|
28 | 28 | "source": [ |
29 | 29 | "## Work with files in Azure Blob Storage using a SAS Token\n", |
30 | 30 | "\n", |
31 | | - "Only authenticated requests can send events to Event Hubs. One way to authenticate a request is to provide a Shared Access Signature token: \n", |
32 | | - "- [Authorizing access to Event Hubs resources using Shared Access Signatures](https://learn.microsoft.com/en-us/azure/event-hubs/authorize-access-shared-access-signature)\n", |
33 | | - "- [Generate SAS token](https://learn.microsoft.com/en-us/rest/api/eventhub/generate-sas-token). \n", |
| 31 | + "Only authenticated requests can send REST requests to Azure Blob Storage. One way to authenticate a request is to provide a Shared Access Signature token: \n", |
| 32 | + "- [Delegate access by using a shared access signature](https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature)\n", |
| 33 | + "- [Create an account SAS](https://learn.microsoft.com/rest/api/storageservices/create-account-sas). \n", |
34 | 34 | "\n", |
35 | 35 | "At the moment is not possible to generate a SAS token directly from Azure SQL database, but you can put the code for generating such a token in an Azure Function and call it from Azure SQL database using `sp_invoke_external_rest_point` as well.\n", |
36 | 36 | "\n", |
|
53 | 53 | "end\n", |
54 | 54 | "\n", |
55 | 55 | "-- create database scoped credential\n", |
56 | | - "create database scoped credential [https://azure-event-hubs.servicebus.windows.net]\n", |
57 | | - "with identity = 'HTTPEndpointHeaders', \n", |
58 | | - "secret = '{\"Authorization\": \"SharedAccessSignature sr=azure-event-hubs.servicebus.windows.net%2fmyeventhub&sig=RVDJM1cSo71j73%2bWR0t7ZCZukIjMEvBn%2bWWqSlqkJeM%3d&se=1697310598&skn=RootManageSharedAccessKey\"}';" |
| 56 | + "create database scoped credential [filestore]\n", |
| 57 | + "with identity='SHARED ACCESS SIGNATURE', \n", |
| 58 | + "secret='sv=2022年11月02日&ss=bfqt&srt=sco&sp=seespotrun&se=2023年08月03日T02:21:25Z&st=2023年08月02日T18:21:25Z&spr=https&sig=WWwwWWwwWWYaKCheeseNXCCCCCCDDDDDSSSSSU%3D'\n", |
| 59 | + "go" |
59 | 60 | ] |
60 | 61 | }, |
61 | 62 | { |
|
65 | 66 | "azdata_cell_guid": "5e6e4469-209d-4946-9546-a6acd793b82a" |
66 | 67 | }, |
67 | 68 | "source": [ |
68 | | - "You can then send messages to Event Hubs using the \"Send Event\" API, which is available at `https://azure-event-hubs.servicebus.windows.net/myeventhub/messages` :" |
| 69 | + "You can now create a file and add content to the file:" |
69 | 70 | ] |
70 | 71 | }, |
71 | 72 | { |
|
78 | 79 | }, |
79 | 80 | "outputs": [], |
80 | 81 | "source": [ |
81 | | - "declare @payload nvarchar(max) = '{\"UserId\": \"6C5E29A2-A5E7-449D-BD14-259D61ADC6BE\", \"FirstName\": \"John\", \"LastName\": \"Doe\"}';\n", |
82 | | - "declare @headers nvarchar(4000) = N'{\"BrokerProperties\": \"' + string_escape('{\"PartitionKey\": \"6C5E29A2-A5E7-449D-BD14-259D61ADC6BE\"}', 'json') + '\"}'\n", |
83 | | - "declare @ret int, @response nvarchar(max)\n", |
| 82 | + "declare @payload nvarchar(max) = (select * from (values('Hello from Azure SQL!', sysdatetime())) payload([message], [timestamp])for json auto, without_array_wrapper)\n", |
| 83 | + "declare @response nvarchar(max), @url nvarchar(max), @headers nvarchar(1000);\n", |
| 84 | + "declare @len int = len(@payload)\n", |
84 | 85 | "\n", |
85 | | - "exec @ret = sp_invoke_external_rest_endpoint \n", |
86 | | - " @url = 'https://azure-event-hubs.servicebus.windows.net/myeventhub/messages',\n", |
