Azure Logic Apps–Deleting Items From SharePoint (Online) List

 I have a scenario at work where we need to provide some simple syncronization between a SQL Azure table and a SharePoint Online Custom List. As a pre-requisite each morning before business users get into the office, we need to purge the contents from the SharePoint list and update it with today’s data + a 6 day forecast of future data.

I have integrated  BizTalk with custom SharePoint Lists in the past, and even wrote about it in one of my books. It wasn’t a particularly good experience so I was interested in evaluating how Logic Apps would deal with custom lists. 

One difference between BizTalk and Logic Apps, in this case, is that BIzTalk has a SharePoint Adapter but it will only interface with SharePoint Document Libraries. If you wanted to integrate BizTalk with SharePoint Custom lists you are likely going to do so with the Lists.asmx web service.  While it is completely possible to use this custom web service approach, be prepared to spend a few hours (if you are lucky) getting everything working.

With Logic Apps, it is a very different experience.  From the Logic Apps canvas you need to add a trigger to kick off your workflow.  In my case, I used a Recurrence trigger that will run every day at 7:45 am.  I can also kick this trigger off manually in the Azure Portal if I wish.

Recurrence

Next, I want to add an action and then search for SharePoint from the Microsoft managed APIs dropdown.  After we do that, all available SharePoint Online operations will be displayed.

In my case, I want to purge all items, but there is no Delete List operation.  Instead, I need to get all items in my list first, so that I can use the ID from each record to delete that item.  In my scenario I expect 7 days * 24 hourly records (168 items) to be in my list at any given time so this load is not a concern.

With this situation in-mind, I will select the Get Items  operation.

SharePointGetItems

Once I have selected my Get Items operation, I need to establish my connection to my Office 365 subscription. (I will spare you from the password prompts)

SharePointSignIn

With my connection established, I now need to provide the URL to my SharePoint List.  I can also specify optional parameters that control the number of items returned. 

I must say the experience in this dialog is a good one.  I can click on the Site URL dropdown and all of the sites that I have access to will be in that list.  Once I have selected my URL and then click on the List Name dropdown, I then see all the lists that I have access to on that site.

GetItems

Next, I need to add another activity and this time I will select the Delete Item operation.

SharePointBrowse

I have a similar experience in the Delete Item dialog that I had in the Get Items dialog.  With my connection already established, I need to provide the same Site URL  and the same List Name.  What is different this time is I need to provide an ID for the list item that I would like to delete.  In this case it will be an ID  that is coming from my Get Items response.

Delete Item

You might be asking yourself – will how is that going to work for all of my items in my list?  Don’t you need a for loop to iterate through the Get Items collection? The answer is Yes, but the Logic Apps team has made this very simple – they have done the heavy lifting for you.  If you go into Code View you can see it there:

foreach”: “@body(‘Get_items’)[‘value’]”,
“inputs”: {
    “host”: {
        “api”: {
            “runtimeUrl”: “https://logic-apis-westus.azure-apim.net/apim/sharepointonline”
        },
        “connection”: {
            “name”: “@parameters(‘$connections’)[‘sharepointonline’][‘connectionId’]”
        }
    },
    “method”: “delete”,
    “path”: “/datasets/@{encodeURIComponent(encodeURIComponent(string(‘https://SharePointsharepoint.com/sites/HOPOC/Bighorn/SitePages/Home.aspx’)))}/tables/@{encodeURIComponent(encodeURIComponent(string(‘c28b1ea2-e2a0-4faf-b7c2-3eerec21a8b’)))}/items/@{encodeURIComponent(string(item()[‘ID’]))}”
},

 

Awesome!

The end result is a Logic App that looks like this:

Total Solution

I can now my Logic App from the Azure Portal by clicking on Select Trigger and then recurrence.

Run

I can follow my execution and dive into my Get Items and Delete Items calls.  By inspecting my inbound and outbound traces I can see the exact payloads and HTTP Status codes from the underlying operations.  In this case I was able to delete 300 items in 23 seconds.  For each item in my collection, a Delete Item call is made.

Execution

Conclusion

It honestly took me about 10 minutes to figure this out.  Part of the reason why I am writing about this is I know how long this would take with BizTalk. I anticipate it would take at least 3 hours to do this in BizTalk if it was your first time.  So this isn’t a knock against BizTalk, as Logic Apps has been built, IMO, for these lightweight scenarios with little friction.

