Synapse Workspace and Setting Microsoft Defender for Cloud - azure-cli

I want to set and config. Microsoft Defender for Cloud programmatically in a Synapse Workspace but don't know which Az module (or other module type) to use?

Related

Is there a way to create a custom connector for other tenant?

I am looking for Is there a way to create a custom connector for other tenants or as guests?
A connector is a wrapper or a proxy around an API that interact between Power Automate or Power Apps and the back-end service or data source.
The custom connector (API connector) enables you to connect your own web API (REST API) in Power Automate and Power Apps. To create a custom connector first we need to enable authentication in Azure Active Directory then register one of the APIs as a custom connector and lastly connect to it in Power Automate.
Authentication in Azure Active Directory
First, you need to create an Azure Active Directory (AAD) application that performs the authentication when calling the API endpoint.
First create an App registration in Azure Active Directory.
Now in the settings of the registered App, go to required permission and Add API.
For more detailed information check this Enable authentication in Azure Active Directory section of the Microsoft document.
Custom connector
After configuring the AAD Application we can now create the custom connector.
After clicking the Settings at the top of Power Automate web page, select custom connector.
Select Create custom connector, then Import an OpenAPI file .
In Security page, provide AAD information for the application and set Resource URL.
For detailed information check this Create a custom connector section of the Microsoft document.

Configure an on-premise LDAP to Azure API manager?

I could find that Azure AD can be configured to to Azure API manager.
My question is, is there a way to configure an on-premise LDAP to it?
A side question: can I configure SSO for the developer portal?

Can i add publish setting file from VSTS to deploy project on Microsoft azure

i am trying to deploy the project from VSTS to azure i have publish setting file i need to know how to use publish setting file in pipeline to deploy the project on azure. or any other solution to deploy on azure.
Yes, you can store the plain password in the secret variable of build/release, then specify the password through MSBuild argument (/p:Password={variable}).
After that you can specify the public profile (.pubxml file instead of .publishsettings file) in Visual Studio Build task (e.g. /p:SkipInvalidConfigurations=true /p:DeployOnBuild=true /p:PublishProfile="{profile name}")
Alternately you can write a script and add a Batch Script task to run the script to deploy on Azure. Please refer to Deploying to Azure from VSTS using publish profiles and msdeploy for details.
You can also use the Azure App Service Deploy task to deploy the Azure Web App. Please refer to How to deploy to Azure using Team Services Release Management for details.

Integrating KeyVault access into VSTS Release task

I am trying to figure out what is involved to write a console application that will run as part of a VSTS Release task and that program will read a connection string (secret) from a preconfigured keyvault and then connect to an Azure SQL db using that connection string and apply some changes.
Currently I have my Web Apps connecting to KeyVault and the Azure SQL Server
using Azure AD Application Token authentication so I know what is involved on that front.
When you check "Allow scripts to access OAuth token" on agent settings page,
can this token be used (using ADAL) to connect to KeyVault and SQL Server.
(Assuming the VisualStudioSPNxxx has the appropriate access to the above resources).
If not what should I be looking for?
The vsts token (Allow scripts to access OAuth token) can’t be used to connect to KeyVault.
You need to register app with Azure Active Directory and enable to communicate with Azure Active Directory and Key Vault, then get the connectionstring dynamically.
More information, you can refer to: Protecting Secrets using VSTS and Azure Key Vault
This is made relatively very easy now with Variable Groups - https://learn.microsoft.com/en-us/vsts/pipelines/library/variable-groups?view=vsts
You can link a secret by connecting your Azure KV to a variable and then use this variable as you would normally use it in any script/task.

MySql in pivotal cloud foundry environment

Does MySql come out of the box installed in pivotal cloud foundry environment? I was told that the containers within cloud foundry are transient in nature. If so , how does it support MySQL DB installation?
Pivotal offers Cloud Foundry in a couple ways. The hosted service is called Pivotal Web Services and allows apps to bind to a MySQL service such as ClearDB -- check out the marketplace.
The on-premise offering of Pivotal Cloud Foundry provides a MySQL service as well.
MySQL itself doesn't run as an application on Cloud Foundry, it's offered as a service alongside Cloud Foundry. Cloud Foundry currently only runs stateless applications, but support for a cloud-native solution for persistent workloads is starting up, so in the future it would be possible to run MySQL as an "application" directly on Cloud Foundry.