+1. In the URL, select `POST` and enter `/?soapAction={any}` in the resource. The template parameter inside the curly brackets is arbitrary and doesn't affect the execution.

+> [!NOTE]

+> Don't use the **OpenAPI specification** editor in the **Design** tab to modify a SOAP API.

+<xml-to-json kind="javascript-friendly | direct" apply="always | content-type-xml" consider-accept-header="true | false" always-array-child-elements="true | false"/>

+|always-array-child-elements|The attribute must be set to one of the following values.<br /><br /> - `true` - Always convert child elements into a JSON array.<br />- `false` - Only convert multiple child elements into a JSON array. Convert a single child element into a JSON object.<br/><br/>Policy expressions are allowed.|No|`false`|

+ Title: Use header rewrite to add HSTS header in portal - Azure Application Gateway

+description: Learn how to use the Azure portal to configure an Azure Application Gateway with HSTS Policy

+# Add HSTS headers with Azure Application Gateway - Azure portal

+This article describes how to use the [Header Rewrite](./rewrite-http-headers-url.md) in [Application Gateway v2 SKU](./application-gateway-autoscaling-zone-redundant.md) to add HTTP Strict-Transport-Security (HSTS) response header to better secure traffic through Application Gateway.

+HSTS policy helps protect or minimize your sites against man-in-the-middle, cookie-hijacking, and protocol downgrade attacks. After a client has established the first successful HTTPS connection with your HSTS-enabled website, HSTS header ensures going forward the client can access only through HTTPS.

+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.

+## Before you begin

+You need to have an Application Gateway v2 SKU deployment to complete the steps in this article. Rewriting headers isn't supported in the v1 SKU. If you don't have the v2 SKU, create an [Application Gateway v2 SKU](./tutorial-autoscale-ps.md) deployment before you begin.

+## Sign in to Azure

+Sign in to the [Azure portal](https://portal.azure.com/) with your Azure account.

+## Create required objects

+To configure HSTS policy, you must first complete these steps:

+1. Create the objects that are required for adding an HSTS header:

+ - **HTTP Listener**: Create a basic or multisite HTTP listener. This listener must listen on port 80, and the protocol must be set to HTTP.

+ - **HTTPS Listener**: Create a basic or multisite HTTPS listener. This listener must listen on port 443, have the protocol set to HTTPS, and contain a certificate.

+2. Create a routing rule that redirects all the traffic from the HTTP listener to the HTTPS listener.

+To learn more about how to set up http to https redirection, see [HTTP to HTTPS Redirection](./redirect-http-to-https-portal.md).

+## Configure HSTS policy

+In this example, we will add the Strict Transport Security (STS) response header, using the rewrite rules of application gateway.

+1. Select **All resources**, and then select your application gateway.

+2. Select **Rewrites** in the left pane.

+3. Select **Rewrite set**:

+ :::image type="content" source="./media/hsts-http-headers-portal/add-rewrite-set.png" alt-text="Screenshot that shows how to add a rewrite set." lightbox="./media/hsts-http-headers-portal/add-rewrite-set.png":::

+4. Provide a name for the rewrite set and associate it with a routing rule:

+ - Enter the name for the rewrite set in the **Name** box.

+ - Select one or more of the rules listed in the **Associated routing rules** list. You can select only rules that haven't been associated with other rewrite sets. The rules that have already been associated with other rewrite sets are dimmed.

+ - Select **Next**.

+

+ :::image type="content" source="./media/hsts-http-headers-portal/name-and-association.png" alt-text="Screenshot that shows how to add the name and association for a rewrite set.":::

+5. Create a rewrite rule:

+ - Select **Add rewrite rule**.

+ :::image type="content" source="./media/hsts-http-headers-portal/add-rewrite-rule.png" alt-text="Screenshot that shows how to add a rewrite rule.":::

+ - Enter a name for the rewrite rule in the **Rewrite rule name** box. Enter a number in the **Rule sequence** box.

+ :::image type="content" source="./media/hsts-http-headers-portal/rule-name.png" alt-text="Screenshot that shows how to add a rewrite rule name.":::

+6. Add an action to rewrite the response header:

+ - In the **Rewrite type** list, select **Response Header**.

+ - In the **Action type** list, select **Set**.

