I've looked through all the permissions a user can have in regards to logic apps but I still have not be able to answer my question. Is it possible to restrict a user from using a certain connector in azure logic apps? For example, lets say I wanted users to use only the Outlook/Office 365 connector. Is this possible?
No, it is not possible to restrict Connectors or Actions at design time, though you can certainly restrict actual endpoints by simply not providing credentials.
Note, this is not really any limitation of LogicApps or such. Limiting the designer experience is not something readily available on any other platform.
Related
I want to integrate our Sales CRM dynamics system with another application. Approaches we are considering are using web api and webhooks.
Can we use webhooks without using an azure function/azure service?
what all are the challenges?
Is there any other better methods to pull data from Dynamics CRM?
What all things should be considered while doing an integration with Dynamics CRM system?
(I am new to Dynamics)
link followed:https://dynamicsninja.blog/2019/05/22/d365-webhooks-part-1/
If it's a relatively simple integration, using Power Automate might be your best bet.
https://flow.microsoft.com/
To answer your specific questions, though:
Can we use webhooks without using an azure function/azure service?
No. You'll need to use Power Automate, Logic Apps, or some other method to watch for changes.
what all are the challenges?
That's a pretty broad question, can't help you without specific things you've already tried.
Is there any other better methods to pull data from Dynamics CRM? What all things should be considered while doing an integration with Dynamics CRM system?
If you're just doing reporting (pulling data) then PowerBI is a good choice, otherwise it's the API for custom integration or Power Automate/Logic Apps for something that needs a little less customization.
If you realy want to have a CRM fully integrated i would consider to try
• Power Automate (as said before): it's a good way to easily connect several systems
• Azure Functions: Sometimes power automate is just not enough but with azure functions you can easily create some serverless code. I have some aazure functions that are triggered by receiving a message in a queue by power automate for example. You can make both work together and that what we have at work :)
The biggets challeng is the "know-how" I guess. A lot of people do not know it yet. Azure functions can be a little difficult at the beggining (even more if you want to use early bound classes for you CRM). With some time you will get it.
If you want do distribute your tool as a dynamics solution package which than should be added to an organisation without generating API token in azure and stuff like that i would suggest you don't pull data from dynamics (that way you need to authorize at the ms webapi with a token generated in azure and so on). Instead use web components and plugins triggered by core messages to push the data to your api.
We are looking to force all Azure access assignments to go through our management groups instead of at the subscription level. Basically we don't want access to be able to be assigned per subscription and want to block that capability. This way we are forced to grant access at the Management Group level instead.
Is there any way to do this, maybe via a Policy somehow?
Thanks for the helping!
Just copy the answer from QnA for other communities reference (it seems the question in QnA is also asked by same OP).
Currently it is not possible and we can submit a feature request here
With Azure Data Factory I have built a pipeline to orchestrate the processing of my Azure Analysis Services model trough a dedicated Logic App as explicated in this article, and it works properly.
Now, always using Azure Data Factory (through Logic App), I wish I could also update the list of the user in a specific roles.
In the article mentioned above, to process the Azure Analysis Services models, the Logic App calls a specific API that has the following format:
https:// <rollout>.asazure.windows.net/servers/<serverName>/models/<resource>/refreshes
but this API doesn't seem to work for update the model's roles.
Is there anyone who knows the correct method to be able to update model roles using a specific Logic App?
Thanks for any suggestions
If you don't necessarily need to use the logic app for this, I think it might be possible using Azure automation and the powershell cmdlets for managing azure analysis services:
https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-refresh-azure-automation
https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-powershell
https://learn.microsoft.com/en-us/powershell/module/sqlserver/Add-RoleMember?view=sqlserver-ps
One alternative approach might be to have fixed AD groups as members of the tabular model roles and add / remove members from those AD groups. Therefore the tabular model roles would not need to be refreshed, it would simply be a matter of adding or removing members from the AD groups as part of your governance process.