In the short term I think Microsoft Integration architects and developers will have many opportunities like this one where you can choose one tool or the other.  For me, developer productivity needs to be part of that equation.  Where the systems that you are integrating are hosted will also play a role.  In this case, I am connecting to SharePoint Online and SQL Azure so it also doesn’t make sense, IMO, to route all of this info back on-premises only to go back up to the cloud.

We may also see a Hybrid approach where a BizTalk process can call out to a Logic App where you can take advantage of these new Logic App connectors.  This was something that Microsoft discussed at 2016 Integrate Event in London.

In a future blog post we will talk about the other half of this solution which is how to create items in SharePoint Online from SQL Azure.

Speaking at Integrate 2016

BizTalk360 has recently released more details on their annual conference in London.  This year there is a name change.  Instead of the BizTalk Summit, the name gets altered to align with the “Integrate” brand.  In case you were not aware, BizTalk360 organized the last Integrate Summit in Redmond back in December 2014 so it makes sense to carry that name forward. BizTalk360 has been working closely with the Microsoft product groups to put on a great event.

This year the summit looks to be better and bigger than ever.  There are more than 20 speakers lined up over 3 days .  The speakers have a variety of backgrounds including Microsoft Product Group, Consultants, Customers, System Integrators and MVPs. There is also an opportunity to hear from the Microsoft’s leadership team and get insight into their plans as it pertains to Azure App Service and Integration.

The session abstracts look great! The topics cover a broad set of technologies that will appeal to integration focused professionals.  The topics include:

  • BizTalk Server 2016
  • Azure Logic Apps
  • Azure App Service
  • Azure Service Bus (Event Hubs and Messaging)
  • Internet of Things (IoT)
  • Azure API Management
  • Azure Stream Analytics
  • Power Bi

My topic will focus on some the recent learnings from an Industrial IoT project.  I will talk about tag data ingestion, complex event processing (calculations, reference data, out of bounds, absence of event) and visualization.  I will also throw in a little BizTalk and Logic apps for good measure.

This will be my third time speaking in London at a BizTalk360 event.  I am once again looking forward to the experience as BizTalk360 always puts on a good show and it is a great opportunity to network with the excellent European Integration community.

For more details, please check out the event page.  There are early bird specials so pay close attention to the dates.

See you in London!

http://www.biztalk360.com/integrate-2016/

speaker-badge

Be careful with Azure Stream Analytics, PowerBi and Azure AD MFA

Ran into an interesting situation today.  I have some real time Azure Stream Analytics (ASA) streams that feed a couple Power BI dashboards.  I also took the plunge with getting enabled with Azure Multi Factor Authentication (MFA).  The MFA setup was fine but I logged back into the Azure Portal later to notice that my ASA job had stopped.  When I looked in the ASA Monitoring Logs I found the following Send Error:

image

Followed by a User authentication error:

image

I was able to put 2 and 2 together and the timelines aligned to when my MFA was turned on but I was still perplexed.  I mean this wasn’t a Windows service that had an out of date password. My credentials were never associated to the ASA job. I did use MFA when logging into the portal so that wasn’t it.  I tried to restard the ASA job multiplie times as the portal was giving me a “this is a transient error message”….it wasn’t.

It wasn’t until it clued in on me that when you set Power Bi Outputs for Stream Analytics that you need to also authenticate using your credentials.  As soon as MFA was enabled, my credentials had expired and I needed to log back in which did result in an MFA challenge.  I got through that and could start my job and outstanding events streamed through.

Conclusion

This isn’t a production workload so the damage was minimal.  It does beg the question thought that if you are publishing events from ASA to PowerBI, what is the right way to authenticate with Power BI?  Should you be creating a “system” account with no MFA and no password being reset?  I am open to recommendations if you have them. 

Azure Logic Apps Preview Refresh: Moving a v1 app to v2

The Microsoft Integration team (BizTalk/Logic Apps) recently hit an important milestone.  They have launched the Logic Apps Preview Refresh.  You can find the original press release here.

The purpose of this post is to highlight some of the recent investments and then take an existing v1 Logic App and rebuild it in v2.

New Designer

Probably the biggest feature released was the new designer experience.  As opposed to the Left –> Right workflow we saw in v1 of Logic Apps, we now find ourselves moving top-down.  I think for most BizTalk people, moving top-down is more natural.

