what is the best way to read service bus connection string from different resource group in arm template without any hardcoded values?
"connectionString": "[listKeys(resourceId('Microsoft.ServiceBus/namespaces/authorizationRules', parameters('servicebusname'), 'RootManageSharedAccessKey'), '2017-04-01').primaryConnectionString]"
Here the apiversion is hard coded , how can I get it programmatically?
API versions are used to distinguish between different APIs. API versioning is the practice of transparently managing changes to your API. It doesn't matter for prod and non-prod environments at your end as it is specific to the service.
For more details on ARM template for service bus you can refer to document here. For different API version for service bus what is added/removed you can refer to this document.
Related
I have built a system to store data collected by IoT devices in CosmosDB and display it in a web application.
I am looking for a simple way to duplicate the resource group including the resources.
The system overview and resources included in the resource group are as follows
System Overview
IoT devices collect data and send to IoT Hub
IoT Hub calls Azure Function to store data in CosmosDB
Display stored data on Web Apps (website)
Resources included in resource group
CosmosDB
Web Apps
IoT Hub
Azure Function
Goal
Replicate the entire resource as a separate resource, including resources in the resource group
Do not use ARM templates
Tried
Import resource group exports using ARM templates
Problem
Importing the exported template as is causes errors due to duplicate content names, empty values in parameters, etc., which makes modifying the ARM template costly.
Functions in Azure Function and resources on the website are not duplicated, so separate duplication work is required.
To begin with, exporting/importing a resource group using an ARM template does not include all the information of the resource group from which it was exported, so it cannot be called a duplication.
Thank you in advance for your cooperation with the above.
I want to provision resources in Azure using ARM where user can select the required input parameters like Vnet or Function app that are already provisioned.
Just like AWS have parameter types such as AWS::EC2::VPC::Id to list down the VPC available in a region. For AWS references https://aws.amazon.com/blogs/devops/using-the-new-cloudformation-parameter-types/
Is there something similar we can do in azure too.
Similar, yes, the same no... You can author a ui definition file that will allow you to restrict input. For some resources there are controls you can leverage but there's also the capability to write a control that uses semi-custom logic (that could call an Azure API to list skus for example).
This is about the ui defintion:
https://learn.microsoft.com/en-us/azure/azure-resource-manager/managed-applications/create-uidefinition-functions
And you can bundle it with a deployment template like this:
https://preview.portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2F100-marketplace-sample%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2F100-marketplace-sample%2FcreateUiDefinition.json
The feature is in preview right now, so you need to use preview.portal.azure.com instead of portal.azure.com but rollout will finish in a few weeks.
No, this is not possible in ARM Templates. If you would be doing managed applications with arm templates you'd have some of the pickers (very limited set), but with regular arm templates you cant do that. you can create a powershell script that would mimic that for you.
This is (now, maybe not when this question was asked?) possible by using the Microsoft.Solutions.ResourceSelector UI element.
I am creating an Azure Service Bus with the Fluent SDK. I want to give my service bus a specific name and increment by one if the name is unavailable.
The problem I am having is that I don't actually know if the name is unavailable at the time of creation.
I'm using this to create a service bus:
var serviceBusNamespace = azure.ServiceBusNamespaces
.Define(serviceBusName)
.WithRegion(Region)
.WithExistingResourceGroup(resourceGroup)
.WithSku(NamespaceSku.Standard)
.Create();
If I run this code for two different resource groups using the same serviceBusName, I get a service bus created in both resources groups without error. However when I go to the Azure portal the first service bus opens fine, but I get an error saying 'Not Found' when trying to open the second.
I understand that servicebus names must be unique across all of Azure, but
Why is the Fluent SDK allowing me to create the second service bus with the same name?
How can I check of the name is unique before creating the service bus?
I tried to ping the service bus URL to see if it exists. For example I tried this, for a URL like serviceBusName.servicebus.windows.net, but that failed.
Why is the Fluent SDK allowing me to create the second service bus with the same name?
You should raise this as an issue with the team that develops the library. In this case, Fluent SDK is produced by .NET Libraries for Azure team. Issue tracker is available here. When raising an issue, label it with Service Bus.
How can I check of the name is unique before creating the service bus?
Operation to provision a new namespace could be enqueued internally. Therefore, when you query for a namespace existence, you might get a negative response while backend is spinning it up. One of the requests will succeed, while another will fail. You'd need to create and query for a result after, checking the status.
I want to be able to control the name of the Service Bus Queue or Subscription that my Azure Function reads from at run-time.
With WebJobs (which Azure Functions are based on) you could do this by implementing and configuring a custom INameResolver, see: How to have a configuration based queue name for web job processing?
However, with Azure functions I have no access to JobHostConfiguration to wire up this custom resolver.
Can I still use an INameResolver, and if so how?
Right now you cannot use a custom INameResolver as there is no mechanism for injecting your own services like this into the host. It's being tracked here: https://github.com/Azure/azure-webjobs-sdk-script/issues/1579
I know that Azure Service Bus is secure while in transit because of SSL, but I'm unable to find any information about if it's encrypted while at rest.
If the content of the message is sensitive in nature, can Azure be relied on to keep messages private while within the Azure infrastructure - or should we implement message security?
As of 4/25/2018, the page that #tyler-pollack referenced, has been updated to specify that encryption at rest is provided at all tiers.
https://learn.microsoft.com/en-us/azure/security/azure-security-encryption-atrest
You can see the update in this github commit: https://github.com/MicrosoftDocs/azure-docs/commit/66214db8a21eefcece6441ae566041b90b2615fa#diff-f55bddd3fba462832c4a2d0e7918f750
You will have to encrypt the data yourself. There are currently no facilities built into the service bus for data at rest.
Service Bus Premium currently supports encryption at rest - https://learn.microsoft.com/en-us/azure/security/azure-security-encryption-atrest#azure-resource-providers-encryption-model-support