I have a web application consuming a Google Service Account, on behalf of the users' service account is to invoke APIs. I'm looking at available options for logging activities and later filter based on users(or any other criteria available)
much appreciate thoughts on any similar previous experience?
In order to monitor API calls or other administrative actions that modify the configuration or metadata of resources you will have to use Admin Activity audit logs
.
Please keep in mind that in order to view these logs
you must have the Cloud IAM role Logging/Logs Viewer or Project/Viewer
Audit logs also record the identity of the caller that performed an operation.
You may also find more useful information regarding filtering in the "Filtering Audit Logs" paragraph of the Best Practices for Audit Logs documentation.
Let me know if this was helpful.
Related
I'm thinking on my scenario and there is a point I cannot manage to bring to a valid approach:
I have a web app where users log in and, among other things, they can create calendars. If this calendars are marked as publics, all users can see them.
I want them to be able to sync the calendars with their google calendar account. I have this already implemented using gapi.
The problem is when, after a while, any user updates an event of a calendar which other user had synchronized before. He is not going to see the changes in his google calendar, as I'm not able to send him updates since he is not logged into the app.
So, my idea was to create all calendars in our own account, and whoever wants to have it in their google account, just have to subscribe to it. I would do that with gapi.acl lib.
What I don't know how to do is: when the first user wants to syncronize the calendar, it should first be created in our own google account, so that the user will be able to subscribe to it...
But how do I change the account where to create a calendar using gapi?
Maybe it is a stupid question but I cannot manage to find out how to do it.
Thanks in advance!!!!
But how do I change the account where to create a calendar using gapi?
You cant, what you are trying to do is get offline access to a users Google calendar data. OffLine access means that your application can access the users account when the user is "offLine" as in not there. This being a fully automated functionality of your application.
You need to request permission of the user for "offline" access once that is granted you are given a Refresh token the refresh token can then be used to request a new access token when ever your application needs even if the user is "offline".
Your problem being that JavaScript is client side this means that the code is running in the users browser. Due to major security concerns offline access is not something you can request using JavaScript you need to use a server sided programming language.
Maybe it is a stupid question but I cannot manage to find out how to do it.
I don't think its a stupid question but I do think there are some major wholes in your applicating design.
You first need to think of if users really want you writing to their personal calendar account.
Then you need to consider weather or not you want to be writing and sharing your personal calendar with a bunch of unknown users.
There are also major limitations to the number of writes or inserts you can make to a single calendar per day so storing everyone's calendar data in your own calendar is going to not only messy but it may end up overloading your request limit.
Once all that is added up have you considered the verification process this application is going to have to go though. How will you justify your application to googles security review, I am writing to a users calendar, I am storing users calendar data in my own personal calendar ....
I am just getting started with Azure Logic Apps and want to try connecting to SugarCRM.
I was pleased to see this guidance suggesting I should be able to find the SugarCRM connector in the Azure marketplace
https://github.com/Huachao/azure-content/blob/master/articles/app-service-logic/app-service-logic-connector-sugarcrm.md
However, when I try to find it by going to the marketplace on portal.azure.com and searching for SugarCRM, I do not see the connector in the results as described in the above link.
Either it is no longer published or I am doing something wrong. Do I need to do anything special to be able to access this?
I check this on the portal I could find it, then I consult the Azure official. The response is
SugarCRM was on product plan and later was removed. So it was never formally released.
So this feature is not available, if you insist on using this you could go to feedback and vote up this feature. When there are enough people vote for it, there is more chance for it to be added. Here is the feedback link:https://feedback.azure.com/forums/287593-logic-apps/suggestions/20565706-add-sugarcrm
For storage and VM, I can check the current quota usage by following powershell command:
Get-AzureRmStorageUsage
Get-AzureRmVMUsage
Is there similar thing for Azure Search? Either via powershell or Portal is ok.
In addition to monitor usage on portal, you could also get it via Service Statistics.
The Service Statistics request is constructed using HTTP GET and returns from Azure Search the current usage and limits of the following properties.
GET https://[service name].search.windows.net/servicestats?api-version=[api-version]
Content-Type: application/json
api-key: [admin key]
how many S2 or S3 services I can created on a give region?
You can create multiple services within a subscription. Each one can be provisioned at a specific tier. You're limited only by the number of services allowed at each tier. For example, you could create up to 12 services at the Basic tier and another 12 services at the S1 tier within the same subscription. Please refer to this article.
There is an easy way to check your quota usage for an Azure search service, via the portal:
If you open up the overview tab for you search service, you'll be presented with something like this: (image from a search service that I've created)
This shows the quota of resources for your search service and how much of the quota has been used up.
https://learn.microsoft.com/en-us/azure/search/search-limits-quotas-capacity
By using above url if you know what is your service plan then you can see the limits
Is it possible to run a logic app or connector as a service principal, in particular under the consumption plan?
I'd guess forcing the app to run in a non-consumption plan via powershell might give more control over the service principal.
The reason I'd want it to avoid an individual's account to be used during an automated deployment.
The closest I thought was to wrangle https://github.com/logicappsio/LogicAppConnectionAuth to do the oauth automagically using a service principal, however trying similar things for data factory connections proved unfruitful and very time consuming, so I'd rather find out sooner than later if I'm barking up the wrong tree.
API Connections with OAuth authentication, like Office 365 and Microsoft Team connectors, require manual consent. Unfortunately, at this point in time, authentication for those cannot be fully automated.
As you mentioned, this script https://github.com/logicappsio/LogicAppConnectionAuth will avoid some user clicks when authenticating the connectors, but at the end is going to be a manual step.
HTH
I'm currently looking for an overview of the objects (like Accounts, Campaigns, Cases, Contact, Contract, Lead, Opportunity, ...) in the Service Cloud in comarison to the Sales Cloud. I know there are function overviews but there is not list of objects related to those versions yet. I need a clear separation with all objects of both. Maybe someone can help me out?
Please take a look to these schemes:
Salesforce Data Model
Sales objects - Sales Cloud
Support objects - Service Cloud
hope it would be helpful
You can look into Schema Builder, from Object Manager to know more about Object relationships.
Important things for Service Cloud are -
Case object.
Email-to-Case
Omni Channel
Entitlements and Milestones
Email Threading.
You can search on Trailhead as well for Service Cloud trails. Will help for sure.
Thanks.