I am currently working on automating the setting of retention policies of databases within an Azure managed instance. At the moment I am using the Azure Set-AzSqlInstanceDatabaseBackupShortTermRetentionPolicy PowerShell Cmdlet. It would be preferable to use REST API for my automation workflow, is there an equivalent?
The retention policy is not part of the Managed Instanced - Update API. There is an equivalent API for single instance databases.
Any help in pointing me to an API would be appreciated.
this would be the api call:
/subscriptions/xxx/resourceGroups/yyy/providers/Microsoft.Sql/managedInstances/zzz/databases/uuu/backupShortTermRetentionPolicies/default?api-version=2017-03-01-preview
somehow I dont see this in the API reference. But you can always do something like this to figure it out:
Set-AzSqlInstanceDatabaseBackupShortTermRetentionPolicy -ResourceGroupName resourcegroup01 -InstanceName server01 -DatabaseName database01 -RetentionDays 35 -Debug
and just at the debug output, it will contain REST call url
Related
I have an application hosted in Azure PAAS. The connection string for the application is stored under 'Configuration' -> 'Connection strings'
My application has a PowerShell instance. I want to iterate through all the Connection strings present under 'Configuration' -> 'Connection strings'
I have seen the Azure document. As my application itself is the app, can there be a way to skip the details like 'subscriptionId', 'resourceGroupName' and 'name'?
This will help to make the code more generic.
As my application itself is the app, can there be a way to skip the
details like 'subscriptionId', 'resourceGroupName' and 'name'?
AFAIK, Its not possible to acquire the connection strings using Rest API, or PowerShell of an Azure web application without providing Resource group name or subscription.
The MS DOCUMENT you have followed is to list the connection strings which is correct but we need to pass those credentials to achieve the same.
If my understanding is correct as its your own application and if its publicly hosted then anyone will not be able to get the resource group name, application name(If you are using custom domain) or subscription details.
Alternatively, we can use the Az cli by providing the resource group only :-
For more information please refer the below links:-
SO THREAD|Get the list of azure web app settings to be swapped using PowerShell
If you are going to use the REST API calls for your code, then the simple answer is just: No.
I think in all cases the answer is going to be no honestly..
You can't drop those unique IDs, because those are required parameters to retrieve the correct data.
If you want to make the code more generic, then you should write the code to retrieve the values for those parameters. Instead of hardcoding the values.
Your powershell code will always need to authenticate, or use a Managed Identity, and the identity used to authenticate will always have the subscriptionid as value in its object. As for the rest, well i think you get the gist of what im suggesting.
I've been trying to find a way to run a simple command against one of my existing Azure VMs using Azure Data Factory V2.
Options so far:
Custom Activity/Azure Batch won't let me add existing VMs to the pool
Azure Functions - I have not played with this but I have not found any documentation on this using AZ Functions.
Azure Cloud Shell - I've tried this using the browser UI and it works, however I cannot find a way of doing this via ADF V2
The use case is the following:
There are a few tasks that are running locally (Azure VM) in task scheduler that I'd like to orchestrate using ADF as everything else is in ADF, these tasks are usually python applications that restore a SQL Backup and or purge some folders.
i.e. sqdb-restore -r myDatabase
where sqldb-restore is a command that is recognized locally after installing my local python library. Unfortunately the python app needs to live locally in the VM.
Any suggestions? Thanks.
Thanks to #martin-esteban-zurita, his answer helped me to get to what I needed and this was a beautiful and fun experiment.
It is important to understand that Azure Automation is used for many things regarding resource orchestration in Azure (VMs, Services, DevOps), this automation can be done with Powershell and/or Python.
In this particular case I did not need to modify/maintain/orchestrate any Azure resource, I needed to actually run a Bash/Powershell command remotely into one of my existing VMs where I have multiple Powershell/Bash commands running recurrently in "Task Scheduler".
"Task Scheduler" was adding unnecessary overhead to my data pipelines because it was unable to talk to ADF.
In addition, Azure Automation natively only runs Powershell/Python commands in Azure Cloud Shell which is very useful to orchestrate resources like turning on/off Azure VMs, adding/removing permissions from other Azure services, running maintenance or purge processes, etc, but I was still unable to run commands locally in an existing VM. This is where the Hybrid Runbook Worker came into to picture. A Hybrid worker group
These are the steps to accomplish this use case.
1. Create an Azure Automation Account
2. Install the Windows Hybrid Worker in my existing VM . In my case it was tricky because my proxy was giving me some errors. I ended up downloading the Nuget Package and manually installing it.
.\New-OnPremiseHybridWorker.ps1 -AutomationAccountName <NameofAutomationAccount> -AAResourceGroupName <NameofResourceGroup>
-OMSResourceGroupName <NameofOResourceGroup> -HybridGroupName <NameofHRWGroup>
-SubscriptionId <AzureSubscriptionId> -WorkspaceName <NameOfLogAnalyticsWorkspace>
Keep in mind that in the above code, you will need to find your own parameter values, the only parameter that does not have to be found and will be created is HybridGroupName this will define the name of the Hybrid Group
3. Create a PowerShell Runbook
[CmdletBinding()]
Param
([object]$WebhookData) #this parameter name needs to be called WebHookData otherwise the webhook does not work as expected.
$VerbosePreference = 'continue'
#region Verify if Runbook is started from Webhook.
