Building a Serverless API with Azure Functions & Azure Cosmos DB

The demand for scalable, cost-effective, and efficient backend solutions has led to the rapid adoption of serverless computing. Azure Functions is part of Microsoft Azure’s serverless offerings.

The demand for scalable, cost-effective, and efficient backend solutions has led to the rapid adoption of serverless computing. Azure Functions is part of Microsoft Azure’s serverless offerings. It enables developers to run small pieces of code without worrying about infrastructure management. Paired with Azure Cosmos DB—a globally distributed, multi-model database—Azure Functions becomes a…

Gurobi 11.0 Delivers Global Nonlinear Solving, Speed Enhancements, Dynamic Distributed Tuning, And Enterprise Features

The new Gurobi Optimizer 11.0 version was just released by Gurobi Optimization, LLC, a leading decision intelligence technology firm. With the help of Gurobi's potent powers, this release marks a substantial advancement in solving nonlinear real-world situations.

One of Gurobi 11.0's main features is its quickness in locating accurate, globally optimal solutions for complex nonlinear issues. In many different fields, including chemical engineering, price optimization, and electrical flow control, this is especially helpful. Gurobi has demonstrated with this release that it is dedicated to furthering optimization research and giving users the resources they need to take on challenging tasks across a range of sectors.

A significant upgrade to the platform's tuning tool is included in Gurobi 11.0, along with improvements in handling nonlinear situations. With this update, teams can more effectively distribute resources among several users and tasks while fine-tuning. The new feature makes resource usage and collaboration easier, which in turn leads to a more efficient and productive optimization workflow. Tuning is a crucial part of optimization.

Customers may quickly and easily make the best business decisions using Gurobi Optimization's acclaimed decision intelligence technology. Workforce planning, portfolio optimization, supply chain design, and other areas are among the many applications covered. Fundamentally, the Gurobi Optimizer filteres trillions of potential outcomes to find the optimal solutions for its clients.

Read More - https://bit.ly/419LwBV

How I Launched SpellZen for Just $12

Launching a startup can feel daunting and expensive. But when I set out to build SpellZen.com, my goal was to create a simple, user-friendly spelling tool without breaking the bank. In the end, I spent just $12—all for the domain name. Here’s how I did it.

From Idea to Launch in Under a Month

I started working on SpellZen on December 16, 2023, and launched on January 12, 2025. In less than a month, I went from concept to a working site. During that time, I explored local LLMs like Ollama and OpenWebUI, and even dabbled with AI integrations in Minecraft—just to see what AI could really do.

I treated AI like a junior developer, clearly defining tasks, giving examples, and providing detailed guidelines. This approach allowed me to leverage AI effectively to produce reliable and adaptable code that met my goals.

What began as a desire for a quick, focused spelling and definition tool evolved into a more robust platform with scalability in mind. Despite the short timeline, SpellZen quickly became something I’m proud to call a startup.

Keeping Costs Low

1. Buying the Domain

I found SpellZen.com for $12 at a budget-friendly registrar—no fancy add-ons needed.

2. Building It Myself

I coded the site using .NET 9 and Blazor for a responsive, modern interface that prioritized speed and simplicity. AI played a major role in refining spell-check features, especially when it came to turning my prototypes into production-ready code. I approached AI like a collaborator, iteratively testing and improving its output until it aligned with my vision.

3. Hosting on Azure Free Tiers

I used Microsoft Azure—specifically a free-tier VM, CosmosDB, and Azure Active Directory B2C—to keep hosting costs at zero. SSL certificates came via Let’s Encrypt and win-acme, also free.

4. Caching and Rate Limiting

To keep performance strong and expenses low, I implemented caching and rate-limiting, which helped balance resource use without upgrading to pricier database tiers.

5. Core Features First

Instead of piling on features, I launched with spell-check, definitions, and usage examples. This “keep-it-simple” approach led to a solid MVP that I can expand on later.

