Overview

Hello techs, There are many Database structures we are using in our  development desires. Using CosmosDB Emulator developers are able to develop and test applications locally without having azure subscription and account in Cloud of Azure. So let’s have a look deeply and get what’s Cosmos DB Emulator and its installations.

Introduction

The Azure Cosmos Emulator provides an environment to the developer to develop applications using Azure CosmosDB service.

For using CosmosDB Emulator, Developers can work locally and test the data properly without having an Azure subscription.

Multiple APIs like SQL, Cassandra, MongoDB, Gremlin (graph traversal language), and APIs, With a variety of options developers can develop applications in CosmosDB Emulator.

What is CosmosDB?

Azure DatabaseDB with NoSQL database service was designed for high performance along with world-wide distribution for availability.

For achieving application reliability and responsiveness, instances of these applications need to be deployed in datacenters that are close to their users.

Bulk of data changes of applications have a large storage which can be available to users in milliseconds.

System Requirements

Azure CosmosDB Emulator required following requirements:

Software requirements

Minimum Hardware requirements

Prerequisites

Windows Server 2012 R2, Windows Server 2016, or Windows 10

64-bit operating system

2GB RAM

10GB available hard disk space

Azure provides a free of charge without having a subscription to the CosmosDB Emulator. For working in CosmosDB we need .NET Core 2.1 SDK or further versions.

Original Source : Cosmo DB Emulator Installation

Reading Notes #428 https://ift.tt/2ZWO60E

Linked Servers for Azure's NoSQL CosmosDB

Despite its reputation, I'm still a massive fan of linked servers. Microsoft developed it for a reason and it's ongoing presence on the platform since day one says it all. No one told you to pull back a gazillion rows on an inner join with a local table. So, when I saw it's now possible to use it with Azure's CosmosDB, a cloud based NoSQL database, wow, this could be useful and had to try it out myself. It's all possible through a simple ODBC Driver.

Despite its reputation, I’m still a massive fan of linked servers. Microsoft developed it for a reason and it’s ongoing presence on the platform since day one says it all. No one told you to pull back a gazillion rows on an inner join with a local table. So, when I saw it’s now possible to create a linked server to Azure’s CosmosDB, a cloud based NoSQL database, wow, this could be useful and had…

View On WordPress

What you'll learn In this course we would explore various Cloud services available on Microsoft Azure.Learn about Cloud Storage services like- Blob, File Storage, and QueueLearn about Database Services like CosmosDB and SqlDBLearn about Azure Command Line Interface (AZ CLI), Cloudshell, Storage ExplorerDeploy projects on - blob, file, host static & dynamic website, host wordpress site, integrate cosmodb and sql db into applicationLearn about Networking tools like- DNS, Traffic Manager, Firewall, ExpressRoute, Virtual WAN, Vnet, NSGLearn about Containers like- Docker, Kubernetes, Service Fabric Cluster, AKS, Container Instance, Container RegistryLearn about DevOps features like- Boards, Artifacts, Repos, Pipelines, TestPlan, Tool Integration, DevTest labsMicrosoft Azure the fastest growing cloud computing platform, which is currently the second most popular just after Amazon Web Services. You could be familiar with AWS or any other cloud computing platform, or you could be a someone interested to learn professional level skills on Microsoft Azure, this comprehensive tutorial would provide you sufficient knowledge with hands-on practical demonstrations of wide range of cloud services on Microsoft Azure.The course curriculum is designed in a way that it would be helpful for Azure Solution Architect- AZ 300 or AZ 303 Certification exam. Before getting this certification you must have subject matter expertise in designing and implementing solutions that run on Microsoft Azure, including aspects like compute, network, storage, and security.A Cloud Solution Architect is person who is expected to perform various roles that include advising stakeholders and translating business requirements into secure, scalable, and reliable cloud solutions. An Azure Solution Architect could partner with cloud administrators, cloud DBAs, and clients to implement solutions.In this course you would be learning various concepts and skills on Microsoft Azure, including-Cloud Storage services like- Blob, File Storage, and Queue. Database Services like CosmosDB and SqlDB.Azure Command Line Interface (AZ CLI), Cloudshell, Storage Explorer.Projects like- Storage, Host a Website on Cloud, Wordpress, etcNetworking tools like- DNS, Traffic Manager, Firewall, ExpressRoute, Virtual WAN, Vnet, NSG.Containers like- Docker, Kubernetes, Service Fabric Cluster, AKS, Container Instance, Container Registry.DevOps features like- Boards, Artifacts, Repos, Pipelines, TestPlan, Tool Integration, DevTest labs.You will also learn Project on CosmosDB, and SQL Database.Moreover, if you utilize your time precisely for learning Azure cloud services, you could prepare for Azure Solutions Architect exam easily and learn Azure in 30 days.Who this course is for:Anyone who would be interested to learn Cloud Computing with Microsoft Azure.Would be interested in learning various cloud services and options available on Microsoft Azure.Want to make a career with Cloud Computing.Would be interested in Microsoft Azure Solution Architect Certification.

Is Azure CosmosDB really broken?

