Need to access Azure Key Vault using SSIS Script Task in C#, to assign the Azure SQL Connection String to Connection Manager in SSIS.
To Achieve the above requirements , You may refer the below workaround.
Create an application ASP.NET MVC application.
Create Azure keyvault secret for the database connection string. And give permission to your app from Key Vault->Access Policy.
In application level use the Connected Service to access the Key Vault-> Secret for connection string , Which added in the code in webconfig and added nuget packages then test in your local and then deploy to Azure.
For example:
web.config
<configSections><section name="configBuilders"
type="System.Configuration.ConfigurationBuildersSection,
System.Configuration, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b0xxxxxxx3a"
restartOnExternalChanges="false"
requirePermission="false" />
<builders>
<add name="AzureKeyVault" vaultName="Prod-ConSt-01"type" Microsoft
.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder,
Microsoft.Configuration.ConfigurationBuilders.Azure,
Version=2.0.0.0, Culture=neutral,
PublicKeyToken=xxxxxxxx"
vaultUri="https://mywebsite-prod-const-01.vault.azure.net/" /><
/builders>
</configBuilders>
<connectionStrings configBuilders="AzureKeyVault">
<add name="ProductionConnstr" connectionString="from key vault"
providerName="System.Data.SqlClient" />
</connectionStrings>
For more information please refer the below links:-
MICROSFT DOCUMENTATION: Use a managed identity to connect Key Vault to an Azure web app in .NET
SO THREAD: Not able to get Azure Key-Vault working in app when deployed to Azure & Azure SDK with SSIS
Related
I'm deploying an IIS Web App with IIS Web App Deploy Task in Azure DevOps Release Pipeline. This works good but don't set the correct application pool. I'm trying it with set a Parameter in Parameters.xml or as -setParam to the Task. But this doesn't change anything. The googled Solutions didn't help. How can I manipulate the Application Pool during deployment? Thanks.
EDIT
In reference to this answer I configured the parameters.xml and pipeline like this.
(appHostConfig instead of appPoolConfig hadn't changed anything)
parameters.xml
<parameters>
<parameter name="Parameter 1" description="Full site path where you want to install your application (for example, Default Web Site/Application)." defaultValue="Default Web Site/MyApplication" tags="IisApp">
<parameterEntry kind="ProviderPath" scope="iisApp" match="Default\ Web\ Site/MyApplication" />
</parameter>
<parameter name="Parameter 2" description="Enter the name of the application pool." defaultValue="MyAppPool" tags="AppPoolConfig">
<parameterEntry kind="ProviderPath" scope="appPoolConfig" match="MyAppPool" />
</parameter>
<parameter name="IIS Web Application Name" description="Enter the name of the website." defaultValue="MyApplication" tags="IisApp" />
<parameter name="Application Pool" description="Enter the name of the application pool." defaultValue="MyAppPool" tags="AppPoolConfig" />
</parameters>
Set the website in IIS Web App Deploy Task
(results to -setParam:name='IIS Web Application Name',value='Default Web Site/MyApplication')
Set the Application Pool parameter in IIS Web App Deploy Task
Set Application Pool in IIS Deployment with Azure Release Pipeline
Since you do not share how did you set the Parameter in Parameters.xmland -setParam to the Task, I am not sure if you correct set the Parameter.
You could check this and this thread for some more info.
Anyway, for azure devops, there is an option Application Pool for the task IIS Web App deployment, which we could set the Application Pool:
Besides, the IIS Web App deployment is currently deprecated, MS recommends the task WinRM - IIS Web App Management.
Update:
There is an option Configuration type, select IIS Website:
Please check this document for some more details.
Hope this helps.
Create inline PowerShell Script task after Web App Deploy with:
c:\windows\system32\inetsrv\AppCmd.exe set app /app.name:"APPLICATIONNAMEHERE" /applicationpool:"APPLICATIONPOOLNAMEHERE"
to assign the application pool created above.
I am currently researching into migrating the EPiServer 11.10.1 media blobs from a Windows DFS Share to an Azure Storage Account.