Search/Intellisense

In addition to top-down, we also have a search/intellisense type experience when looking for new shapes(connectors).  It is a neat way to approach the problem as a canvas that contains pages and pages of connectors isn’t the best user experience.

image

Intelligent Output

Another benefit is we are not as dependent on the Logic Apps Workflow Language.  It is still there but Microsoft has abstracted much of that away from us.  So if we want to use a value from a previous step in our workflow we can just select it.  A great addition!

image

This is very much welcomed over the v1 equivalent: A new table has been created @{body(‘wearsy.servicenow.apiapp’).TableName}

Decisions…Decisions

Another investment has been in the way you add an action or a condition.  No longer is a condition ‘hidden’ at the card/connector level.  Very explicit, easy to read and natural.

image

Moving the furniture

With v1 of Logic Apps, once you had a card on the canvas you were committed.  Rearranging the cards was only possible using the json in the code behind.  It at times was painful, so this is a great add. You can now move cards back and forth as long as you are not breaking dependencies.

image

image

Native Webhook support

Logic Apps now supports Webhooks which allows developers to build ‘callback’ interfaces over HTTP.  Many services support Webhooks as  a way to extend their offering including Visual Studio Online, GitHub, Stripe and Paypal to name a few. An example the Logic Apps team likes to use is that you can call a Logic App from Visual Studio when code is committed to your master branch as a way to kick off other downstream processes.

Managed APIs

In v1 of Logic Apps, there was always a provisioning exercise when you wanted to use a new connector/API App. This added some delays in your dev experience and also forced you to create multiple instances in the event you had some different connection strings.  Now, Microsoft has provisioned a set of Managed API connections.  This means that there is zero delay when using out of the box API connections.

This does have an impact on existing v1 API Apps that you have created and that is one of the main reasons for this post.  Since a custom v1 API App is not in this Managed API list it will not be immediately discoverable within Logic Apps.  (This is bound to change as we are still in preview and Microsoft is working on this)  But, since v1 API Apps were decorated with Swagger meta-data, we can take advantage of the Http + Swagger connector in order to consume our existing Swagger “contract”.

Note: There are a few actions that you need to perform in order for your v1 API App to be discoverable.  In order to avoid duplications, I will refer you to Jeff Hollan’s (Microsoft) post and Daniel Probert’s post.

As a starting point, here is my v1 Logic App.  I documented the use case here so I won’t get into a lot of details about what it does.  In summary, on a regular basis I want this Logic App to initiate, create a table in Service Now using my custom Service Now connector and send me a text message when it is complete.

image

With my configuration set as described in those previous blog posts I am going to create a new logic app.

  • The first step that I want to perform is to add the Recurrence card to my Logic App.  I will then set a frequency. In this case it is set to a minute but I will revert it back to 1 week after I am done testing.  Interesting that Microsoft has added a timezone field and a starttime field. 

image

  • Next, I will add my Http + Swagger connector. When you think about it, this is actually a very powerful feature.  Swagger (recently renamed OpenAPI) is the leading API markup language used by IBM, Amazon, Apigee and many others.  What this means is that any API that has Swagger metadata can now be “plugged” into Logic Apps.  This has already provided many benefits.  An example is that the Microsoft Cortana Analytics team has been including Swagger metadata in their APIs so now Logic Apps can plug them in and developers do not have to worry about connectivity or write their own wrappers.  This is a big win!

image

  • With my Swagger URL in my clipboard I can paste it in to the Endpoint URL text box and click the Next button.

image

  • We will now discover all of the different operations that are available for me to use in my Logic App.

image

  • For the purpose of this post, I will use the Table_PostByValue operation. There are 4 attributes that need to be set.  Since I want my table to be dynamic, I will use the Logic App Workflow Language functions.  I did run into a bit of a bug with this one.  If you need to use the @utcnow() function, set it in the code behind. The Product Team is aware and will be addressing this issue.

image

  • After configuring my ServiceNow Api App, I want to now send a text message using the v2 Twilio API App. I can easily add it by starting to type the word “Twilio”.

image

  • I previously had a Twilio account so I needed to log into their website to obtain my credentials.

image

  • Next, I need to provide my Twilio phone number and the phone number where I would like to receive a text. I also want to provide some text in the message and include the name of the table that was just created.  By using Swagger, Logic Apps knows that the Service Now API App will return the name of the Table that was created and as a result I can simply click on that item and have it added to my message body.

image

  • After all my configuration is complete, this is what my Logic App looks like.  Pretty clean!!!

image

  • The end result when testing is that I have a new table created and receive a text message.  Note that Service Now instance is the pacific region which accounts for the 1 hour timestamp delta.

image

image

Conclusion

While still in preview, we can see that the Microsoft team is working hard and is focused on providing continuous value to customers.  While there are some features I would like to see included, this was a good release and a step in the right direction.