+ - Under **Header name**, select **Common header**.

+ - In the **Common header** list, select **Strict-Transport-Security**.

+ - Enter the header value. In this example, we'll use `max-age=31536000; includeSubdomains; preload` as the header value.

+ - Select **OK**.

+ :::image type="content" source="./media/hsts-http-headers-portal/action.png" alt-text="Screenshot that shows how to add an action.":::

+7. Select **Create** to create the rewrite set:

+ :::image type="content" source="./media/hsts-http-headers-portal/create-rewrite-set.png" alt-text="Screenshot that shows how to click create." lightbox="./media/hsts-http-headers-portal/create-rewrite-set.png":::

+## Limitations and Recommendations

+ - In order to maximize security, you must show HSTS policy as soon as possible when users begin an HTTPS session. In order to enforce HTTPS for a given domain, the browser only needs to observe the STS header once. Hence, it should be added to home pages and critical pages of a site. However, that is not sufficient, it is best practice to cover as much of the URL space as possible and prioritize non-cacheable content.

+ - In this example, the response header Strict-Transport-Security is set to `max-age=31536000; includeSubdomains; preload`. However, users can also set the header to equal `max-age=31536000; includeSubdomains`, removing the preload. Preloading helps strengthen HSTS by ensuring clients always access the site using HTTPS, even if it is their first time accessing it. You must submit your domain and subdomains to https://hstspreload.org/ in order to ensure that users will never access the site using HTTP. Although the preload list is hosted by Google, all major browsers use this list.

+

+ - HSTS Policy will not prevent attacks against TLS itself or attacks on the servers.

+## Next steps

+To learn more about directives, please visit https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

+To learn more about how to set up some common header rewrite use cases, see [common header rewrite scenarios](./rewrite-http-headers-url.md).

+The following reference outlines the properties supported by the Azure App Configuration Kubernetes Provider `v2.1.0`. See [release notes](https://github.com/Azure/AppConfiguration/blob/main/releaseNotes/KubernetesProvider.md) for more information on the change.

+|loadBalancingEnabled|The setting that enables your workload to distribute requests to App Configuration across all available replicas. If the property is absent, a default value of `false` is used.|false|bool|

+|monitoring|The key-values monitored for change detection, aka sentinel keys. The key-values from Azure App Configuration are refreshed only if at least one of the monitored key-values is changed. If this property is absent, all the selected key-values will be monitored for refresh. |false|object|

+When you plan and develop your individual functions to run in Azure Functions, you're typically focused on the code itself. Azure Functions makes it easy to deploy just your code project to a function app in Azure. When you deploy your code project to a function app that runs on Linux, the project runs in a container that is created for you automatically. This container is managed by Functions.

+| **[Azure Container Apps]** | Azure Functions provides integrated support for developing, deploying, and managing containerized function apps on [Azure Container Apps](../container-apps/overview.md). This enables you to manage your apps using the same Functions tools and pages in the Azure portal. Use Azure Container Apps to host your function app containers when you need to run your event-driven functions in Azure in the same environment as other microservices, APIs, websites, workflows, or any container hosted programs. Container Apps hosting lets you run your functions in a managed Kubernetes-based environment with built-in support for open-source monitoring, mTLS, Dapr, and KEDA. Supports scale-to-zero and provides a servless pay-for-what-you-use hosting model. You can also request dedicated hardware, even GPUs, by using workload profiles. _Recommended hosting option for running containerized function apps on Azure._ |

+| **[Azure Functions]** | You can host your containerized function apps in Azure Functions by running the container in either an [Elastic Premium plan](./functions-premium-plan.md) or a [Dedicated plan](./dedicated-plan.md). Premium plan hosting provides you with the benefits of dynamic scaling. You might want to use Dedicated plan hosting to take advantage of existing unused App Service plan resources. |

+| **[Kubernetes]** | Because the Azure Functions runtime provides flexibility in hosting where and how you want, you can host and manage your function app containers directly in Kubernetes clusters. [KEDA](https://keda.sh) (Kubernetes-based Event Driven Autoscaling) pairs seamlessly with the Azure Functions runtime and tooling to provide event driven scale in Kubernetes. Just keep in mind that running your containerized function apps on Kubernetes, either by using KEDA or by direct deployment, is an open-source effort that you can use free of cost, with best-effort support provided by contributors and from the community. You're responsible for maintaining your own function app containers in a cluster, even when deploying to Azure Kubernetes Service (AKS). |

+## Feature support comparison

+The degree to which various features and behaviors of Azure Functions are supported when running your function app in a container depends on the container hosting option you choose.