6. Time Over Money

The real expense was my time—working late nights and early mornings to get SpellZen ready for launch. Even so, it was worth every minute to see the vision come to life in under a month.

Running Costs

While the initial launch cost was minimal, there are some ongoing expenses to keep SpellZen running smoothly:

AI API Usage: I opted for a low-token application setup to minimize costs associated with the AI API. This ensures that SpellZen remains efficient without incurring hefty fees.

VM IP Address Fee: There is a small fee for the IP address that the Azure Virtual Machine uses. However, with the $200 Azure credit you receive upon opening an account, this cost is significantly offset, allowing the credit to go a long way in covering these minor expenses.

These running costs are kept to a minimum, ensuring that SpellZen remains affordable while providing a reliable service to its users.

The Hiccups (and How I Fixed Them)

Of course, it wasn’t all smooth sailing. I ran into a few bumps:

CosmosDB Free-Tier Limitations: I initially expected multiple free containers but discovered I only got one. A quick fix (with AI’s coding help) got the database structure updated fast.

Azure AD B2C Challenges: The documentation for Azure Active Directory B2C lacked clarity. Trying out different configurations tested my patience, but ultimately, it worked—and saved me from picking a costlier solution like Auth0.

AI Output Issues: Sometimes, the AI-generated code didn’t align with my expectations. At times, it added or removed code in unexpected ways, requiring extra review and debugging. While frustrating, these instances reminded me to double-check everything and to treat AI output as a starting point, not a final solution.

SSL Setup: I was used to paying more than $60 for an SSL. Let’s Encrypt and win-acme made things free and simple to set up on a VM. Though I initially dreaded using Let’s Encrypt, win-acme made the process surprisingly easy.

These hiccups were frustrating at times, but they taught me how to be resourceful and confirmed that sticking to free or low-cost solutions can still yield professional results.

Why I Believe It’s Worth It

By starting small, I gave myself the space to learn, adapt, and grow. SpellZen is now more than just a website—it’s a foundation that can evolve alongside its users. It’s also a demonstration of how AI can be harnessed for good: to help us communicate more effectively without overwhelming complexity.

AI for Good

I believe AI should make life better. SpellZen is a small example of how AI can help people sharpen their skills and write with confidence. Hopefully, it encourages others to use AI in ways that build us up, spark creativity, and simplify everyday tasks.

My Takeaway

You don’t need a huge budget to make something meaningful. If you have a clear vision and you’re willing to put in the work, you can build and launch your idea—even for the price of a few snacks. So, if you’ve been sitting on a project, start small, stay focused, and bring it to life. You never know where it might lead.

Ready to see it for yourself? Check out SpellZen.com. And remember—don’t Google it… SpellZen it!

Software Development Internship in Bangalore, Hyderabad at Sustain Farmers

About the internshipSelected intern’s day-to-day responsibilities include:1. Develop and Maintain: Write clean, scalable code for mobile applications using React Native and Expo. Ensure applications are responsive and updated. 2. Backend Integration: Work with Node.js and Express to develop and maintain server-side logic, API services, and database integration with PostgreSQL and CosmosDB. 3.…

Azure Boomi

Title: Supercharge Your Integrations: The Power of Azure and Boomi

Introduction

In today’s rapidly evolving digital landscape, seamlessly integrating disparate systems and applications is essential for success. Organizations must synchronize data, streamline processes, and create unified customer experiences across a complex web of on-premises and cloud-based technologies. This is where the combination of Microsoft Azure and Boomi comes into play. Let’s explore what makes this duo compelling for businesses seeking to optimize their integration strategies.

What is Boomi?

Boomi is a leading cloud-based integration platform and service (iPaaS). It provides a user-friendly, drag-and-drop interface for building and deploying integrations without extensive coding knowledge. Boomi’s key strengths include:

Vast Connector Library: Boomi offers pre-built connectors for various applications and services, including popular Azure components.

