According to the docs, it should be possible to get all lifecycle policies with the basic get request get _ilm/policy. How can I run that basic request using the 8.x .net elasticsearch client?
I've been able to use the following code to ensure an Index Template exists, but haven't had any luck with Index Lifecycle Policies or Component Templates.
var indexTemplateResponse = await client.Indices.ExistsIndexTemplateAsync(new ExistsIndexTemplateRequest(new Name(indexTemplateName)))
.ConfigureAwait(false);
Bonus points for indicating how to get a policy by name, create a policy, update a policy, get a component template, update a component template, or any other basic ILM tasks.
(Asked against Elastic.Clients.Elasticsearch version 8.0.0-rc.1)
Related
Is there any way to have a schema attribute for a resource to allow updates, but not actually be identified as a change needed to the resource? Or, is there a way to use something like HasChangesExcept within DiffSuppressFunc or CustomizeDiff?
I'm looking to implement a feature where a resource is optionally dependent on a datasource for something that is not actually part of configuration. In this case, the datasource is providing an access token that is used to create and interact with the resource. Yes, this should just be part of provider configuration, but I'm looking to avoid including this feature in the provider config for a few reasons. Mainly, I'm building the feature to cover a gap with backend software, the feature will be unnecessary eventually.
Here's an example of the hcl I'm trying to achieve:
datasource "auth" "foo {
user
pw
}
resource "service" "foo" {
name = bar
details = baz
access_token = datasource.auth.foo.access_token
}
Because the auth datasource creates a new access_token on each plan, each plan also identifies a change to the service resource.
I believe an appropriate workaround here would be that the access_token in state for the resource is only updated when any of the other fields of the resource is updated.
To accomplish this, I looked at DiffSuppressFunc and CustomizeDiff. However, both are missing a feature I'd look for:
DiffSuppressFunc - receives *schema.ResourceData which is great, but at this level the diffs attribute of ResourceData isn't populated, this renders the HasChangesExcept method unusable.
CustomizeDiff - receives *schema.ResourceDiff which does have access to diffs, but does not have HasChangesExcept implemented. This would be okay for one resource, but I'm looking to implement the access_token option to multiple resources and wanted to check all the keys dynamically.
I am trying to use rest api to do pagination as it is just sending the first page in Azure ADF going to blob storage. I am currently using AbsoluteUrl and $['#odata.nextLink'] to get over all the pages, the issue is I am getting this error, I have used first used the token activity to get the token and then used it in copy activity where the source is rest api dataset with headers dynamically coming from token activity and then used pagination. Can you point me in the right direction on if this is the correct approach or am I missing something.
This is how the import schema looks like:
And the error after importing schema
This is how my rest api configuration look like:
And this is how my token all web activity looks like:
Edit 2:
This is how the output is for Web activity:
Including the part of the snip that missed the access token:
This is the output for Copy Activity when Pagination is on:
This is the setup of the pipeline:
HttpStatusCode 401 indicates the authentication was not completed or failed due to invalid credentials. It maybe that the access token is missing in request from copy activity or not referenced properly or is expired. Make sure you already have the right access to this API.
Here is an example with basic configuration requirements:
Get the access token
Ensure you are able to reference it dynamically using Add dynamic content fields. Modify the reference with respect to the output you have received from earlier Login Activity.
Additional headers: Authorization: #concat('Bearer', activity('Login').output.access_token)
AbsoluteUrl: ${result_root}.{nextPageURL}
Here is the official doc on Pagination support refer the supported Key and value pairs.
If you are getting the access token correctly but still seeing the error, try to Import Schema in Mapping Settings of copy activity. And make sure the nextPageUrl or odata.nextLink in your case is mapped correctly.
Recheck $['#odata.nextLink'] , AbsoluteUrl value as:
$.rootElementName.CollectionOfItems.nextLinkURL
I'm using Python 3.8 and the new Azure SDK for Python, specifically the azure-mgmt-servicebus 7.0.0 version. With my previous version, whenever I needed to create a service bus topic, subscription, and appropriate authorization rule, I could do
sb_client = self._get_sb_client()
authorization_rule_rights = [AccessRights.listen]
sb_client = self._get_sb_client()
sb_client.topics.create_or_update(
resource_group_name, namespace_name, topic_name, parameters=TOPIC_PARAMS)
sb_client.subscriptions.create_or_update(
resource_group_name, namespace_name, topic_name,
SB_SUBSCRIPTION_NAME, parameters=SUBSCRIPTION_PARAMS)
# Create auth rule
sb_client.topics.create_or_update_authorization_rule(
resource_group_name=resource_group_name,
namespace_name=namespace_name,
topic_name=topic_name,
authorization_rule_name=SB_SAS_POLICY_LISTEN,
parameters=authorization_rule_rights)
However, with the new SDK, my "create_or_update_authorization_rule" now throws a
msrest.exceptions.SerializationError: Unable to build a model: Unable to deserialize to object: type, AttributeError: 'list' object has no attribute 'get', DeserializationError: Unable to deserialize to object: type, AttributeError: 'list' object has no attribute 'get'
error. The new documentation -- https://learn.microsoft.com/en-us/python/api/overview/azure/servicebus?view=azure-python#service-bus-topics-and-subscriptions, does not detail how to create the topics, only send a message using an existing topic. With the newest SDK, what's the proper way to create the topic, subscription, and authorization rule?
As far as I know, the latest version of azure-mgmt-servicebus is 6.0.0.