The configuration tried is as follows:
web.config (Note: only relevant sections are shown)
<dependentAssembly>
<assemblyIdentity name="EPiServer.Azure" publicKeyToken="8fe83dea738b45b7" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-9.4.4.0" newVersion="9.4.4.0" />
</dependentAssembly>
<episerver.framework updateDatabaseSchema="false">
<clientResources debug="false" />
<appData basePath="" />
<scanAssembly forceBinFolderScan="true" />
<blob defaultProvider="azureblobs">
<providers>
<add name="azureblobs" type="EPiServer.Azure.Blobs.AzureBlobProvider,EPiServer.Azure" connectionStringName="EPiServerAzureBlobs" container="mycontainer"/>
</providers>
</blob>
connectionStrings.config (Note: only relevant sections are shown)
<connectionStrings>
<clear />
<add name="EPiServerAzureBlobs" connectionString="DefaultEndpointsProtocol=https;AccountName=storage00001;AccountKey=NuJBkcpuCbPKH+lcw65OwELkJ1nptJ7CY2Hn4MqNwqwL4WY4C3caSSSJYgH91J6MH9qZPPOOSbAzFZrNk8eIHt6PA==" />
</connectionStrings>
When starting the site, the following error is shown in the logs:
(Note: only relevant sections are shown)
2019-02-19 13:12:41,875 [94] [94a2e50f-06c6-4ddc-a6f7-2d1c43b0735d] ERROR
EPiServer.Global: Unhandled exception in ASP.NET
Microsoft.WindowsAzure.Storage.StorageException: The remote server returned
an error: (404) Not Found. ---> System.Net.WebException: The remote server
returned an error: (404) Not Found.
at System.Net.HttpWebRequest.GetResponse()
Request Information
RequestID:5e731c27-d01e-00cc-4254
RequestDate:Tue, 19 Feb 2019 13:12:41 GMT
StatusMessage:The specified blob does not exist.
I am unable to see an error which would be causing the media blob (image) not to be displayed.
The following has been tried already but to no avail:
Permissions: Azure Storage Account - Blobs - Contain (anonymous read access for containers and blobs)
Permissions: The media blob (images) are accessible in a browser independent of the EpiServer platform
Microsoft Support has confirmed there are no known issues affecting the Storage Account
If this makes a difference, EpiServer itself is running on a dedicated VM (IaaS) and using Azure SQL for databases.
Does appData basePath="" need to contain a value to work with an Azure Storage Account?
Any suggestions on what might be (or what I am doing) wrong are welcome.
Thank you.
Thank you for your proposed answer Ted but the solution was more straightforward. I posted a similar question to the official EPiServer forums:
https://world.episerver.com/forum/developer-forum/-Episerver-75-CMS/Thread-Container/2019/2/migrating-to-azure-storage-accounts-media-blob---image---not-displayed-in-browser/
It was simply a matter of adding the suffix to the connection string:
;EndpointSuffix=core.windows.net
However, I did read similar suggestions to what you answered whilst researching, so I think it will be of benefit to users Googling a similar problem for your answer to be upvoted.
The 404 is because you've changed the blob provider without migrating the actual blobs. Thus, when an existing blob (referenced in the Episerver database) is requested, it is no longer found.
You may also be interested in the blob converter package mentioned here: How to move blobs from App_Data folder of episerver cms site to azure blob storage hosted in azure cloud
I need to create access to the Azure storage from application. Application requires storage, where to put file. This code below, I am trying to put where application requires path to store file. Am I doing right? How can I implement this into XML of Application, so then it starts to write files to cloud storage.
<connectionStrings>
<add name= "DefaultConnection" connectionString="DefaultEndpointsProtocol=https;AccountName=;AccountKey=;/>
</connectionStrings>
Please take a look at this doc for example.
In your app.config, please add:
<appSettings>
<add key="StorageConnectionString" value="DefaultEndpointsProtocol=https;AccountName=account-name;AccountKey=account-key" />
</appSettings>
And in your code, please use:
// Parse the connection string and return a reference to the storage account.
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(
CloudConfigurationManager.GetSetting("StorageConnectionString"));
Then you can take use of azure storage.
if you login to the Blob image storage on Azure. it should populate the connection string by default. PFB Reference
I've got the Redis Session State Provider working fine locally with my ASP.Net site and in Azure with my Azure Website. But I've got a question about configuration...
Is there any way to store the configuration for that in the Azure Website itself using the App Settings (or Configuration Strings) section in the Website Properties screen?