Ease of Use: Its low-code environment makes integration more accessible to developers and business users.

Hybrid Deployment: You can deploy Boomi Atoms (runtimes) within Azure for enhanced cloud connectivity or leverage the fully cloud-based Boomi platform.

What is Microsoft Azure?

Microsoft Azure is a comprehensive cloud computing platform offering many services. These services include:

Infrastructure as a Service (IaaS): Virtual machines, storage, networking

Platform as a Service (PaaS): Managed databases (SQL, CosmosDB), web app hosting, analytics tools

Software as a Service (SaaS): Office 365, Dynamics 365, and many more.

Azure and Boomi: A Winning Combination

By leveraging Azure and Boomi together, organizations gain several compelling benefits:

Accelerated Integration: Boomi’s pre-built connectors to Azure services (like Azure SQL, Azure Blob Storage, Azure Service Bus, and more) significantly streamline the integration process.

Scalability and Reliability: Azure’s robust infrastructure ensures your Boomi integrations’ scalability and high availability, even as they manage increased workloads.

Reduced Costs: The pay-as-you-go approach of Azure and Boomi’s consumption-based pricing helps optimize integration expenditure.

Enhanced Security: Azure’s world-class security features and Boomi’s secure data management practices safeguard your sensitive data.

Key Use Cases

Let’s look at some practical use cases where Azure and Boomi integration shines:

Hybrid Cloud Connectivity: Seamlessly bridge cloud-based applications in Azure with on-premises systems using Boomi.

Real-time Data Synchronization: Enable real-time data exchange between Azure databases and business applications for up-to-date insights.

SaaS Integration: Easily connect cloud-based Azure SaaS offerings with other cloud-native or on-premises applications.

IoT Integration: Use Boomi to collect and process data from IoT devices hosted in Azure and integrate it into your business systems.

Getting Started

If you’re ready to integrate Boomi with Azure, follow these steps:

Boomi Account: If you don’t have one, create one.

Azure Subscription: You’ll need an active Azure subscription.

Azure Resources: Create the required Azure services, such as databases and storage accounts you want to integrate.

Boomi Connectors: Find and configure the appropriate Azure connectors within the platform.

You can find more information about Dell Boomi in this  Dell Boomi Link

 

Conclusion:

Unogeeks is the No.1 IT Training Institute for Dell Boomi Training. Anyone Disagree? Please drop in a comment

You can check out our other latest blogs on  Dell Boomi here – Dell Boomi Blogs

You can check out our Best In Class Dell Boomi Details here – Dell Boomi Training

Follow & Connect with us:

———————————-

For Training inquiries:

Call/Whatsapp: +91 73960 33555

Mail us at: [email protected]

Our Website ➜ https://unogeeks.com

Follow us:

Instagram: https://www.instagram.com/unogeeks

Facebook: https://www.facebook.com/UnogeeksSoftwareTrainingInstitute

Twitter: https://twitter.com/unogeek

Azure Synapse Link for Cosmos DB: New Analytics Capabilities

https://www.infoq.com/news/2023/11/azure-synapse-link-cosmosdb/?utm_campaign=infoq_content&utm_source=dlvr.it&utm_medium=tumblr&utm_term=AI%2C%20ML%20%26%20Data%20Engineering-news

Using Bicep to Deploy Azure Cosmos DB SQL Role Assignments

Learn how to Deploy Azure Cosmos DB SQL Role Assignments using Bicep. #AzureBicep #CosmosDB #AzureActiveDirectory

View On WordPress

MVPConf Latam 2020

Acredito que todos que leem meus posts, assistem meus vídeos e me acompanham sabe o que é o Microsoft MVP (Most Valuable Professional). Se ainda não conhece, você pode saber mais através deste mvp.microsoft.com/pt-br

Em 2018, alguns colegas MVPs tiveram uma ideia sensacional! Criar um evento que reunisse esses nomes de peso da comunidade técnica brasileira e cobrasse pelo evento, com a nobre…

View On WordPress

Assim como nos idiomas, os sistemas de armazenamento (especialmente os bancos de dados) também possuem a habilidade de falar várias "línguas". No caso dos bancos de dados, cada idioma está relacionado com um paradigma de armazenamento: relacional, nosql, orientado a documentos, orientado a grafos, dentre vários outros.

