I am trying to list all resources in a Subscription using Rest API Call.
https://management.azure.com/subscriptions/{SubscriptionID}/resources?api-version=2021-04-01
It works fine when I run it with Built-In RBAC Role Reader Permissions. For security reasons, I wanted to avoid having read access to entire scope of subscription. So, I need to create a Custom Role with specific permissions\actions to list all Resources in a Subscription.
I am trying with below Custom Role but not able to get any response from Rest API call.
{
"properties": {
"roleName": "AzResourceTest",
"description": "To test the exact ACLs needed to get Resources List from a Subscription",
"assignableScopes": [
"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
],
"permissions": [
{
"actions": [
"Microsoft.Resources/resources/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
]
}
}
Can someone please suggest what should I use in actions to get resources.
Got it. "Microsoft.Resources/subscriptions/resources/read" is the action for Custom Role to list resources in a subscription
Related
I am trying to integrate Google tag manager with a simple UWP application,To achieve this I am using SDKforGoogleAnalytics library (This is the only library i can find in entire internet which does this job). Using this library I am able to send pageviews to Google and get back a success response. But in real google analytics dashbord this pageviews are never logged. an anyone point out what can be going wrong here? or is there any other way to integrate Google analytics with UWP?
My sample Request
v:1
tid:UA-12345678-1
cid:xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx
an:xxxxxx-xxxx-xxx-xxxx-xxxxxxxxx
av:1.0.0.0
cd:Main
sr:1366x768
vp:1366x696
ul:en-US
t:screenview
Response
{
"hitParsingResult": [ {
"valid": true,
"parserMessage": [ ],
"hit": "/debug/collect?v=1\u0026tid=UA-12345678-1\u0026cid=b91b73fb-xxxxx-xxxx-xxxx-xxxxxxxxx\u0026an=2ec26bec-xxxx-xxxx-ab91-da6243a8c6aa\u0026av=1.0.0.0\u0026cd=Main\u0026sr=1366x768\u0026vp=1366x696\u0026ul=en-US\u0026t=screenview"
} ],
"parserMessage": [ {
"messageType": "INFO",
"description": "Found 1 hit in the request."
} ]
}
You have to track pageview instead sceenview. Mobile tracking with Universal Analytics has been deprecated so if you want to use measurement protocol use t=pageview and relative required parameters (like location).
When I try to get a user in a lambda on Amazon Web Services:
var client = new AmazonCognitoIdentityProviderClient();
var user = await client.GetUserAsync(new GetUserRequest { AccessToken = request.AccessToken });
I get error:
Cannot determine protocol
Lambda is published with the role to which AmazonCognitoPowerUser policy is attached.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"cognito-identity:*",
"cognito-idp:*",
"cognito-sync:*",
"iam:ListRoles",
"iam:ListOpenIdConnectProviders",
"sns:ListPlatformApplications"
],
"Resource": "*"
}
]
}
Pattern cognito-idp:* permits to take any action, in particular, the creation and deletion of users happens without problems. Only getting doesn't work.
To the role additionally gave admin rights - full access to everything. Useless. How could that be?
There are many tips in Internet to create a provider with anonymous permissions:
new AmazonCognitoIdentityProviderClient(new AnonymousAWSCredentials())
then the receiving user is works. But not working create/delete user, which is natural.
With an explicit setting of the keys (accessKey, secretKey) getting the user also works.
Q: how do I get a user from under a specific role without having to set parameters directly?
I'm implementing an API that is written in C# using ASP.NET Web API. The implementation of our API calls out to DocuSign e.g. in order to request signatures for contracts. Our application interacts with DocuSign through its REST API.
I would like to be able to create a template for our contract document and then simply reference this template when sending the contract via the REST API.
The issue I have is that the contract document needs to include data that is queried from our database, e.g. a list of products that are specific to a recipient.
Is it possible to add placeholders in the template that can then be replaced, via the REST API, with recipient-specific text/data that is queried from a database?