Microsoft has warned thousands of its Azure cloud computing customers, including many Fortune 500 companies, about a vulnerability that left their data completely exposed for the last two years.

A flaw in Microsoft’s Azure Cosmos DB database product left more than 3,300 Azure customers open to complete unrestricted access by attackers. The vulnerability was introduced in 2019 when Microsoft added a data visualization feature called Jupyter Notebook to Cosmos DB. The feature was turned on by default for all Cosmos DBs in February 2021.

A listing of Azure Cosmos DB clients includes companies like Coca-Cola, Liberty Mutual Insurance, ExxonMobil, and Walgreens, to name just a few.

“This is the worst cloud vulnerability you can imagine,” said Ami Luttwak, Chief Technology Officer of Wiz, the security company that discovered the issue. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”

Despite the severity and risk presented, Microsoft hasn’t seen any evidence of the vulnerability leading to illicit data access. “There is no evidence of this technique being exploited by malicious actors,” Microsoft told Bloomberg in an emailed statement. “We are not aware of any customer data being accessed because of this vulnerability.” Microsoft paid Wiz $40,000 for the discovery, according to Reuters. In an update posted to the Microsoft Security Response Center, the company said its forensic investigation included looking through logs to find any current activity or similar events in the past. “Our investigation shows no unauthorized access other than the researcher activity,” said Microsoft.

In a detailed blog post, Wiz says that the vulnerability introduced by Jupyter Notebook allowed the company’s researchers to gain access to the primary keys that secured the Cosmos DB databases for Microsoft customers. With said keys, Wiz had full read / write / delete access to the data of several thousand Microsoft Azure customers.

Wiz says that it discovered the issue two weeks ago and Microsoft disabled the vulnerability within 48 hours of Wiz reporting it. However, Microsoft can’t change its customers’ primary access keys, which is why the company emailed Cosmos DB customers to manually change their keys in order to mitigate exposure.

Today’s issue is just the latest security nightmare for Microsoft. The company had some of its source code stolen by SolarWinds hackers at the end of December, its Exchange email servers were breached and implicated in ransomware attacks in March, and a recent printer flaw allowed attackers to take over computers with system-level privileges. But with the world’s data increasingly moving to centralized cloud services like Azure, today’s revelation could be the most troubling development yet for Microsoft.

Protecting your environment

As described in their initial blog here on #chaosDB, Wiz Research team found an unprecedented critical vulnerability in the Azure Cosmos DB. The vulnerability gives any Azure user full admin access (read, write, delete) to another customers Cosmos DB instances without authorization.

How the vulnerability in CosmoDB is working

Outside the scope of the immediate remediation actions. It is important to review our networking & access strategy in the light of the #chaosDB vulnerability. The key question is what can we do to build our environments to be more bulletproof and completely avoid these kind of large scale vulnerabilities in the future.

Using RBAC: getting rid of secrets

The first and most important take away is that shared secrets such as ComosDB primary key are insecure and should be deprecated in favor of modern authentication methods.

The fact that CosmosDB has a primary key that can be shared across users and services, all using the same secret without any clear way to audit, monitor or revoke access is simply unacceptable from a security perspective.

The longer term goal should be to transition from these insecure primary/secondary keys to role based access that does not require any secrets at all. Role base access is already supported for Comsos DB and can in fact block the primary key to allow RBAC auth only. However, according to Microsoft documentation, the RBAC support is currently highly limited and doesn’t provide data plane access. Once fully supported, it should be high priority to transition into this new model.

Using private endpoints:  minimizing  cross-account exposure

The other exposure aspect which should be greatly improved is network exposure. Although Cosmos DB allows to activate an IP based firewall, in reality this doesn’t help to block cross account access since majority of services still require access. Even worse, services without static Ips require users to practically open their databases to the entire world (“Azure only” Ips is the same as saying “any attacker with an Azure tenant”).

The only valid approach to build CosmosDBs and other services with minimal network exposure is to leverage private endpoints to the extreme and ensure that no assets is externally exposed.

This approach as well is hard to implement as not all services actually support private endpoints. However this should be the goal of every organization as they plan the next network design.

The post Is Azure CosmosDB really broken? appeared first on PureSourceCode.

from WordPress https://www.puresourcecode.com/news/microsoft/is-azure-cosmosdb-really-broken/

Arquitetura Multicloud – Aula 3

Arquitetura Multicloud – Aula 3

Professor Rodrigo Vale.

 Banco de dados em multicloud.

 “Os provedores de cloud estão conseguindo evoluir muito nesta tecnologia”

 Bancos de dados são tecnologia da década de 70.

 Os provedores estão conseguindo criar soluções para crescimento tanto vertical quanto horizontalmente.

 Os provedores estão criando banco de dados com compatibilidade de API.

 Podemos dividir banco de dados em 4 tecnologias:

 - Pré-nuvem (Tradicional)

- Gerenciados por parceiros e/ou provedor. (Gerenciamento da base de dados é feita por terceiros) – MongoDB e Mariadb.

- Nativos da nuvem. (Pensado na escalabilidade da nuvem) – Yugabyte.

- Bancos criados pelos provedores de nuvem, serverless. Amazon Aurora, Google Spanner e Azure CosmoDB.

