We can set if secure tansfer is enabled or not when creating storage account in azure portal but is there a way to check if a storage account is enabled or not through api/sdk?
Yes, it is possible to do so. If you're using Storage Resource Provider's Get Properties operation on a storage account, you will see a property called supportsHttpsTrafficOnly. True value indicates that secure transfer is enabled and false value indicates it otherwise.
I have not used Java SDK but a quick look at StorageAccount class indicates that this capability is exposed through enableHttpsTrafficOnly() property. So it should be possible to get this information through SDK as well.
You can get this information in multiple ways depending on your preference:
Azure CLI
Azure PowerShell
.Net Fluent SDK
Java SDK
and other SDKs that exist
Here are the snippets reduced to only display the value of the field.
Replace the placeholders <..> with their real values. The storage account will be identified by resource group name and storage account name.
The solutions presume that you now how to authenticate.
Azure CLI
az storage account show --resource-group <ResourceGroupName> --name <StorageAccountName> --query enableHttpsTrafficOnly
Azure PowerShell
Get-AzStorageAccount -ResourceGroupName <ResourceGroupName> -Name <StorageAccountName> | Select-Object EnableHttpsTrafficOnly
Fluent SDK (C# console app)
//requires references for Microsoft.Azure.Management.Fluent and Microsoft.Azure.Management.Storage.Fluent
IAzure myAzure = Azure.Authenticate("azure.auth").WithDefaultSubscription();
Console.WriteLine(myAzure.StorageAccounts.GetByResourceGroup("<ResourceGroupName>", "<StorageAccountName>").Inner.EnableHttpsTrafficOnly);
Java SDK
There is also an SDK for Java and it seems to work in an identical fashion. Looking at the code, you should be able to achieve the same, as with the .NET SDK.
Here is a link for storage account management samples with Java and the SDK:
Java SDK Storage Account Management Go to the section List storage accounts and adapt the sample similar to my C# code (apply getByResourceGroup(...) and .Inner.enableHttpsTrafficOnly
I hope this is of some help.
Related
I need list of azure storage account that turn off azure defender by using rest api or java sdk.
I just found only way to check one by one account by using this api
https://learn.microsoft.com/en-us/rest/api/securitycenter/advancedthreatprotection/get
Do anyone know other way to get this list by use only one request or use sdk?
I can't found any property to determine azure defender status by using java sdk AzureResourceManager library (AzureResourceManager.storageAccounts()).
I have implemented the Android's in-app update API into my android application by following the steps given by Official documentation: Google Official Document and Google Official Document and now I want to test the in-app update flow with my QA build variant.
I am getting an error while trying to upload the android QA build variant into the internal app sharing upload page (internal app sharing) i.e. internal testing track of Google play console.
I am not sure but I think this happens because of different application id (i.e. package name) as I append .qa suffix to original application id. (applicationIdSuffix '.qa')
Is there any way to upload the QA build into the testing track of Google play console by keeping suffix to application id.
Also, the official document says that "To set the priority for an update, use inAppUpdatePriority field under Edits.tracks.releases in the Google Play Developer API. Priority can only be set when rolling out a new release, and cannot be changed later." Does that mean I won't be able to test the update priority with QA build environment and thus the immediate update?
Is there any way where I can test all the above things? Please help...!
I have enabled Google Drive API on Google Developer Console and created a service account credential which is bundled with a service account ID and key ID. Despite that I have tried various ways to manage my own Google Drive account, I could not find a solution which fits for my aim. I need to upload, download and delete the files stored in my own Google Drive. The application that I am going to connect Google Drive is a console one which will be solely used for an academic research.
it's pretty simple. The steps to achieve this are at How do I authorise an app (web or installed) without user intervention? (canonical ?)
Be careful about how securely the refresh token is being stored and what scopes you grant to the app.
I've been looking at Google Cloud Storage. I upload files in my Java program by calling BlobstoreService.createUploadUrl with UploadOptions specifying the default bucket name for the cloud project.
The files appear in the console under the default cloud storage bucket, but the delete button is always disabled. Obviously I'm missing something.
You have to enable the billing to delete file on GCS. When you will enable billing, delete button will be enable.
Hope I can help you..
I've found a way that the buttons are not disabled. Using the storage browser from the regular project console the address is:
https://console.developers.google.com/project/projectname/storage/browser/projectid.appspot.com/?authuser=0
The buttons are disabled at that address. But this one seems to have the buttons working fine:
https://console.developers.google.com/storage/browser/projectid.appspot.com/
answer is here
The files delete with gsutil, no billing enable required.
The disabled buttons referred to in the question are not consistent with this documentation which says:
"Each app can have a default Google Cloud Storage (GCS) bucket that is ready to use with no further activations, configurations, or permission settings required."
Or this which states:
"The bucket is simply there and ready to use, with a free quota. You do not need to make your app billable if you use this option.
Looks like the disabling is a mistake.
According to the Google Drive SDK documentation you need to register your custom application with your Google account to obtain a client-id and client-secret information. You can then use these to build the link for your users to obtain access/refresh tokens.
According to some introductory guides on oAuth I've read, the client-secret information should be kept secretly in some cases and in some not. I'm building a Maven plugin in Java and it seems that you can hardly keep the value secret in this case.
Is it ok to release my code as open source including the client-secret information? Or does it mean a potential risk for me? And if it's not ok then how can I allow other people to use the plugin without disclosing the client-secret value?
See Google's documentation on OAuth 2.0 for Installed Applications:
The Google OAuth 2.0 endpoint supports applications that are installed on a device (e.g. Mobile, Mac, PC). These applications are distributed to individual machines, and it is assumed that these applications cannot keep secrets.
You should be fine releasing the secret. The only risk is that some rogue user "burns up" all your quota. Per-user quotas may help mitigate this issue if it arises.
It depends what you’re releasing. If you’re making a library that other people are going to use to build apps then no, they should register & use their own client secrets for their own apps.
If you have an app that you’re releasing and also want to post the source code because you're a good citizen, I’d also leave the client secret out of the posted source code; people who want their own versions of the apps should register their own clients.
Of course, anything that's compiled into a mobile app isn't really much of a secret any more, because mobile devices can't keep secrets.
Release the code without the tokens and explain how those using your code can get their own.
Otherwise people might abuse yours or copy them for other projects.
Otherwise you can burn your quotas and also if it gets copied into other apps, those will appear as yours ehen the permission dialog pops up to the user (with your app name and logo)