To create authorization rule, you should put the value of authorization_rule_rights in a json format.
Here is an example:
authorization_rule_rights= {
"rights": [
"Listen",
"Send"
]
}
result = sb_client.topics.create_or_update_authorization_rule(
resource_group_name=RESOURCE_GROUP,
namespace_name=NAMESPACE_NAME,
topic_name=TOPIC_NAME,
authorization_rule_name=AUTHORIZATION_RULE_NAME,
parameters=authorization_rule_rights)
For more details about authorization rule creation, you can refer to this doc.
For the topic creation, refer to this section.
For subscription creation, refer to this section.
I' am trying to set LDAP Auth on Pet Store REST API in IBM App Connect v11.0.0.6 In order to do so, I have followed this guide:
Creating a security profile for LDAP
I made a BAR file out of my "pet" REST API, deployed policy to the same Integration Node, then in flow properties tried to pick my ldapPolicy but it was not present. When I enter it manually and deploy I end up with this error:
Begin running task [Deploying [pet.bar] to integration server [InteriorIntegration]]
The BAR file C:/WorkDir/workspace/pet/pet.bar has been deployed to InteriorIntegration but there were one or more failures which may mean the deployed resources will be unable to execute.
The following message was received:
BIP9339W: The values defined in the policy(s) 'ldapPolicy' in policy project 'ldapTest' match the values of the existing policy(s). Any deployed resources using the policy(s) will not be affected by the redeploy of the policy project.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP9320E: Message Flow 'gen.pet', 'gen.pet' encountered a failure and could not start.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP9320E: Message Flow 'gen.pet', 'gen.pet' encountered a failure and could not start.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP9333W: RestAPI 'pet' has been changed but contains errors which has prevented some resources from starting.
BIP1096E: The source 'pet.bar' has been deployed but there were one or more failures which may mean the deployed resources will be unable to execute.
The task did not complete successfully: The deployment was partially successful. Check error messages for explanation.
And here is my Policy XML:
<?xml version="1.0" encoding="UTF-8"?>
<policies>
<policy policyType="SecurityProfiles" policyName="ldapPolicy" policyTemplate="SecurityProfiles">
<authentication>LDAP</authentication>
<authenticationConfig>ldap://example.com:389/ou=example</authenticationConfig>
<mapping>NONE</mapping>
<mappingConfig></mappingConfig>
<authorization>LDAP</authorization>
<authorizationConfig>ldap://example.com:389/ou=example</authorizationConfig>
<propagation>false</propagation>
<idToPropagateToTransport>Message ID</idToPropagateToTransport>
<transportPropagationConfig></transportPropagationConfig>
<keyStore>Reserved for future use</keyStore>
<trustStore>Reserved for future use</trustStore>
<passwordValue>PLAIN</passwordValue>
<rejectBlankpassword>true</rejectBlankpassword>
</policy>
</policies>
What am I missing?
Note:
BIP9339W: The values defined in the policy(s) 'ldapPolicy' in policy project 'ldapTest' match the values of the existing policy(s). Any deployed resources using the policy(s) will not be affected by the redeploy of the policy project.
EDIT:
I think the above error occurs because ldapTest is already deployed (?). If so then why I cannot choose this policy in security profile dropdown?
Error from event logs:
( Int.Server ) The message flow attempted to use ''SecurityProfiles'' policy ''ldapPolicy'', which has not been defined in the integration server.
Policies need to be set on the integration server. Use the administrative REST API to check that a '''SecurityProfiles'' policy called ''ldapPolicy' exists.
Use the toolkit to create the required policy and deploy it to the integration server, or adjust the message flow to avoid requiring the policy.
After few days of trying to find an answer in docs and going trough trial and error I found out that to set Security Profile Name field you have to use special syntax:
{PolicyProjectName}:PolicyName
So for example if you create and deploy MyPolicies project and you want to use MyPolicy policy you have to type in Security Profile Name:
{MyPolicies}:MyPolicy
Context
I am willing to get a resource details with the Azure REST API. And more particularly, I want to get the IAM associated with a resource.
Problem
So, I searched in the doc reference and found that endpoint: https://learn.microsoft.com/en-us/rest/api/resources/resources/get which provides an identity response attribute that meets my needs.
However, I can't find any information about the required path parameter parentResourcePath. What does that parameter mean and how can I get its value for a specific resource ?
Also, when I tried going through the resources group path, I can get a path to the resource details but without the parentResourcePath parameter, and the response doesn't include the identity attribute.
Finally, am I going the right way (using GET resource API) ? And if so, where can I find that parentResourcePath value ?
Actually, you have a better choice - Resources - Get By Id.
The /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName} in the api Resources - Get named resourceId which used in the Resources - Get By Id.
But if you combinate the properties manually, it is not easy, Azure has many different resource providers, resourcetype.
Generally, you could find the resourceId in your resource in the portal -> Properties. Also, the response of this API will include the identity which you need.
Sample:
Get a web app resource.
The resourceId is like /subscriptions/xxxxxxx/resourceGroups/joywebapp/providers/Microsoft.Web/sites/joywebapp2.
You can click Try it in the doc to try the api.
Response:
Well I made it throught the Role assignment list for scope endpoint, giving the subscription/resourcegroup/resource in the scope. And the output contains a principalId attribute that seems to point to a user or group or service principal.
Ref: https://learn.microsoft.com/en-us/rest/api/authorization/roleassignments/listforscope