That would be very convenient because it would mean that I don't have to modify the web.config file when I publish. I already do this for connection strings and app settings, but I just don't see a way to do that for anything in the <system.web> node of the web.config file, like the <sessionState> node.
There isn't a way to change the behaviour of the provider-based session state from utilising the web.config file.
You could write your own provider and modify where it finds the connection details from so you can publish those details somewhere other than in the web.config, but this wouldn't be standard behaviour.
This question has the way to make this work.
<appSettings>
<add key="REDIS_CONNECTION_STRING" value="[your dev connection string]" />
</appSettings>
<system.web>
<sessionState mode="Custom" customProvider="RedisProvider">
<providers>
<add name="RedisProvider" type="Microsoft.Web.Redis.RedisSessionStateProvider" connectionString="REDIS_CONNECTION_STRING" />
</providers>
</sessionState>
</system.web>
Then, in the portal, you can create an app setting with the name 'REDIS_CONNECTION_STRING' with the correct connection string. You cannot use connection strings section of web.config or azure portal. It must be app settings. Not sure why, but connection strings just uses whatever is in the web.config and is not replaced with what is in the portal.
I've got a web.config that contains my SQL connection string and my Azure Blob storage connection string.
A Web.Config transformation replaces my Local SQL connection string with the Azure one.
When I publish the site to Azure, the Blob storage connection string is deleted and replaced with a duplicate SQL connection string, but with the blob storage string's name.
The only way I've found to fix is to log in via FTP and manually change the erroneous Storage connection string with the correct one from my local machine.
How do I get VS to publish my web config to Azure and leave it alone!!!
Web.Config
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=(LocalDB)\v11.0;AttachDbFilename=|DataDirectory|\.mdf;Integrated Security=True" providerName="System.Data.SqlClient" />
<add name="StorageConnectionString" connectionString="DefaultEndpointsProtocol=https;AccountName=;AccountKey=" />
</connectionStrings>
Web.Release.Config
<connectionStrings>
<add name="DefaultConnection"
connectionString="Server=.database.windows.net,1433;Database=;User ID=#;Password=!;Trusted_Connection=False;Encrypt=True;Connection Timeout=30;"
providerName="System.Data.SqlClient"
xdt:Transform="SetAttributes" xdt:Locator="Match(name)"/>
I had a similar issue to yours. I'm not sure why but when you define the connection strings in the "Configure tab" in the azure portal and associate a "Linked Resource" on the linked resource tab it may override certain properties in the Web.config transform causing unexpected results. One of the options when you set up a new azure website is linking to (or creating a new) database to associate with your website - thereby automatically assigning the related connection string which may try to override your transform operation defined in the Web.Release.config.
Check and see if removing all connection strings and linked resources inside the "Azure Portal" fixes your problem. Just make sure that you have both your production database and storage connections strings defined properly in the Web.Release.config.
I struggled with this problem this morning and I came up with a solution for VS2015/17.
So I have an Azure VM, and to publish my web app on this machine, I used the Web deploy to an Azure VM proposed by VS.
I put my connection strings in an external file, so the useful part of my web.config looks like this :
</entityFramework>
<connectionStrings configSource="ConnectionStrings.config">
</connectionStrings>
</configuration>
in order to prevent VS of adding some connection strings during publication (ADO.Net code first MSSQL database connection string in my case), you can edit the following file in your project :
...\MyProject\Properties\PublishProfiles\YourPublishProfile - WebDeploy.pubxml
In this file look into the ItemGroup part and edit it to delete the connection strings you don't need:
<PublishDatabaseSettings>
<Objects xmlns="">
<ObjectGroup Name="MyProject.Models.MSSQL_DB" Order="1" Enabled="False">
<Destination Path="" />
<Object Type="DbCodeFirst">
<Source Path="DBContext" DbContext="MyProject.Models.MSSQL_DB, MyProject" Origin="Convention" />
</Object>
</ObjectGroup>
</Objects>
</PublishDatabaseSettings>
</PropertyGroup>
<ItemGroup>
<here are some entries delete the ones you don't need/>
</ItemGroup>
Be careful, if you add a file in this repertory, there is chances that it breaks the publication process on VS. Don't add file, just edit.