I know Microsoft Azure API has a way to pull a data slice using a GET request. The api is here
https://management.azure.com/subscriptions/<SubscriptionID>/resourcegroups/<ResourceGroupName>/providers/Microsoft.DataFactory/datafactories/<DataFactoryName>/tables/<TableName>/sliceruns?start=<StartDateTime>&api-version=<Api-Version>
Problem is I have to manually specify the data factory, data set, and start time, what if I want to pull all logs for a start time for a particular resource group. I know I can do it if I list all data factories and sets and then loop through them. But then I'm calling an http request inside a nested for loop which seems like a really bad/expensive idea. I'm working on a logging web app using Kibana that's why I need all logs.
Unfortunately this is not supported. This is due to the way that API routes are designed for Azure Resource Manager (ARM) services, which ADF is one of. The solution you mentioned, while not ideal, is the best available one.
A bit more: API routes for top-level resources (e.g. a data factory) will always contain a subscription ID and resource group name. Similarly, routes for child resources/APIs (e.g. datasets, slices, etc.) must contain the subscription ID, resource group name and the top-level resource name.
If there was such an API that let you list slices from any data factories in a resource group, this would have to be executed as a "fan-out" query. Since the data factories in the resource group can be in any region, ARM would have to send requests to each of the Data Factory resource providers (RPs) that has a data factory in the resource group, then aggregate and return the results to the caller; this is not supported by any of the Azure services.
Related
I have built a system to store data collected by IoT devices in CosmosDB and display it in a web application.
I am looking for a simple way to duplicate the resource group including the resources.
The system overview and resources included in the resource group are as follows
System Overview
IoT devices collect data and send to IoT Hub
IoT Hub calls Azure Function to store data in CosmosDB
Display stored data on Web Apps (website)
Resources included in resource group
CosmosDB
Web Apps
IoT Hub
Azure Function
Goal
Replicate the entire resource as a separate resource, including resources in the resource group
Do not use ARM templates
Tried
Import resource group exports using ARM templates
Problem
Importing the exported template as is causes errors due to duplicate content names, empty values in parameters, etc., which makes modifying the ARM template costly.
Functions in Azure Function and resources on the website are not duplicated, so separate duplication work is required.
To begin with, exporting/importing a resource group using an ARM template does not include all the information of the resource group from which it was exported, so it cannot be called a duplication.
Thank you in advance for your cooperation with the above.
I want to set up logic app, which is going to monitor rss feed and create task in azure devops based on data from feed and some conditions. That's the easy part. I want to make this set up more or less secure and want to prevent API connector reuse. So, when I login to Azure DevOps using logic app using connector, API Connection is being created and I can reuse it with any other logic app. How do I prevent this this reuse behaviour? Is it possible to limit connector use somehow, so it can be used with 1 logic app only? The resource group is in subscription which can be accessed by some users already, so limitng access to resource group with logic app is not an option.
Unfortunately, there is no way to make the API connection restricted to only one logic app. The other possible way would be if you have different user having access to different resource groups, one per user, and set RBAC so only the user have access to it and they are not reusing it. But still that user can also reuse the connection if they want
This question may sound a little odd, but here it goes: A customer of ours would like to get access to certain metrics of his environment of our product which we host on Azure for the customer. It's a pretty complicated deployment, but in the end it consists of an Application Gateway, some virtual machines and a dedicated Azure SQL database.
The customer now would want to get select metrics from this deployment forward to their own DataDog subscription, e.g. VM CPU metrics, database statistics and those things. DataDog obviously supports all this information (which is good), but as a default would slurp in information from all resources within our subscription (which is not OK).
Is there a way to fine-granularly define which data is forwarded to DataDog, e.g. the resources and also which type of metrics to forward for each resource? What are my options here? Is it enough to create a service principal with a limited reading right, or can I configure this somewhere else? I am unfortunately not familiar with DataDog.
The main thing which must be prevented is that the customer due to the metrics forwarding could get access to other metrics in our subscription - we need to control the exact scope of the metrics.
The pretty straightforward solution to this issue is to create a service principal via command line, and then to assign the monitoring role to this service principal only exactly for the resources you need. This even works down to a level of specific databases for example.
Kicker: This is not possible to do in such a granularity from the UI, but the az command line accepts assigning the monitoring reader permission on a deep resource ID level, even if the UI for this is not there. By finding the resource ID from the UI, and then using the resource ID from the command line, it's possible to achieve exactly this behaviour.
I have a cosmos DB, a queue, a function, a MySQL DB. The cosmos DB gets an entry, it writes into the queue. When it comes to queue automatically triggers a function which writes into DB. While fetching the resources from azure using resource manager, I got all the resources under the subscription, but could not find the relationship with these. Can I get the relationship between these?
This GitHub issue talks exactly about what you are looking for. Please have a look at the conversation. In short, we have feature called as resource links which we can use to mark a relationship between resources and then query a resource for its linked resources however currently we can discover the related resources directly through a resource's properties or by tagging resources to note connections.
Hope this helps!! Cheers!!
I want to create one single database server for all the resource groups I have created. Earlier, I have used one database server for each resource group but now I wish to have only one server for all the resource groups.
I must say, I believe your former setup more closely follows best practices. Having one server for each resource group allows you to scale each one independent of each other and monitor/configure independently. But to answer your question, every resource in Azure must belong to a resource group. You can create a common resource group and create the SQL db/server under that. Other resources in other groups will still be able to access it.