Com isso, o termo "persistência poliglota" ganhou força com o uso de vários paradigmas de armazenamento em uma mesma aplicação ou até mesmo em um único banco de dados.

Um dos bancos de dados mais usados e que utiliza a persistência poliglota de forma nativa é o CosmosDB, da Microsoft. Ele permite o armazenamento de dados utilizando paradigmas distintos, em um mesmo banco de dados, como por exemplo, unindo o armazenamento orientado a grafos e o armazenamento orientado a documentos.

Confere todos os detalhes no vídeo! 😎 📚 📈

How to Build a real-time Angular 8 Application - Full instructions ☞ https://morioh.com/p/e43a782adfc6?f=5c21fb01c16e2556b555ab32

#angular #aspnet #cosmosdb #signair

Reading Notes #379 http://bit.ly/2WWp510

Benefits of Cosmos DB Cosmos DB is a fully managed NoSQL and relational database for modern app development. Cosmos DB offers single-digit millisecond response times, automatic and instant scalability, along with guarantee speed at any scale.

Is Azure CosmosDB really broken?

Microsoft has warned thousands of its Azure cloud computing customers, including many Fortune 500 companies, about a vulnerability that left their data completely exposed for the last two years.

A flaw in Microsoft’s Azure Cosmos DB database product left more than 3,300 Azure customers open to complete unrestricted access by attackers. The vulnerability was introduced in 2019 when Microsoft added a data visualization feature called Jupyter Notebook to Cosmos DB. The feature was turned on by default for all Cosmos DBs in February 2021.

A listing of Azure Cosmos DB clients includes companies like Coca-Cola, Liberty Mutual Insurance, ExxonMobil, and Walgreens, to name just a few.

“This is the worst cloud vulnerability you can imagine,” said Ami Luttwak, Chief Technology Officer of Wiz, the security company that discovered the issue. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”

Despite the severity and risk presented, Microsoft hasn’t seen any evidence of the vulnerability leading to illicit data access. “There is no evidence of this technique being exploited by malicious actors,” Microsoft told Bloomberg in an emailed statement. “We are not aware of any customer data being accessed because of this vulnerability.” Microsoft paid Wiz $40,000 for the discovery, according to Reuters. In an update posted to the Microsoft Security Response Center, the company said its forensic investigation included looking through logs to find any current activity or similar events in the past. “Our investigation shows no unauthorized access other than the researcher activity,” said Microsoft.

In a detailed blog post, Wiz says that the vulnerability introduced by Jupyter Notebook allowed the company’s researchers to gain access to the primary keys that secured the Cosmos DB databases for Microsoft customers. With said keys, Wiz had full read / write / delete access to the data of several thousand Microsoft Azure customers.

Wiz says that it discovered the issue two weeks ago and Microsoft disabled the vulnerability within 48 hours of Wiz reporting it. However, Microsoft can’t change its customers’ primary access keys, which is why the company emailed Cosmos DB customers to manually change their keys in order to mitigate exposure.

Today’s issue is just the latest security nightmare for Microsoft. The company had some of its source code stolen by SolarWinds hackers at the end of December, its Exchange email servers were breached and implicated in ransomware attacks in March, and a recent printer flaw allowed attackers to take over computers with system-level privileges. But with the world’s data increasingly moving to centralized cloud services like Azure, today’s revelation could be the most troubling development yet for Microsoft.

Protecting your environment

As described in their initial blog here on #chaosDB, Wiz Research team found an unprecedented critical vulnerability in the Azure Cosmos DB. The vulnerability gives any Azure user full admin access (read, write, delete) to another customers Cosmos DB instances without authorization.