+| Feature/behavior | [Container Apps (integrated)][Azure Container Apps] | [Container Apps (direct)](../container-apps/overview.md) | [Premium plan](./functions-premium-plan.md) | [Dedicated plan](./dedicated-plan.md) | [Kubernetes] |

+| | | ||-| |

+| Product support | Yes | No | Yes |Yes | No |

+| Functions portal integration | Yes | No | Yes | Yes | No |

+| [Event-driven scaling](./event-driven-scaling.md) | Yes⁵ | Yes ([scale rules](../container-apps/scale-app.md#scale-rules)) | Yes | No | No |

+| Maximum scale (instances) | 1000¹┬á| 1000¹┬á| 100²┬á| 10-30³┬á| Varies by cluster┬á|

+| [Scale-to-zero instances](./event-driven-scaling.md#scale-in-behaviors) | Yes | Yes | No | No | KEDA |

+| Execution time limit┬á| Unbounded⁶| Unbounded⁶ | Unbounded⁷ | Unbounded⁸ | None┬á|

+| [Core Tools deployment](./functions-run-local.md#deploy-containers) | [`func azurecontainerapps`](./functions-core-tools-reference.md#func-azurecontainerapps-deploy) | No | No | No | [`func kubernetes`](./functions-core-tools-reference.md#func-kubernetes-deploy) |

+| [Revisions](../container-apps/revisions.md) | No | Yes |No |No |No |

+| [Deployment slots](./functions-deployment-slots.md) |No |No |Yes |Yes |No |

+| [Streaming logs](./streaming-logs.md) | Yes | [Yes](../container-apps/log-streaming.md) | Yes | Yes | No |

+| [Console access](../container-apps/container-console.md)┬á| Not currently available⁴┬á| Yes | Yes (using [Kudu](./functions-how-to-custom-container.md#enable-ssh-connections))┬á| Yes (using [Kudu](./functions-how-to-custom-container.md#enable-ssh-connections))┬á| Yes (in pods [using `kubctl`](https://kubernetes.io/docs/reference/kubectl/)) |

+| Cold start mitigation | Minimum replicas | [Scale rules](../container-apps/scale-app.md#scale-rules) | [Always-ready/pre-warmed instances](functions-premium-plan.md#eliminate-cold-starts) | n/a | n/a |

+| [App Service authentication](../app-service/overview-authentication-authorization.md)┬á| Not currently available⁴┬á| Yes┬á| Yes┬á| Yes┬á| No┬á|

+| [Custom domain names](../app-service/app-service-web-tutorial-custom-domain.md)┬á| Not currently available⁴┬á| Yes┬á| Yes┬á| Yes┬á| No┬á|

+| [Private key certificates](../app-service/overview-tls.md)┬á| Not currently available⁴┬á| Yes┬á| Yes┬á| Yes┬á| No┬á|

+| Virtual networks | Yes | Yes | Yes | Yes | Yes |

+| Availability zones | Yes | Yes | Yes | Yes | Yes |

+| Diagnostics | Not currently available⁴┬á| [Yes](../container-apps/troubleshooting.md#use-the-diagnose-and-solve-problems-tool) | [Yes](./functions-diagnostics.md)┬á| [Yes](./functions-diagnostics.md)┬á| No┬á|

+| Dedicated hardware | Yes ([workload profiles](../container-apps/workload-profiles-overview.md)) | Yes ([workload profiles](../container-apps/workload-profiles-overview.md)) | No | Yes | Yes |

+| Dedicated GPUs | Yes ([workload profiles](../container-apps/workload-profiles-overview.md)) | Yes ([workload profiles](../container-apps/workload-profiles-overview.md)) | No | No | Yes |

+| [Configurable memory/CPU count](../container-apps/workload-profiles-overview.md) | Yes | Yes | No | No | Yes |

+| "Free grant" option | [Yes](../container-apps/billing.md#consumption-plan) | [Yes](../container-apps/billing.md#consumption-plan) | No | No | No |