Yes this is easy to do through the API. Let's say you want to get a person's name and SSN and have a template that has two data fields in it called ApplicantName and ApplicantSSN. By referring to the tabLabel of each you can dynamically set their values, so for instance:
{
"accountId": "221765",
"emailSubject": "DocuSign API Example",
"templateId": "44D9E888-3D86-4186-8EE9-7071BC87A0DA",
"templateRoles": [
{
"email": "sally.doe#email.com",
"name": "Sally Doe",
"roleName": "RoleOne",
"tabs": {
"textTabs": [
{
"tabLabel": "ApplicantName",
"value": "John Doe"
},
{
"tabLabel": "ApplicantSSN",
"value": "12-345-6789"
}
]
}
}
],
"status": "sent"
}
Just make sure you exactly match the name you set in the UI with the tabLabel you set through the API call.
I have been using the PayPal Rest API and have successfully created and activated a BillingPlan but I'm having trouble updating said plan's return_url. I think it's something to do with the JSON path I'm using although I'm not sure why!?
Anyway, I am calling the update plan method: https://developer.paypal.com/docs/api/#update-a-plan
A BillingPlan follows the format:
{
"id": "P-94458432VR012762KRWBZEUA",
"state": "ACTIVE",
"name": "T-Shirt of the Month Club Plan",
"description": "Template creation.",
"type": "FIXED",
...
"merchant_preferences": {
"setup_fee": {
"currency": "USD",
"value": "1"
},
"max_fail_attempts": "0",
"return_url": "http://example.com",
"cancel_url": "http://example.com",
"auto_bill_amount": "YES",
"initial_fail_amount_action": "CONTINUE"
},
...
}
I'm using the C# SDK but my request JSON should look very much like:
{
"path": "merchant_preferences",
"value": {
"return_url": "http://example.com/payment/return"
},
"op": "replace"
}
I keep getting responses along the line's of:
{"name":"BUSINESS_VALIDATION_ERROR","details":[{"field":"validation_error","issue":"Invalid
Path provided."}],"message":"Validation
Error.","information_link":"https://developer.paypal.com/webapps/developer/docs/api/#BUSINESS_VALIDATION_ERROR","debug_id":"2ae68f9f0aa72"}
To sum up - I want to change the billing plan return_url from http://example.com to http://example.com/payment/return.
I've changed the path to various things to no avail. Can anyone help??
You cannot update the plan, once it is set to active. The reason for that restriction is that because there could be possible agreements based on that plan, modifying it would affect the already agreed billing agreements.
However, I agree with your problem statement, that changing the Return URL should not be an issue as this is not a part of agreement, but more of a configuration change. It would be nice to somehow allow updating similar settings in Plan, even after active. I will let the API team know about that.
however, in the mean time, there is no way you would be able to do that. Alternatively, you could possibly create a new plan, and use that instead. Not the answer you are looking for, but a probable solution.
I'm confused here,
I'm trying to get user data using Facebook Api, I'm requesting email permission using scope=email like this:
https://www.facebook.com/dialog/oauth?client_id=MY_APP_ID&redirect_uri=MY_URI&scope=email
In Facebook access confirmation window I see that my application requests access to the email, but even after that when I do request to Graph Api it doesn't return the email (it does return all other fields)
If I do a request like this:
https://graph.facebook.com/me?fields=id,name,email&access_token=MY_TOKEN
it only returns id and name.
Thank you all guys for your time. It started to work by itself after I deleted the app access from My account in Facebook and then tried to get access again.
Try using c# sdk it's to easy with it. There are some examples in this link.
Hope it helps.
Use the FQL API for this:
query:
select contact_email from user where uid=me()
Call:
https://api.facebook.com/method/fql.query?format=json&query=select+contact_email+from+user+where+uid%3Dme%28%29&access_token=[access_token]
Check whether you have the permission of email or user have unchecked it while approving the request you raised from the URL : facebook.com/dialog/oauth?client_id=MY_APP_ID&redirect_uri=MY_URI&scope=email. You can check using https://graph.facebook.com/me?fields=permissions&access_token=[TOKEN]. It should give you response notifying whether email permission is granted or not like below:
{
"permissions":{
"data": [
{
"permission": "user_friends",
"status": "granted"
},
{
"permission": "email",
"status": "granted"
},
{
"permission": "public_profile",
"status": "granted"
}
]
},
"id": "10207905751235096"
}
check facebook tool explorer for more: https://developers.facebook.com/tools/explorer/
I'm not sure if this is for an app, if so, I had the same problem until I published my app. Check the documentation to see if it applies to you:
https://developers.facebook.com/apps/{your app id}/review-status/
After approved, the email and other sensitive info will show...