Hardening Azure Functions when exposing them via Azure API Management

Introduction

In my discussions with customers about “serverless”, we often talk about the typical security patterns when embarking on the deployment of functions for Enterprise organizations. A typical combination we see here is where Azure API Management is used in front of Azure Functions. Today we’ll talk about the options at hand here. In essence this will related to a choice where an organization will need to choose between “Fully Isolated” and “Full Flexibility”!

Continue reading “Hardening Azure Functions when exposing them via Azure API Management”

Advertisements

Putting Azure API Management in front of an Azure Function API

Introduction

Today’s post will be on how to expose an API hosted via an Azure function via Azure API management. So what are we going to configure today? We’ll expose the function API externally. The “user” (or client app) will authenticate with API management via a “subscription key“. Afterwards API management will call the back-end function, where it will authenticate via the function authentication code.

 

Configuration

So let’s go to our function …

Where we’ll grab the “function URL”. This contains the query parameter “code” which uses the function key as authentication.

Continue reading “Putting Azure API Management in front of an Azure Function API”

Azure : Mixing LogicApps & Functions as a periodic data retriever

Introduction

There are various articles/blogs/etc that compare logicapps vs flow vs functions vs azure automation, etc… Though there was one use case where I often struggled what to use ;

What to use when I want to retrieve a file from X on a Y timed interval?

Azure Functions? Great abstraction, though the output files have random names. Sometimes / Often I want to be able to control that.

Flow? Doesn’t allow the customization I was looking for. More to integrate existing / popular services.

Azure Automation? Very good and gets the job done. The only downside, you need to code a lot of logic yourself.

Azure Logic Apps? Shows potential, but doesn’t let you include custom functions. Or does it…?!?

You can link Azure Functions to Logic Apps and create some the flow I was looking for.

 

The Flow

So what do I want to do?

  • On a daily basis
  • Retrieve content from an authenticated API
  • Save the content to a Blob storage

And afterwards I’ll use other services to process that data. 🙂

 

The Proof-of-Concept

What do I want to achieve? On a daily basis I want to retrieve data from a service provider that serves sports data. And if you are looking for such a thing, check out MySportsFeed! So back to our proof-of-concept; how will this look in Logic Apps?

2017-01-20-21_10_27-inputs-microsoft-azure

Let’s dissect this flow…

Continue reading “Azure : Mixing LogicApps & Functions as a periodic data retriever”

Basic Azure IoT Flow : From Event Hub via Stream Analytics to Power Bi

Introduction

A few weeks back I posted a blog post on how you can leverage “serverless” components for IoT. Today I’ll show you what it would mean if we replace the Azure Functions component in that post by Azure Stream Analytics.

 

Flow

So the flow between device and event hub is untouched. Though we’ll replace the functions part with Azure Stream Analytics. So how will the end result look?

2017-01-03-11_11_49-job-diagram-microsoft-azure

We’ll be using one Stream Analytics job to trigger three flows. One will store the data into an Azure Table Storage, another on will store it as a JSON file on to Azure Blob Storage and another one will stream it directly into a PowerBi dataset.

So let’s take a look at all the components from within this Stream Analytics Flow we’ll be using…

2017-01-03-11_23_08-inputs-microsoft-azure

Continue reading “Basic Azure IoT Flow : From Event Hub via Stream Analytics to Power Bi”

Azure IoT : From RaspberryPi with Sensor to Azure Storage Table by using a serverless architecture

Introduction

A few days ago my connectors arrived for my latest PoC on Azure. So today I’m writing about my experience in using a RaspberryPi with a temperature & humidity sensor and to save the telemetry data in Azure. For this we’ll be using Azure Event Hub as an ingress mechanism, and Azure Functions to storage the events towards an Azure Storage Account. My next venture will be to use this data to create reports and maybe (on the long run) do some machine learning. For the latter, I’m pondering about linking this system to my ebus system of my heating system. That way I could correlate the data from the various censors (RPi, Thermostat & outside sensor) in combination with the heater information & heating schedules. Basically… creating my own  Google Nest. 🙂

 

Sensor : Physical Connection (I2C)

The guys from ThingTank had a spare sensor lying around, which they lend to me for my PoC… This was a “Grove – Temperature&Humidity Sensor (High-Accuracy & Mini)“. As you can see in the picture, underneath, this one has an I2C connector. We see four connections ; GND, VCC, SDA & SCL.

grove-tem-hum-accuracy-mini_01

Continue reading “Azure IoT : From RaspberryPi with Sensor to Azure Storage Table by using a serverless architecture”

Azure Functions : Extending the “quick demo” from earlier this week

Introduction

Last week we did a quick demo on Azure Functions in combination with the event hub. Today I wanted to explore what would happen if I wanted to use “custom” libraries. Could I install libraries on functions? Let’s try it out shall we!

 

Install NPM Module in 

First thing we’ll do is install the extra npm module we need. We can do this via the “kudu“-console ;

2016-12-06-17_13_06-diagnostic-console

Just like we would anywhere else…

Continue reading “Azure Functions : Extending the “quick demo” from earlier this week”

Azure Functions : A quick demo when using Event Hub

Introduction

Azure functions is the “serverless” offering on Azure. Serverless doesn’t mean there aren’t any servers, but it’s rather a platform service where you can run your own snippets of code. Each code can be triggered, where it then can have an in and/or output. In terms of billing, you pay for the amount of runtime you consume.

Imagine having a stateless web front end which publishes state onto a queue or storage account. Then Azure functions is being triggered and your business logic starts. Sounds familiar? Yes, because that’s a typical flow you normally do in your application stacks. Now you can segment that even more into services you do not need to manage.

 

Demo

Today I’m going to show you a very brief demo on using an Azure Event Hub as trigger/input for an Azure function. So what’s the flow we’ll be doing?

  • A client will put a message on the event hub queue
  • This will trigger an Azure function
  • The function will save the contents of the message onto a storage account

Sound simple right? And it actually is that simple to do too!

 

Continue reading “Azure Functions : A quick demo when using Event Hub”