Adding users to an AD group with Azure Functions/Logic Apps
I want to add users to an Entra ID/Azure AD group. The list of users will be retrieved from a REST API call with Azure Functions, and then saved into a database, probably Azure SQL. I'm planning on then using Azure Logic Apps to connect the database to the AD group. How can I make the script run every time the REST API changes? Can I add users to the AD group from SQL? Is there a better way to go about this?Enhancing Data Security and Digital Trust in the Cloud using Azure Services.
Enhancing Data Security and Digital Trust in the Cloud by Implementing Client-Side Encryption (CSE) using Azure Apps, Azure Storage and Azure Key Vault.Think of Client-Side Encryption (CSE) as a strategy that has proven to be most effective in augmenting data security and modern precursor to traditional approaches. CSE can provide superior protection for your data, particularly if an authentication and authorization account is compromised.Hack Together: RAG Hack - Building RAG Applications with LangChain.js
In the rapidly evolving landscape of Artificial Intelligence and Natural Language Processing, the use of Retrieval Augmented Generation (RAG) has emerged as a powerful solution to enhance the accuracy and relevance of responses generated by language models. In this article, we will explore the talk given during the Hack Together: RAG Hack event, whereGlaucia Lemos, a Cloud Advocate at Microsoft, andYohan Lasorsa, a Senior Cloud Advocate at Microsoft, demonstrated how LangChain.js is revolutionizing the development of RAG applications, making it easier to create intelligent applications that combine large language models (LLMs) with your own data sources.
Using a managed service identity to call into SharePoint Online. Possible?
Hi All, I have been playing around with Managed Service Identity in Azure Logic Apps and Azure Function Apps. I think it is the best thing since sliced bread and am trying to enable various scenarios, one of which is using the MSI to get an app-only token and call into SharePoint Online. Using Logic Apps, I generated a managed service identity for my app, and granted it Sites.readwrite.All on the SharePoint application. When then using the HTTP action I was able to call REST endpoints while using Managed Service Identity as Authentication and using https://<tenant>.sharepoint.com as the audience. I then though I'd take it a step further and create a function app and follow the same pattern. I created the app, generated the MSI, added it the Sites.readwrite.All role same way I did with the Logic App. I then used the code below to retrieve an access token and try and generate a clientcontext: #r "Newtonsoft.Json" using Newtonsoft.Json; using System; using System.Net; using System.Net.Http; using System.Net.Http.Headers; using Microsoft.SharePoint.Client; public static void Run(string input, TraceWriter log) { string resource = "https://<tenant>.sharepoint.com"; string apiversion = "2017-09-01"; using (var client = new HttpClient()) { client.DefaultRequestHeaders.Add("Secret", Environment.GetEnvironmentVariable("MSI_SECRET")); var response = client.GetAsync(String.Format("{0}/?resource={1}&api-version={2}", Environment.GetEnvironmentVariable("MSI_ENDPOINT"), resource, apiversion)).Result; var responseContent = response.Content; string responseString = responseContent.ReadAsStringAsync().Result.ToString(); var json = JsonConvert.DeserializeObject<dynamic>(responseString); string accesstoken = json.access_token.ToString() ClientContext ctx = new ClientContext("<siteurl>"); ctx.AuthenticationMode = ClientAuthenticationMode.Anonymous; ctx.FormDigestHandlingEnabled = false; ctx.ExecutingWebRequest += delegate (object sender, WebRequestEventArgs e){ e.WebRequestExecutor.RequestHeaders["Authorization"] = "Bearer " + accesstoken; }; Web web = ctx.Web; ctx.Load(web); ctx.ExecuteQuery(); log.Info(web.Id.ToString()); } } The bearer token is generated, but requests fail with a 401 access denied (reason="There has been an error authenticating the request.";category="invalid_client") I have tried to change the audience to00000003-0000-0ff1-ce00-000000000000/<tenant>.sharepoint.com@<tenantid>" but that gives a different 401 error, basically stating it cannot validate the audience uri. ("error_description":"Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown.). I have also replace the CSOM call with a REST call mimicking the same call I did using the Logic App. My understanding of oauth 2 is not good enough to understand why I'm running into an issue and where to look next. Why is the Logic App call using the HTTP action working, and why is the Function App not working?? Anyone?
Building Intelligent Apps with Azure Cache for Redis, EntraID, Azure Functions, E1 SKU, and more!
We're excited to announce the latest updates to Azure Cache for Redis that will improve your data management and application performance as we kickoff for Microsoft Build 2024. Coming soon, the Enterprise E1 SKU (Preview) will offer a lower entry price, Redis modules, and enterprise-grade features. The Azure Function Triggers and Bindings for Redis are now in general availability, simplifying your workflow with seamless integration. Microsoft EntraID in Azure Cache for Redis is now in GA, providing enhanced security management. And there's more – we are also sharing added resources for developing intelligent applications using Azure Cache for Redis Enterprise, enabling you to build smarter, more responsive apps. Read the blog below to find out more about these amazing updates and how they can enhance your Azure Cache for Redis experience.Azure Cache for Redis at Microsoft Build 2023
We are excited to announce that Azure Cache for Redis is receiving a major upgrade announced at Microsoft Build 2023, with several new features and enhancements that will help developers improve the performance and scalability of their applications. This release includes many significant improvements, such as integration with Azure Functions, a new Azure Marketplace template for quick web app deployment, and new enterprise features that focus on developer efficiency. Additionally, Azure Cache for Redis will now support up to 30 shards, making it even more scalable than before. With new authentication capabilities such as AAD and .NET support, this release is sure to provide developers with a powerful and versatile caching solution for their applications. To learn more, check out the full details below.Azure Functions - New Comic
You are a Cloud lover? But you prefer Azure? Learning with fun? And most of all, you like serverless? You will probably enjoy our new comic about Azure Function with Jonah Andersson as guest star! If you want to deep dive, do not hesitate to visit the official documentation on the Microsoft website: https://learn.microsoft.com/en-us/azure/azure-functions/functions-overview Enjoy and share, it's free!