Protecting your Azure Event Hub using Azure API Managment

We are currently embarking on an Event Hub project where we will be processing device “reads” on a frequent basis. You can consider the use case to be in the Industrial IoT space but the difference is we do not have to manage the devices.  Without geting into a lot of details, we have aggregators responsible for that.  For this reason we decided not to pursue the Azure IoT Suite as we really just need Event Hub capabilities.

We will not have a lot of publishers, but the question did come up how can we protect, or restrict where traffic is coming from and how we manage keys to our service.  Event Hubs currently does not have an ability to white list a set of IP Addresses.  This implies that someone could take your SAS key and potentially ‘pollute’ your Event Hub from a location that has no business publishing to your Event Hub.

Another option is to issue SAS tokens, which do have expiration timestamps attached to them. This will not get you away from the location in which the publisher is pushing events to your Event Hub.  But, it does ensure if you have a key leakage that its TTL (time to live) reduces risks.  I am going to continue to explore this path in a later post or talk.

But for the purpose of this post, I am going to focus on API Managment (APIM) + Event Hubs to see what we can do.  In a previous post, I did speak about using Azure API Management policies to limit where an API can be called from.  We will leverage that post in the interest of keeping this post short(er).

The first thing we need to understand is the mechanics of calling an Event Hub using HTTP.  The Service Bus team, does prefer AMQP and for good reasons (see Publishing an event section) but back to the whitelisting requirement we are left with HTTP.  In order to call an Event Hub via HTTP there is some information that we need to collect including:

  • Create ServiceBus Namespace
  • Create Event Hub
  • Create Shared Access Policy

    In this case we will create a Send Access Policy.  We do not want to provide uncessary privileges to our publisher; such as the ability to consume from our Event Hub.

    image

  • Generate a SAS token. To accomplish this feat, I used a tool by Sandrino Di Mattia which is available here:  https://github.com/sandrinodimattia/RedDog/releases/tag/0.2.0.1  When you run the tool, you will be prompted for some of your ServiceBus information including Namespace, Event Hub Name, an arbitrary Publisher Name and details from the SAS Policy you just created.  Once you provide this infromation and click on the Generate button you will have a SAS Token based upon the TTL that you specified. Copy this token as we will need it in future steps.image
  • We now can assemble our URL for our Event Hub based upon the following information:

URL:  https://NAMESPACE.servicebus.windows.net/EVENTHUB-NAME/publishers/PUBLISHER-NAME/messages
NAMESPACE: Your Service Bus Namespace
EVENTHUB-NAME Name of your Event Hub
PUBLISHER-NAME This is somewhat arbitrary.  What I used here was the name of my Shared Access Policy.  Make sure to use the same value that you used to generate SAS Token.

TESTING

We can now test our ability to send a message to our Event Hub using HTTP and PostMan.  In order to call our Event Hub using HTTP we will need our SAS token that we just generated and our URL.

In order to call the Event Hub endpoint we will need to create an Authorization Header and populate it with our SAS token.

image

Following that we can provide our URL and a message body that we want to send to Event Hubs. After clicking on the Send button we will see we get an HTTP 201 status code.

image

Azure API Management

We now know we can use HTTP to populate our Event Hub.  With this done, lets configure our API Management instance.  I am not going to go into a lot of detail on how to set up Azure API Management.  I will refer you to a previous presentation video and tutorial on the subject.

Within Azure API Management we want to do the following

  • Create an API In order to do this we will need our Event Hub URL that we used in PostMan.

image

  • Create an Operation (and meta data).  In this case there is no URL rewriting that needs to be performed.  Our requests will be passed through.

image

  • Apply our policies to Operation.  In this case we will add two policies:
    • IP Filter where I will include my IP Address and set action = “allow”
    • Set Header where I will provide my SAS Token that will allow my API Management instance to talk to Event Hubs.

image

  • Create Product

    image

    • Add API to Product

    image

    • Publish Product
    • Assign Access to Product

      image

      Testing

      Since we are using IP Whitelisting, I will make a call using PostMan, but this time I will send it through the API Management Proxy.