 - Casos de uso:

 Cloud Bursting

Portability cross-Cloud

Seleção best-of-Breed.

Recuperação de desastre

  CDC – Change data capture.

Load labancers geralmente pertencem a uma região maior. Ou seja, mesmo quando uma região inteira cai, os load balancers ainda continuam disponíveis.

 [Resumo]

  Arquitetura multi-cloud – Aula 3

Data Analytics

Professor: Rodrigo Vale

 Gartner: 10 principais tendencias de data analytics em 2021.

 1: IA mais inteligente, responsável e escalonável.

2: Dados combináveis e analises.

3: Data fabric é a base.

4: De dados grandes a pequenos e abrangentes. (Migração de bigdata -> ilhas de dados)

5: XOps  (Integração dos dados gerados pelas diversas operações.  DevOps, DataOps e etc)

6: Inteligencia de decisão de engenharia.

7: Dados e analise como uma função empresarial central.

8: O grafo relaciona tudo; (Conectar os diversos tipos de dados para enriquecer as informações e extrair conhecimento rico)

9: A ascenção do consumidor ampliado. (

10: Dados e analise no Edge.

 Processo de analise de dados:

 Analise de dados em mulit-cloud:

Modelo mais comum:

 [Resumo]

We are pleased to announce the release of the new version Stimulsoft Reports and Dashboards 2019.4, which already available for download.

This major release comes with the number of changes, including the new installer, support for custom maps, HiDPI support, and critical fix with printing in Chrome77, the new CosmoDB data adapter and etc.

Detailed descriptions of the most critical changes in Stimulsoft Reports version 2019.4 are available here https://www.stimulsoft.com/en/blog/news/stimulsoft-reports-and-dashboards-new-version-2019-4-released.

Solicito un Analista de Sistemas con Compromiso

New Post has been published on https://www.tuempleord.do/2019/10/01/solicito-un-analista-de-sistemas-con-compromiso/

Solicito un Analista de Sistemas con Compromiso

Propósito: Analizar, desarrollar y mantener soluciones de software (aplicaciones) internas para satisfacer las diferentes necesidades de la empresa. Participar con el Team leader, en el levantamiento de requisitos. Crear controles de validación: TDD, Unit Test y otros métodos, para la calidad del software.

Perfil Como mínimo un año de experiencia en el área de informática. – Lenguaje de Programación: .Net MVC, C#, Java, PHP, otros. Plataformas: Web, Mobile Web, nativo Mobile (Android, iPhone). Framework xamarin, ionic, Swift, Android.dev kit. Base de Datos: Oracle, MS Sql, mySql, no-sql[mongodb, cosmodb], ElasticSearch, Solr, otras. Html/Javascript: WEB (Responsive/html5), jQuery, Angular.js, node.js, json, Web services, micro-services, Restful/soap, otros.

Competencias: Analítico, Buenas relaciones humanas, Compromiso, Organización.

Correo Electrónico: [email protected]

Reading Notes #367 https://ift.tt/2Tc3Bii

Reading Notes #290 http://ift.tt/2uozsig

Reading Notes #320 https://ift.tt/2G63Q8z

Reading Notes #307 http://ift.tt/2A02Tf7

Reading Notes #292 http://ift.tt/2wm4LJB

Reading Notes #285 http://ift.tt/2rGTnJR

Analista de Mercadeo con Compromiso y Organización.

New Post has been published on https://www.tuempleord.do/2019/10/01/analista-de-mercadeo-con-compromiso-y-organizacion/

Analista de Mercadeo con Compromiso y Organización.

Propósito: Analizar, desarrollar y mantener soluciones de software (aplicaciones) internas para satisfacer las diferentes necesidades de la empresa. Participar con el Team leader, en el levantamiento de requisitos. Crear controles de validación: TDD, Unit Test y otros métodos, para la calidad del software.

Perfil Como mínimo un año de experiencia en el área de informática. – Lenguaje de Programación: .Net MVC, C#, Java, PHP, otros. Plataformas: Web, Mobile Web, nativo Mobile (Android, iPhone). Framework xamarin, ionic, Swift, Android.dev kit. Base de Datos: Oracle, MS Sql, mySql, no-sql[mongodb, cosmodb], ElasticSearch, Solr, otras. Html/Javascript: WEB (Responsive/html5), jQuery, Angular.js, node.js, json, Web services, micro-services, Restful/soap, otros.

Competencias: Analítico, Buenas relaciones humanas, Compromiso, Organización.

Correo Electrónico: [email protected]

Analista de Sistemas con Buenas relaciones humanas

Analista de Sistemas con Buenas relaciones humanas

Perfil Como mínimo un año de experiencia en el área de informática. – Lenguaje de Programación: .Net MVC, C#, Java, PHP, otros. Plataformas: Web, Mobile Web, nativo Mobile (Android, iPhone). Framework xamarin, ionic, Swift, Android.dev kit. Base de Datos: Oracle, MS Sql, mySql, no-sql[mongodb, cosmodb], ElasticSearch, Solr, otras. Html/Javascript: WEB (Responsive/html5), jQuery, Angular.js,…

View On WordPress