKey=[mykey];
Please see Scott's post here for complete instructions on using the Let's encrypt extension with Azure Web Apps.:
https://www.hanselman.com/blog/securing-an-azure-app-service-website-under-ssl-in-minutes-with-lets-encrypt
I have an Azure webapp and normally if I want to block an IP address, I go to Azure dashboard panel and under networking>Configure Access Restrictions, I add a rule to do so. This picture shows which menu item I mean:
However, I would like to do this programmatically. I see that the documentation shows how you can do this through Powershell.
I have also managed to find the API documentation for WebApp. But I can't find the last piece of the puzzle which is the API that does what I need.
Can someone please tell me if it is possible and which API I should use? Thank you in advance.
According to the doc: Use an Azure REST API PUT operation on the app configuration in Azure Resource Manager. The location for this information in Azure Resource Manager is:
management.azure.com/subscriptions/subscription ID/resourceGroups/resource groups/providers/Microsoft.Web/sites/web app name/config/web?api-version=2020-06-01
Then I searched the Azure Rest API and found this:
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/config/web?api-version=2019-08-01
We could update the field properties.ipSecurityRestrictions to update the value of Access Restrictions.
In addition, you could also check this blog: Bulk add IP Access Restrictions to Azure App Service using Az PowerShell
There does not appear to be a one-to-one match between powershell commands and api.
The closest I could find is:
https://learn.microsoft.com/en-us/rest/api/appservice/webapps/putprivateaccessvnet
This allows you to define which vnet has access to your web app. By controlling access to your vnet, you can control access to your app.
I am trying to use Azure Traffic Manager (GTM) to geographically distribute load to function apps in each region.
I have tried adding an 'app service endpoint' and an 'external endpoint' (including adding the GTM name as a custom CNAME to the function app), but both result in "Error 404 - Web app not found.". The custom CNAME also never adds correctly.
According to the last comment on this post, the ability to do this should now be supported:
Setting up a custom domain with an Azure Function app
I am unable to comment back on the post as I am a new user.
I have tried adding an 'app service endpoint' and an 'external endpoint' (including adding the GTM name as a custom CNAME to the function app)
Azure Traffic Manager is only eligible for use with App Services at the 'Standard' level or above as mentioned here. If your function isn't host in an app plan at the 'Standard' level or above, Azure Traffic Manager will not work.
If you are not using 'Standard' or higher level app plan, Azure Functions Proxies would be a workaround for you. Please check following thread which discuss the similar problem.
Azure Functions Traffic Manager
Here is the quick reference from the answer provided by Dakota Kincer.
So the answer I arrived to after Traffic manager didntsupport Azure functions was to overall build 3 Azure functions. I built an East and a West that has my azure function code on it. Then I built a main Azure Function that has 0 code. It only has Azure proxies on it that route to my 2 other Azure Functions. The route is controlled by a variable in the proxy string that is help in the main API app settings. Using %myvariable% you can set part of the url. When I need to publish I switch the variable to the secondary URL location. Update the Primary and then switch the URL to its original primary location. This will have to work for now till traffic manager is integrated into functions or a better solution arises.
I am unable to comment back on the post as I am a new user.
You could modify your post if you want to provide more information.
Traffic Manager supports Azure functions monitoring. You can enable this by going to TM settings -> endpoints -> add endpoint -> choose Azure endpoint type -> App Service for Target resource type -> under Target Resource choose Function app which you want to monitor.
Most likely you want to be able to access function apps under specific domain domain, for example my-domain.com. For that under Custom Header Settings specify host:my-domain.com. You'll need to setup custom domain in function apps configuration too.
How can I check where I have installed On-premises data gateway for one PowerBI report?
I looking for solution to find in which server I have installed gateway used by my report. I need it because it gives me error: DM_GWPipeline_Client_GatewayUnreachable.
Looks like the gateway went offline so the service cannot know more info about the Gateway.
Do you have your Recovery Key? It's the key you have provided on install time. If you do, you can install the gateway on a new machine, when you sign in you will be asked whether you want to create a new gateway or restore an existing one, choose "Restore" and that will migrate the existing gateway to the new machine and move all settings and reports that had been associated to the old gateway.
Usually, the default path is:
C:\Program Files\On-premises data gateway
You can also check in services
Open Services from Windows
Check for service "On-premises data gateway service"
Click on Logon Tab
This will show you the account you used for this service
I am trying to implement a Custom STS as a WebRole to be deployed onto Azure. The problem i have is that how do i generate or write the Federation Metadata.xml file for my Custom STS. if i write it myself can i get the custom reference id and how do i sign it?
Also as my STS is an Azure application ,so when i run it the Azure Emulator it has a URL like http://127.0.0.1:81/ ,so i would using this as the link in the Federation Metadata.xml file but afterwards when i publish the STS onto Azure as a production deployment it would have a URL like http://cloudSts.cloudapp.net so i would have to reflect these changes in my Federation Metadata.xml file,the question here is that after making these changes should i upgrade/publish the package again and then move it onto production or else i can simply upload the changed Federation Metadata.xml file onto ACS(where i have my Custom STS as an IP) and it would work?
Thanks
Here is a post I wrote on how to generate federation metadata dynamically: http://www.syfuhs.net/post/2010/11/03/Generating-Federation-Metadata-Dynamically.aspx
There is a variable in there called 'host' that you would modify. There are a couple ways to do it. You could look at the host header in the HTTP request, but you have to account for when it's not there. Or you could stick it into the role configuration. That would allow you to update it without having to redeploy.