      In order to call our endpoint through API Management, we will need our API Key which is available from the Azure Portal.  We can access this information from the Users menu.  We can then click on the Show link where we can then copy our key.

      image

      In PostMan, we will want to add an Authorization Header called ocp-apim-subscription-key and then provide our API Key that we just copied.

      image

      Next, we can provide our URL, message body and click Send button.

      image

      As you can see we have a successful publish through APIM and receive an HTTP 201 back.

      image

      To ensure our IP Whitelist is working, let’s try to call our service from the API Management Developer’s Console. As expected, we get an HTTP Status code of 403 Forbidden back which is as expected.

      image

      Azure Stream Analytics–Querying JSON Arrays

      I have been learning Stream Analytics recently and ran across an issue that I couldn’t find any good examples of how to solve the problem so I figured I would post my solution.

      I fully expect to expand on this scenario in coming months, but for now will keep the scenario light.  What I am doing is getting device reads off of an Azure Event Hub.  These reads are being aggregated on the publisher side and placed into a single message/event.  Since the publisher is creating a message structure that contains many device reads for that specific interval I wanted to ensure I can process each element in the array within my Stream Analytics query.

      My message payload looks like this:

      {
          “interchangeID”: “94759e00-b7cf-4036-a2a5-827686caace2”,
          “processType”: “RT”,
          “tagDetails”: [

      {“tagName”: “TAG1″,”tagTimestamp”: “15-Jan-2016 12:47:30″,”tagValue”: 2.756858951,”tagQuality”: “524481”},
      {“tagName”: “TAG2″,”tagTimestamp”: “15-Jan-2016 12:47:30″,”tagValue”: 2.756858952,”tagQuality”: “524482”},
      {“tagName”: “TAG3″,”tagTimestamp”: “15-Jan-2016 12:47:30″,”tagValue”: 2.7568589533,”tagQuality”: “524483”}
      {“tagName”: “TAG4″,”tagTimestamp”: “15-Jan-2016 12:47:30″,”tagValue”: 2.7568589534,”tagQuality”: “524484”}

      ]

      }

      From a Stream Analytics perspective, here is what my query looks like:

      SELECT tagDetails.ArrayValue AS tag
      FROM inputeventhub AS e
      CROSS APPLY GetArrayElements(e.tagDetails) AS tagDetails

      When I execute my query, my result looks like this:

      ASAResults

      The key to making this query works is the “CROSS APPLY” operators.  MSDN describes these operators as: “The APPLY operator allows you to invoke a table-valued function for each row returned by an outer table expression of a query. The table-valued function acts as the right input and the outer table expression acts as the left input. The right input is evaluated for each row from the left input and the rows produced are combined for the final output. The list of columns produced by the APPLY operator is the set of columns in the left input followed by the list of columns returned by the right input.

      There are two forms of APPLY: CROSS APPLY and OUTER APPLY. CROSS APPLY returns only rows from the outer table that produce a result set from the table-valued function. OUTER APPLY returns both rows that produce a result set, and rows that do not, with NULL values in the columns produced by the table-valued function.”

      Then as part of the SELECT statement, we are able to iterate through each value in the array which gives us our columns.

      Stay tuned for more info on Event Hubs and Stream Analytics as I continue to get more familiar with them.  One thing I have learned early is that they are very powerful together.

      Also, as an additional resource, I encourage you to visit the MSDN Complex Data Types post which will give you some examples of other more complex scenarios.

      Azure Logic Apps Automation

      Lately I have been building my own SaaS connector for a well known SaaS vendor.  This vendor (which will remain nameless for this post) provides free dev instances for devs to play with.  There is a limitation though.  If you do not create an object in their system within 10 days you will have your instance revoked.  My interest in the platform has been very much related to calling their APIs and unfortunately calling their APIs does not count as ‘usage’.  To work around this I have been manually logging into the service and creating a dummy table which resets the counter.

      I have been meaning to automate this function and a recent hackathon gave me the opportunity to do so.  I extended my SaaS connector to include a Table entity and the ability to create a new Table based upon some parameters via their API.

      Recently, I have have been seeing more and more people automating simple tasks in Logic Apps so I figured why not.  I can use the Recurrence Trigger in Logic apps, generate some unique parameters, using expression language, and then create my table once a week using a unique name.  This saves me from manually performing this same action.

      To add some ‘bells and whistles’ to my Logic App, I added the Twilio connector so that I can receive a text message whenever this new table is created.  Perhaps in the future I will also automate the clean-up of these tables.

      Here is my Logic App – I call it Vakna which means (awake in Swedish –  I was sitting beside my Swedish buddies when I built it).

      image