+| Pricing details | [Container Apps billing](../container-apps/billing.md) | [Container Apps billing](../container-apps/billing.md) | [Premium plan billing](./functions-premium-plan.md#billing) | [Dedicated plan billing](./dedicated-plan.md#billing) | [AKS pricing](/azure/aks/free-standard-pricing-tiers) |

+| Service name requirements | 2-32 characters: limited to lowercase letters, numbers, and hyphens. Must start with a letter and end with an alphanumeric character. | 2-32 characters: limited to lowercase letters, numbers, and hyphens. Must start with a letter and end with an alphanumeric character. | Less than 64 characters: limited to alphanumeric characters and hyphens. Can't start with or end in a hyphen. | Less than 64 characters: limited to alphanumeric characters and hyphens. Can't start with or end in a hyphen. | Less than 253 characters: limited to alphanumeric characters and hyphens. Must start and end with an alphanumeric character. |

+1. On Container Apps, the default is 10 instances, but you can set the [maximum number of replicas](../container-apps/scale-app.md#scale-definition), which has an overall maximum of 1000. This setting is honored as long as there's enough cores quota available. When you create your function app from the Azure portal, you're limited to 300 instances.

+2. In some regions, Linux apps on a Premium plan can scale to 100 instances. For more information, see the [Premium plan article](functions-premium-plan.md#region-max-scale-out). <br/>

+3. For specific limits for the various App Service plan options, see the [App Service plan limits](../azure-resource-manager/management/azure-subscription-service-limits.md#app-service-limits).

+4. Feature parity is a goal of integrated hosting on Azure Container Apps.

+5. Requires [KEDA](./functions-kubernetes-keda.md); supported by most triggers. To learn which triggers support event-driven scaling, see [Considerations for Container Apps hosting](functions-container-apps-hosting.md#considerations-for-container-apps-hosting).

+6. When the [minimum number of replicas](../container-apps/scale-app.md#scale-definition) is set to zero, the default timeout depends on the specific triggers used in the app.

+7. There's no maximum execution timeout duration enforced. However, the grace period given to a function execution is 60 minutes [during scale in](event-driven-scaling.md#scale-in-behaviors), and a grace period of 10 minutes is given during platform updates.

+8. Requires the App Service plan be set to [Always On](dedicated-plan.md#always-on). A grace period of 10 minutes is given during platform updates.

+Because Azure Functions uses the Azure App Service platform for hosting, you might find some settings relevant to your function app hosting documented in [Environment variables and app settings in Azure App Service](../app-service/reference-app-settings.md).

+`true` means use `Release` mode when compiling .NET code; `false` means use Debug mode. Default is `true`.

+Overrides the default limit on the body size of requests sent to HTTP endpoints. The value is given in bytes, with a default maximum request size of 104,857,600 bytes.

+## AcrUseManagedIdentityCreds

+Indicates whether the image is obtained from an Azure Container Registry instance using managed identity authentication. A value of `true` requires that managed identity be used, which is recommended over stored authentication credentials as a security best practice.

+## AcrUserManagedIdentityID

+Indicates the managed identity to use when obtaining the image from an Azure Container Registry instance. Requires that `AcrUseManagedIdentityCreds` is set to `true`. These are the valid values:

+| Value | Description |

+| - | - |

+| `system` | The system assigned managed identity of the function app is used. |

+| `<USER_IDENTITY_RESOURCE_ID>` | The fully qualified resource ID of a user-assigned managed identity. |

+The identity that you specify must be added to the `ACRPull` role in the container registry. For more information, see [Create and configure a function app on Azure with the image](functions-deploy-container-apps.md?tabs=acr#create-and-configure-a-function-app-on-azure-with-the-image).

+| `WEBSITE_DNS_SERVER` |DNS is inherited from the integrated virtual network in Flex|

+ Title: Azure Database for MySQL input binding for Functions

+description: Learn to use the Azure Database for MySQL input binding in Azure Functions.

+zone_pivot_groups: programming-languages-set-functions

+# Azure Database for MySQL input binding for Azure Functions (Preview)

+When a function runs, the Azure Database for MySQL input binding retrieves data from a database and passes it to the input parameter of the function.

+For information on setup and configuration details, see the [overview](./functions-bindings-azure-mysql.md).