A second approach would be to use dynamic row-level security. Adding records to a Azure SQL DB table is perfectly possible with Logic Apps and could be used to drive security, depending on your requirements. You can then refresh your security dimension with the Logic App. See here for more details:
https://learn.microsoft.com/en-us/power-bi/desktop-tutorial-row-level-security-onprem-ssas-tabular
To answer your question however, the Azure Analysis Services REST API is useful but is not that fully featured, ie it does not contain all possible operations for tabular models or the service. One other missing example I found was backups, ie although it is possible to trigger a pause or resume of the service, it is not possible to trigger a backup of a tabular model via the REST API. I do not believe it is possible to alter role members or at least, the operation is not listed in the REST API, although happy to be corrected if I am wrong. To be more specific, Roles is not mentioned in the list of available objects which can be passed in to the Objects array using the POST / Refreshes eg here. table and partition are the only ones I'm aware of.
There are also no examples on the MS github site:
https://github.com/microsoft/Analysis-Services
Finally, consider calling TMSL via Powershell in an Azure Function, which you can call from Azure Data Factory.
HTH
I'm working on a simple mobile application in order to learn more about app development in general. I'm using Xamarin and C# to make a cross-platform app.
The end goal is to make a listing of users that are willing to be contacted to play golf. I want users to be able to enter their name and email address on one page, save the entries in a table using Azure SQL Database, and then display them in a list on another page in the app.
I've done some pretty extensive research on my own, but now I think it's time to get some real-life interaction to help guide me along. So here's my actual question...
It looks like the "Getting Started" tutorial here is close to what I want to do. But it seems like the database the app in the example uses is stored locally, whereas I want to create a table that all users will be able to access. Is following this walkthrough the right move for me? If not, what should I do instead?
Bear in mind that I'm committed to using Azure Mobile Services, so please refrain from answers suggesting I use a different platform.
Thanks guys!
If you use Azure Storage directly from the client app, then make sure you are not using Shared Key authentication. Otherwise, anyone could simply steal the credentials from the app and get full access to your blob account. To learn more, see Shared Access Signatures and the SO question Azure blob storage and security best practices.
From the official documentation:
Exposing either of your account keys opens your account to the possibility of malicious or negligent use. Shared access signatures provide a safe alternative that allows other clients to read, write, and delete data in your storage account according to the permissions you've granted, and without need for the account key.
For new projects, you should use Azure Mobile Apps instead of Azure Mobile Services. The new service offers a number of features, and it is where all future investments will be.
For instance, there is now support for blob storage syncing along with regular offline data sync, and it uses SAS tokens to connect securely. Here's a tutorial for Xamarin.Forms: Connect to Azure Storage in your Xamarin.Forms app. It includes a sample that you can deploy to your own Azure subscription with one click.
For your specific question, you could modify the Todo sample (or look at the more full-featured Field Engineer sample) and add tables for Players and Games.
There are a number of offering on the Azure platform that will allow you to store your golf players. However, the page you linked to is for BLOB storage, and I would not recommend using that.
There is Azure table storage. Which is a NoSQL store on the Azure platform. It's highly scalable and schema-less, so very flexible. You can leverage the Azure SDK to read and write to it - or go REST if that's what you prefer. Check out the tutorial here: https://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-tables/
Then there is Azure SQL, which is SQL server offered on the Azure platform. This is a traditional relational database store, but more scalable ( since it's on the Azure Platform ). You can also use this solution, but it does require a bit of extra work, since you probably want to use an ORM like Entity Framework.
So in all - I would go for Azure table storage. It's really easy to get started with and will do what you want to do.
Is it possible to get programmatic access to Azure billing information?
I am aware that you can download a .csv file but that doesn't meet my requirements. I'd really like an API to access the current live billing data.
I can't find anything but I've seen a couple of applications that suggest its possible to do this - http://www.youtube.com/watch?v=ETs-NgnZV_U.
Thanks.
Azure now does provide ways to programmatically retrieve your resource usage and pricing data: https://weblogs.asp.net/scottgu/new-azure-billing-apis-available
At this tmie it is not. Quest tools scrap data from HTML of the web-pages afaik
The APIs Moinak refers to seem to be old APIs (we used them before switching to Azure Cost Management exports).
It seems like there are some new billing apis: https://learn.microsoft.com/en-us/rest/api/billing/