How the vulnerability in CosmoDB is working

Outside the scope of the immediate remediation actions. It is important to review our networking & access strategy in the light of the #chaosDB vulnerability. The key question is what can we do to build our environments to be more bulletproof and completely avoid these kind of large scale vulnerabilities in the future.

Using RBAC: getting rid of secrets

The first and most important take away is that shared secrets such as ComosDB primary key are insecure and should be deprecated in favor of modern authentication methods.

The fact that CosmosDB has a primary key that can be shared across users and services, all using the same secret without any clear way to audit, monitor or revoke access is simply unacceptable from a security perspective.

The longer term goal should be to transition from these insecure primary/secondary keys to role based access that does not require any secrets at all. Role base access is already supported for Comsos DB and can in fact block the primary key to allow RBAC auth only. However, according to Microsoft documentation, the RBAC support is currently highly limited and doesn’t provide data plane access. Once fully supported, it should be high priority to transition into this new model.

Using private endpoints:  minimizing  cross-account exposure

The other exposure aspect which should be greatly improved is network exposure. Although Cosmos DB allows to activate an IP based firewall, in reality this doesn’t help to block cross account access since majority of services still require access. Even worse, services without static Ips require users to practically open their databases to the entire world (“Azure only” Ips is the same as saying “any attacker with an Azure tenant”).

The only valid approach to build CosmosDBs and other services with minimal network exposure is to leverage private endpoints to the extreme and ensure that no assets is externally exposed.

This approach as well is hard to implement as not all services actually support private endpoints. However this should be the goal of every organization as they plan the next network design.

The post Is Azure CosmosDB really broken? appeared first on PureSourceCode.

from WordPress https://www.puresourcecode.com/news/microsoft/is-azure-cosmosdb-really-broken/

How to create a event hub on the Azure portal

Azure Resource Group

Azure Resource Group – Principle of Resource Groups HomeMicrosoft Azure Fundamentals (AZ-900) Azure Resources – Principle of Resource Groups

Imagine you've joined an organization who has been moving to the cloud. This development happened naturally across various offices, and brought about an absence of attention to what's now been made and where everything is. There's no capacity to handily figure out who claims which assets. There's no implementation of norms for things like asset names, asset sizes, and geographic areas. There's likewise been a few cases where basic assets were coincidentally erased, causing business-basic blackouts.

Your supervisor has requested that you head up a push to place some request into the turmoil, however you're new to Azure and aren't completely certain what you can do to improve this.

Sky blue Resource Manager has various highlights that you can use to arrange assets, authorize guidelines, and shield basic Azure assets from coincidental erasure. We'll take a visit through these highlights, and show how you can utilize them for your potential benefit.

Standards of Azure Resource Gatherings

In your first week on your new position, you've glanced through the current assets in your organization's Azure membership. There are various asset bunches that contain a wide range of assets, yet they aren't composed into a rational structure. You've chipped away at Azure previously, yet aren't totally certain how asset bunches work and what their job is. You've speculated (accurately) that they can assume a part by they way you sort out your assets. We should take a gander at what they are, and how they can be utilized.

What are asset gatherings?

Asset bunches are a central component of the Azure stage. An asset bunch is an intelligent compartment for assets conveyed on Azure. These assets are anything you make in an Azure membership like virtual machines, Application Gateways, and CosmosDB examples. All assets must be in an asset gathering and an asset must be an individual from a solitary asset gathering. Numerous assets can be moved between asset bunches with certain administrations having explicit impediments or necessities to move. Asset bunches can't be settled. Before any asset can be provisioned, you need an asset bunch for it to be put in.

Resource Gathering

Asset bunches exist to help oversee and compose your Azure assets. By setting assets of comparable use, type, or area, you can give some request and association to assets you make in Azure. Intelligent gathering is the perspective that we're generally inspired by here, since there's a great deal of turmoil among our assets.