+## Examples

+<a id="example"></a>

+# [Isolated worker model](#tab/isolated-process)

+More samples for the Azure Database for MySQL input binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples).

+This section contains the following examples:

+* [HTTP trigger, get row by ID from query string](#http-trigger-look-up-id-from-query-string-c-oop)

+* [HTTP trigger, get multiple rows from route data](#http-trigger-get-multiple-items-from-route-data-c-oop)

+* [HTTP trigger, delete rows](#http-trigger-delete-one-or-multiple-rows-c-oop)

+The examples refer to a `Product` class and a corresponding database table:

+```csharp

+namespace AzureMySqlSamples.Common

+{

+ public class Product

+ {

+ public int? ProductId { get; set; }

+ public string Name { get; set; }

+ public int Cost { get; set; }

+ public override bool Equals(object obj)

+ }

+}

+```

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-look-up-id-from-query-string-c-oop"></a>

+### HTTP trigger, get row by ID from query string

+The following example shows a C# function that retrieves a single record. The function is [triggered by an HTTP request](./functions-bindings-http-webhook-trigger.md) that uses a query string to specify the ID. That ID is used to retrieve a `Product` record with the specified query.

+> [!NOTE]

+> The HTTP query string parameter is case-sensitive.

+>

+```cs

+using System.Collections.Generic;

+using Microsoft.AspNetCore.Http;

+using Microsoft.AspNetCore.Mvc;

+using Microsoft.Azure.Functions.Worker;

+using Microsoft.Azure.Functions.Worker.Extensions.MySql;

+using Microsoft.Azure.Functions.Worker.Http;

+using AzureMySqlSamples.Common;

+namespace AzureMySqlSamples.InputBindingIsolatedSamples

+{

+ public static class GetProductById

+ {

+ [Function(nameof(GetProductById))]

+ public static IEnumerable<Product> Run(

+ [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "getproducts/{productId}")]

+ HttpRequestData req,

+ [MySqlInput("select * from Products where ProductId = @productId",

+ "MySqlConnectionString",

+ parameters: "@ProductId={productId}")]

+ IEnumerable<Product> products)

+ {

+ return products;

+ }

+ }

+}

+```

+<a id="http-trigger-get-multiple-items-from-route-data-c-oop"></a>

+### HTTP trigger, get multiple rows from route parameter

+The following example shows a [C# function](functions-dotnet-class-library.md) that retrieves rows returned by the query. The function is [triggered by an HTTP request](./functions-bindings-http-webhook-trigger.md) that uses route data to specify the value of a query parameter. That parameter is used to filter the `Product` records in the specified query.

+```cs

+using System.Collections.Generic;

+using Microsoft.AspNetCore.Http;

+using Microsoft.AspNetCore.Mvc;

+using Microsoft.Azure.Functions.Worker;

+using Microsoft.Azure.Functions.Worker.Extensions.MySql;

+using Microsoft.Azure.Functions.Worker.Http;

+using AzureMySqlSamples.Common;

+

+namespace AzureMySqlSamples.InputBindingIsolatedSamples

+{

+ public static class GetProducts

+ {

+ [Function(nameof(GetProducts))]

+ public static IEnumerable<Product> Run(

+ [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "getproducts")]

+ HttpRequestData req,

+ [MySqlInput("select * from Products",

+ "MySqlConnectionString")]

+ IEnumerable<Product> products)

+ {

+ return products;

+ }

+ }

+}

+```

+<a id="http-trigger-delete-one-or-multiple-rows-c-oop"></a>

+### HTTP trigger, delete rows

+The following example shows a [C# function](functions-dotnet-class-library.md) that executes a stored procedure with input from the HTTP request query parameter.

+The stored procedure `DeleteProductsCost` must be created on the MySQL database. In this example, the stored procedure deletes a single record or all records depending on the value of the parameter.