87 | | - " @headers = @headers,\n", |
88 | | - " @payload = @payload,\n", |
89 | | - "\t\t@credential = [https://azure-event-hubs.servicebus.windows.net],\n", |
90 | | - " @response = @response output;\n", |
| 86 | + "-- Create the File\n", |
| 87 | + "set @url = 'https://blobby.blob.core.windows.net/myblobs/test-me-from-azure-sql.json'\n", |
| 88 | + "set @headers = json_object(\n", |
| 89 | + " 'x-ms-type': 'file',\n", |
| 90 | + " 'x-ms-content-length': cast(@len as varchar(9)),\n", |
| 91 | + " 'Accept': 'application/xml')\n", |
| 92 | + "exec sp_invoke_external_rest_endpoint\n", |
| 93 | + " @url = @url,\n", |
| 94 | + " @method = 'PUT',\n", |
| 95 | + " @headers = @headers,\n", |
| 96 | + " @credential = [filestore],\n", |
| 97 | + " @response = @response output\n", |
| 98 | + "select cast(@response as xml);\n", |
91 | 99 | "\n", |
92 | | - "select @response;" |
| 100 | + "-- Add text to the File\n", |
| 101 | + "set @headers = json_object(\n", |
| 102 | + " 'x-ms-range': 'bytes=0-' + cast(@len-1 as varchar(9)),\n", |
| 103 | + " 'x-ms-write': 'update',\n", |
| 104 | + " 'Accept': 'application/xml');\n", |
| 105 | + "set @url = 'https://blobby.blob.core.windows.net/myblobs/test-me-from-azure-sql.json'\n", |
| 106 | + "set @url += '?comp=range'\n", |
| 107 | + "exec sp_invoke_external_rest_endpoint\n", |
| 108 | + " @url = @url,\n", |
| 109 | + " @method = 'PUT',\n", |
| 110 | + " @headers = @headers,\n", |
| 111 | + " @payload = @payload,\n", |
| 112 | + " @credential = [filestore],\n", |
| 113 | + " @response = @response output\n", |
| 114 | + "select cast(@response as xml)\n", |
| 115 | + "go" |
| 116 | + ] |
| 117 | + }, |
| 118 | + { |
| 119 | + "cell_type": "markdown", |
| 120 | + "metadata": {}, |
| 121 | + "source": [ |
| 122 | + "Now, using the Get Blob REST endpoint, you can read the contents of the file:" |
| 123 | + ] |
| 124 | + }, |
| 125 | + { |
| 126 | + "cell_type": "code", |
| 127 | + "execution_count": null, |
| 128 | + "metadata": {}, |
| 129 | + "outputs": [], |
| 130 | + "source": [ |
| 131 | + "declare @response nvarchar(max);\n", |
| 132 | + "declare @url nvarchar(max) = 'https://blobby.blob.core.windows.net/myblobs/test-me-from-azure-sql.json'\n", |
| 133 | + "exec sp_invoke_external_rest_endpoint\n", |
| 134 | + " @url = @url,\n", |
| 135 | + " @headers = '{\"Accept\":\"application/xml\"}',\n", |
| 136 | + " @credential = [filestore],\n", |
| 137 | + " @method = 'GET',\n", |
| 138 | + " @response = @response output\n", |
| 139 | + "select cast(@response as xml)\n", |
| 140 | + "go" |
93 | 141 | ] |
94 | 142 | }, |
95 | 143 | { |
|
99 | 147 | "azdata_cell_guid": "0afadd91-d62b-4d30-80d2-b7f0c14753ec" |
100 | 148 | }, |
101 | 149 | "source": [ |
102 | | - "## Send Events using Managed Identities\n", |
| 150 | + "## Work with files in Azure Blob Storage using Managed Identities\n", |
103 | 151 | "\n", |
104 | 152 | "Follow the instructions here: [Enable Managed Identity in Azure SQL](./azure-sql-enable-msi.ipynb) to make sure you have Managed Identity enabled for your Azure SQL database, and then check how to grant to right permission on Event Hubs to the Azure SQL Manage Identity, following the instructions here: [Grant permissions to a managed identity in Azure AD](https://learn.microsoft.com/azure/event-hubs/authenticate-managed-identity?tabs=latest#grant-permissions-to-a-managed-identity-in-azure-ad).\n", |
105 | 153 | "\n", |
|
0 commit comments