I have an internal network with only the web server connected to the internet. How can the server serve google maps pages to all the machines on this internal network? The way I understand the maps api is called from the client and hence either the maps server has to be on the internal network (Business License) or all machines should have internet access.
Related
How to call the secured API management linked APIs configured in azure portal when developing locally using SWA CLI? All I observed in the SWA configuration is meant for functions as APIs not the APIM.
https://learn.microsoft.com/en-us/azure/static-web-apps/apis-api-management
When adding API Management APIs to an azure static web app, an automatic proxy product is created on APIM securing access to the API for this app via /api prefix on the static web app domain. I did not see any mentions of how this works for local development to pass the user claims from SWA emulator to the API via that proxy?
I was trying to do this recently and I don't think it's possible. My solution was to add a proxy to my dev server (in my case vite) to proxy all requests to the /api route to the Api Management URL, setting the necessary subscription key header.
How to access APIM developer portal from internet when APIM is kept internal?
I checked some Microsoft document but did not get it how to do it.
You can Integrate API Management in an internal VNET with Application Gateway.
Combining API Management provisioned in an internal VNET with the Application Gateway frontend enables the following scenarios:
Use the same API Management resource for consumption by both internal
consumers and external consumers.
Use a single API Management resource and have a subset of APIs
defined in API Management available for external consumers.
Provide a turn-key way to switch access to API Management from the
public Internet on and off.
Follow this link for more information : https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-integrate-internal-vnet-appgateway
I have created a .NET Core API and deployed it as an App Service in Azure. On top of that, I have an instance of Azure API Management. Now I want the API to be only accessible through the APIM.
During the free testing phase, i restricted the access to the API to the IP of the APIM. As i do not expect my API to have high traffic and to save costs, i now switched to free and consumption tier.
As my APIM uses the consumption tier, there is no static IP that I could use to restrict the API access.
As my App Service uses a free plan, neither VNet Integration nor incoming client certificates are available.
Is there are a way to secure a free App Service API with a APIM in consumption tier with Azure except from implementing it myself?
You have a few options with Consumption SKU in mind:
Basic auth - make APIM send a well known secret and check for that secret in API App.
Client certificate authentication - make APIM use client cert to connect to API App and check for it there.
I am trying evaluate Google Compute Engine (GCE) for a cloud project in our company. We have some experience in working with Amazon Web Services but would like to know if GCE is a better alternative for our project.
I have following questions. Our choice for the project will be based on the answers for the questions so please help me with these queries.
Is there an equivalent of AWS Route53 and Elastic Load Balancer on Google cloud? If they are not available then how do we load balance GCE instances?
Is there a concept like regions? (such as us-east-coast-1, us-west-coast-1, etc…). Helpful in making sure that the service is not affected during natural calamities.
Is there an equivalent of Cloud Watch to help us auto scale compute engine instances based on load?
Can we setup a private cloud on Google cloud platform?
Can we get persistent public IP addresses for GCE instances?
Are there any advantages (in terms of tighter integration OR pricing) when using Google services such as Google Analytics, YouTube, DoubleClick, etc?
Load Balancing
Google Cloud Platform's Compute Engine (GCE) recently added a Load Balancing feature. It's lower level than ELB (it only supports UDP / TCP, not HTTP(S)).
Regions
GCE has feature parity. AWS Regions correspond to GCE Regions, and AWS Availability Zones to GCE Zones
Autoscaling (CloudWatch)
Google Compute Engine does not have autoscaling, but Google App Engine does. Third party tools such as Scalr or RightScale are however compatible with Google Compute Engine
Disclaimer: I do work at Scalr.
Private Cloud
Did you mean dedicated instances? Those are not available in GCE.
If you meant VPC, then you can use GCE networks to achieve isolation. You'll also wish to disable ephemeral external IP addresses for the instances you want to isolate.
Persistent IPs
GCE has persistent IPs, they are called "Reserved Addresses"
Integration with other services
You will likely get better latency to Google services you use in your backend (I recall a couple presentations at Google I/O talking about Google App Engine + BigQuery).
For frontend services (Google Analytics), you'll likely see not benefit, since this depends on your users, not your servers.
My company has an internal google earth enterprise server. I can get to it via http://local/default_map
I like to switch from the public API server, <script src="http://maps.google.com/maps/api/js?v=3&sensor=false"></script>, to the internal one.
But http://local/maps/api/js?v=3&sensor=false returns Forbidden error: You don't have permission to access /maps/api/js/ on this server.
How can I find out if the internal server supports the API feature and how to configure it?