+```sql

+DROP PROCEDURE IF EXISTS DeleteProductsCost;

+Create Procedure DeleteProductsCost(cost INT)

+BEGIN

+ DELETE from Products where Products.cost = cost;

+END

+```

+```cs

+namespace AzureMySqlSamples.InputBindingSamples

+{

+ public static class GetProductsStoredProcedure

+ {

+ [FunctionName(nameof(GetProductsStoredProcedure))]

+ public static IActionResult Run(

+ [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "getproducts-storedprocedure/{cost}")]

+ HttpRequest req,

+ [MySql("DeleteProductsCost",

+ "MySqlConnectionString",

+ commandType: System.Data.CommandType.StoredProcedure,

+ parameters: "@Cost={cost}")]

+ IEnumerable<Product> products)

+ {

+ return new OkObjectResult(products);

+ }

+ }

+}

+```

+# [In-process model](#tab/in-process)

+More samples for the Azure Database for MySQL input binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-csharp).

+This section contains the following examples:

+* [HTTP trigger, get row by ID from query string](#http-trigger-look-up-id-from-query-string-c)

+* [HTTP trigger, get multiple rows from route data](#http-trigger-get-multiple-items-from-route-data-c)

+* [HTTP trigger, delete rows](#http-trigger-delete-one-or-multiple-rows-c)

+The examples refer to a `Product` class and a corresponding database table:

+```csharp

+namespace AzureMySqlSamples.Common

+{

+ public class Product

+ {

+ public int? ProductId { get; set; }

+ public string Name { get; set; }

+ public int Cost { get; set; }

+ public override bool Equals(object obj)

+ }

+}

+```

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-look-up-id-from-query-string-c"></a>

+### HTTP trigger, get row by ID from query string

+The following example shows a [C# function](functions-dotnet-class-library.md) that retrieves a single record. The function is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request that uses a query string to specify the ID. That ID is used to retrieve a `Product` record with the specified query.

+> [!NOTE]

+> The HTTP query string parameter is case-sensitive.

+>

+```cs

+using System.Collections.Generic;

+using Microsoft.AspNetCore.Http;

+using Microsoft.AspNetCore.Mvc;

+using Microsoft.Azure.WebJobs;

+using Microsoft.Azure.WebJobs.Extensions.Http;

+using Microsoft.Azure.WebJobs.Extensions.MySql;

+using AzureMySqlSamples.Common;

+

+namespace AzureMySqlSamples.InputBindingSamples

+{

+ public static class GetProductById

+ {

+ [FunctionName("GetProductById")]

+ public static IActionResult Run(

+ [HttpTrigger(AuthorizationLevel.Function, "get", Route = "getproducts/{productId}")] HttpRequest req,

+ [MySql("select * from Products where ProductId = @productId",

+ "MySqlConnectionString",

+ parameters: "@ProductId={productId}")]

+ IEnumerable<Product> products)

+ {

+ return new OkObjectResult(products);

+ }

+ }

+}

+```

+<a id="http-trigger-get-multiple-items-from-route-data-c"></a>

+### HTTP trigger, get multiple rows from route parameter

+The following example shows a [C# function](functions-dotnet-class-library.md) that retrieves documents returned by the query. The function is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request that uses route data to specify the value of a query parameter. That parameter is used to filter the `Product` records in the specified query.

+```cs

+using System.Collections.Generic;

+using Microsoft.AspNetCore.Http;

+using Microsoft.AspNetCore.Mvc;

+using Microsoft.Azure.WebJobs;

+using Microsoft.Azure.WebJobs.Extensions.Http;

+using Microsoft.Azure.WebJobs.Extensions.MySql;

+using AzureMySqlSamples.Common;

+

+namespace AzureMySqlSamples.InputBindingSamples

+{

+ public static class GetProducts

+ {

+ [FunctionName("GetProducts")]

+ public static IActionResult Run(

+ [HttpTrigger(AuthorizationLevel.Function, "get", Route = "getproducts")] HttpRequest req,

+ [MySql("select * from Products",

+ "MySqlConnectionString")]

+ IEnumerable<Product> products)

+ {

+ return new OkObjectResult(products);

+ }

+ }

+}

+```

+<a id="http-trigger-delete-one-or-multiple-rows-c"></a>

+### HTTP trigger, delete rows

+The following example shows a [C# function](functions-dotnet-class-library.md) that executes a stored procedure with input from the HTTP request query parameter.

+The stored procedure `DeleteProductsCost` must be created on the MySQL database. In this example, the stored procedure deletes a single record or all records depending on the value of the parameter.