# If runbook was called from Webhook, WebhookData will not be null.
if ($WebHookData){
# Collect properties of WebhookData
$WebhookName = $WebHookData.WebhookName
# $WebhookHeaders = $WebHookData.RequestHeader
$WebhookBody = $WebHookData.RequestBody
# Collect individual headers. Input converted from JSON.
$Input = (ConvertFrom-Json -InputObject $WebhookBody)
# Write-Verbose "WebhookBody: $Input"
#Write-Output -InputObject ('Runbook started from webhook {0} by {1}.' -f $WebhookName, $From)
}
else
{
Write-Error -Message 'Runbook was not started from Webhook' -ErrorAction stop
}
#endregion
# This is where I run the commands that were in task scheduler
$callBackUri = $Input.callBackUri
# This is extremely important for ADF
Invoke-WebRequest -Uri $callBackUri -Method POST
4. Create a Runbook Webhook pointing to the Hybrid Worker's VM
4. Create a webhook activity in ADF where the above PowerShell runbook script will be called via a POST Method
Important Note: When I created the webhook activity it was timing out after 10 minutes (default), so I noticed in the Azure Automation Account that I was actually getting INPUT data (WEBHOOKDATA) that contained a JSON structure with the following elements:
WebhookName
RequestBody (This one contains whatever you add in the Body plus a default element called callBackUri)
All I had to do was to invoke the callBackUri from Azure Automation. And this is why in the PowerShell runbook code I added Invoke-WebRequest -Uri $callBackUri -Method POST. With this, ADF was succeeding/failing instead of timing out.
There are many other details that I struggled with when installing the hybrid worker in my VM but those are more specific to your environment/company.
This looks like a use case that is supported with Azure Automation, using a hybrid worker. Try reading here: https://learn.microsoft.com/en-us/azure/automation/automation-hybrid-runbook-worker
You can call runbooks with webhooks in ADFv2, using the web activity.
Hope this helped!
I have been given the responsibility for managing an Azure application gateway. The gateway is complex with 16 sites each with different SSL certificates, httplisteners, etc. The previous admin kept NO documentation. The short question is there a way I can use powershell to query and parse the existing configuration to a new script that I could use to rebuild the gateway if something breaks? I dont want to be messing with json and would prefer using powershell cmdlets, (Get-AzureRmApplicationGateway..., Set-AzureRmApplicationGateway, etc).
Any sample scripts would be great.
To load the whole gateway configuration via Powershell use:
Get-AzureRmApplicationGateway -Name MyAppGw -ResourceGroupName MyAppGwRG
Source
You can also edit this XML template file to record all the app gateway settings.
I can create an api using powershell as follows
New-AzureRmApiManagementApi -Context $azContext -ApiId $apiId -Name $apiName -ServiceUrl "https://myapp-dev-apims.azure-api.net/${subDomainName}" -Protocols #("https") -Path $subDomainName
However, this cmdlet does not create a version. It appears I need to use
New-AzureRmApiManagementApiVersionSet
However, Its not well documented how to do this when looking to add a version using a path segment such as myApi.com/cart/v1.
When creating the version within the portal, it says "Versioning creates a new API. This new API is linked to your existing API through a versioning scheme. Choose a versioning scheme and choose a version number for your API:"
Do I need to create a new api using New-AzureRmApiManagementApi, again a second time? This is confusing.
The workaround to this is to just use the New-AzureRmApiManagementApi cmdlet to initially create the api, then go into the portal to MANUALLY create the version. But it would obviously be nice if the process of creating both the api and its version were repeatable in a script.
Using powershell alone, how do I both create an api, and the version in one script? Help is appreciated. Thank you.
When creating the version within the portal, it says "Versioning creates a new API. This new API is linked to your existing API through a versioning scheme. Choose a versioning scheme and choose a version number for your API:"
It says correct, if you Add version in the portal, it will create a new API, just in the UI, it appears like under the original API. You could check them clearly in the resource explorer, there will be a "apiVersion": "xx"in the api version. After you adding a version, it will add a new API in the apis, and automatic create a version set in the api-version-sets, refer to the screenshot.
Per my test, the command New-AzureRmApiManagementApiVersionSet just create in the api-version-sets, and will not create in the apis, so you could not get what you want with it.
Also, I add version in the portal, and use Fiddler to catch the request, it essentially call the same REST API with creating a new API.
Some Workarounds for you to refer:
1.As you mentioned, create the api and add version in the portal manually.
2.Try to use New-AzureRmResource to create the api version.
3.Use the powershell Invoke-RestMethod to call the REST API.
To create a versioned API you first need to create a version set. You found the Powershell cmdlet for that. However, looking at New-AzureRmApiManagementApi it seems you cannot provide a versionsetid as parameter, which is needed to link the version set to the API.
With Powershell alone I don't think it's possible what you're trying to achieve, but what you could consider is using ARM templates.
These templates can be kicked off by Powershell and do provide the option to create an entire versioned API in one script.
For inspiration you could take a look at this blog post:
https://blog.eldert.net/api-management-ci-cd-using-arm-templates-linked-template/
I'm using Azure Monitoring Service API and need to pass DEPLOYTMENT NAME as a parameter to BuildVirtualMachineResourceId API method.
At the moment its not clear to me where/how to locate this piece of information so it can be passed to the method. Both cloud service name and vm name are easily available.
String vmResourceId = ResourceIdBuilder.BuildVirtualMachineResourceId(
CLOUD_SERVICE_NAME, DEPLOYMENT_NAME, VM_NAME);
Try Deployment ID... should be available on your Azure portal under the "Dashboard" screen
Use Get-AzureDeployment Cmdlet that gives you the deployment name. More details: http://msdn.microsoft.com/en-us/library/azure/dn495146.aspx