+```sql

+DROP PROCEDURE IF EXISTS DeleteProductsCost;

+Create Procedure DeleteProductsCost(cost INT)

+BEGIN

+ DELETE from Products where Products.cost = cost;

+END

+```

+```cs

+namespace AzureMySqlSamples.InputBindingSamples

+{

+ public static class GetProductsStoredProcedure

+ {

+ [FunctionName(nameof(GetProductsStoredProcedure))]

+ public static IActionResult Run(

+ [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "getproducts-storedprocedure/{cost}")]

+ HttpRequest req,

+ [MySql("DeleteProductsCost",

+ "MySqlConnectionString",

+ commandType: System.Data.CommandType.StoredProcedure,

+ parameters: "@Cost={cost}")]

+ IEnumerable<Product> products)

+ {

+ return new OkObjectResult(products);

+ }

+ }

+}

+```

+More samples for the Azure Database for MySQL input binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-java).

+This section contains the following examples:

+* [HTTP trigger, get multiple rows](#http-trigger-get-multiple-items-java)

+* [HTTP trigger, get row by ID from query string](#http-trigger-look-up-id-from-query-string-java)

+* [HTTP trigger, delete rows](#http-trigger-delete-one-or-multiple-rows-java)

+The examples refer to a `Product` class and a corresponding database table:

+```java

+package com.function.Common;

+import com.fasterxml.jackson.annotation.JsonProperty;

+public class Product {

+ @JsonProperty("ProductId")

+ private int ProductId;

+ @JsonProperty("Name")

+ private String Name;

+ @JsonProperty("Cost")

+ private int Cost;

+ public Product() {

+ }

+```

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-get-multiple-items-java"></a>

+### HTTP trigger, get multiple rows

+The following example shows a MySQL input binding in a Java function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query and returns the results in the HTTP response.

+```java

+package com.function;

+import com.function.Common.Product;

+import com.microsoft.azure.functions.HttpMethod;

+import com.microsoft.azure.functions.HttpRequestMessage;

+import com.microsoft.azure.functions.HttpResponseMessage;

+import com.microsoft.azure.functions.HttpStatus;

+import com.microsoft.azure.functions.annotation.AuthorizationLevel;

+import com.microsoft.azure.functions.annotation.FunctionName;

+import com.microsoft.azure.functions.annotation.HttpTrigger;

+import com.microsoft.azure.functions.mysql.annotation.CommandType;

+import com.microsoft.azure.functions.mysql.annotation.MySqlInput;

+import java.util.Optional;

+public class GetProducts {

+ @FunctionName("GetProducts")

+ public HttpResponseMessage run(

+ @HttpTrigger(

+ name = "req",

+ methods = {HttpMethod.GET},

+ authLevel = AuthorizationLevel.ANONYMOUS,

+ route = "getproducts}")

+ HttpRequestMessage<Optional<String>> request,

+ @MySqlInput(

+ name = "products",

+ commandText = "SELECT * FROM Products",

+ commandType = CommandType.Text,

+ connectionStringSetting = "MySqlConnectionString")

+ Product[] products) {

+ return request.createResponseBuilder(HttpStatus.OK).header("Content-Type", "application/json").body(products).build();

+ }

+}

+```

+<a id="http-trigger-look-up-id-from-query-string-java"></a>

+### HTTP trigger, get row by ID from query string

+The following example shows a MySQL input binding in a Java function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query filtered by a parameter from the query string and returns the row in the HTTP response.

+```java

+public class GetProductById {

+ @FunctionName("GetProductById")

+ public HttpResponseMessage run(

+ @HttpTrigger(

+ name = "req",

+ methods = {HttpMethod.GET},

+ authLevel = AuthorizationLevel.ANONYMOUS,

+ route = "getproducts/{productid}")

+ HttpRequestMessage<Optional<String>> request,

+ @MySqlInput(

+ name = "products",

+ commandText = "SELECT * FROM Products WHERE ProductId= @productId",

+ commandType = CommandType.Text,

+ parameters = "@productId={productid}",

+ connectionStringSetting = "MySqlConnectionString")

+ Product[] products) {

+

+ return request.createResponseBuilder(HttpStatus.OK).header("Content-Type", "application/json").body(products).build();

+ }

+}

+```

+<a id="http-trigger-delete-one-or-multiple-rows-java"></a>

+### HTTP trigger, delete rows

+The following example shows a MySQL input binding in a Java function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and executes a stored procedure with input from the HTTP request query parameter.

+The stored procedure `DeleteProductsCost` must be created on the database. In this example, the stored procedure deletes a single record or all records depending on the value of the parameter.

+```sql

+DROP PROCEDURE IF EXISTS DeleteProductsCost;

+Create Procedure DeleteProductsCost(cost INT)

+BEGIN

+ DELETE from Products where Products.cost = cost;

+END

+```

+```java

+public class DeleteProductsStoredProcedure {

+ @FunctionName("DeleteProductsStoredProcedure")

+ public HttpResponseMessage run(

+ @HttpTrigger(

+ name = "req",

+ methods = {HttpMethod.GET},

+ authLevel = AuthorizationLevel.ANONYMOUS,

+ route = "Deleteproducts-storedprocedure/{cost}")

+ HttpRequestMessage<Optional<String>> request,

+ @MySqlInput(

+ name = "products",

+ commandText = "DeleteProductsCost",

+ commandType = CommandType.StoredProcedure,

+ parameters = "@Cost={cost}",

+ connectionStringSetting = "MySqlConnectionString")

+ Product[] products) {

+ return request.createResponseBuilder(HttpStatus.OK).header("Content-Type", "application/json").body(products).build();

+ }

+}

+```

+More samples for the Azure Database for MySQL input binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-js).

+This section contains the following examples:

+* [HTTP trigger, get multiple rows](#http-trigger-get-multiple-items-javascript)

+* [HTTP trigger, get row by ID from query string](#http-trigger-look-up-id-from-query-string-javascript)

+* [HTTP trigger, delete rows](#http-trigger-delete-one-or-multiple-rows-javascript)

+The examples refer to a database table:

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-get-multiple-items-javascript"></a>

+### HTTP trigger, get multiple rows

+The following example shows a MYSQL input binding that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query and returns the results in the HTTP response.

+# [Model v4](#tab/nodejs-v4)

+```typescript

+import { app, HttpRequest, HttpResponseInit, input, InvocationContext } from '@azure/functions';

+const mysqlInput = input.generic({

+ commandText: 'select * from Products',

+ commandType: 'Text',

+ connectionStringSetting: 'MySqlConnectionString',

+});

+export async function httpTrigger1(request: HttpRequest, context: InvocationContext): Promise<HttpResponseInit> {

+ context.log('HTTP trigger and MySQL input binding function processed a request.');

+ const products = context.extraInputs.get(mysqlInput);

+ return {

+ jsonBody: products,

+ };

+}

+app.http('httpTrigger1', {

+ methods: ['GET', 'POST'],

+ authLevel: 'anonymous',

+ extraInputs: [mysqlInput],

+ handler: httpTrigger1,

+});

+```

+# [Model v3](#tab/nodejs-v3)

+TypeScript samples aren't documented for model v3.

+# [Model v4](#tab/nodejs-v4)

+```javascript

+const { app, input } = require('@azure/functions');

+const mysqlInput = input.generic({

+ type: 'mysql',

+ commandText: 'select * from Products where Cost = @Cost',

+ commandType: 'Text',

+ connectionStringSetting: 'MySqlConnectionString'

+})

+app.http('GetProducts', {

+ methods: ['GET', 'POST'],

+ authLevel: 'anonymous',

+ route: 'getproducts/{cost}',

+ extraInputs: [mysqlInput],

+ handler: async (request, context) => {

+ const products = JSON.stringify(context.extraInputs.get(mysqlInput));

+ return {

+ status: 200,

+ body: products

+ };

+ }

+});

+```

+# [Model v3](#tab/nodejs-v3)

+The following example is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "getproducts"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "select * from Products",

+ "commandType": "Text",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample JavaScript code:

+```javascript

+module.exports = async function (context, req, products) {

+ context.log('JavaScript HTTP trigger and MySQL input binding function processed a request.');

+

+ context.res = {

+ // status: 200, /* Defaults to 200 */

+ mimetype: "application/json",

+ body: products

+ };

+}

+```

+<a id="http-trigger-look-up-id-from-query-string-javascript"></a>

+### HTTP trigger, get row by ID from query string

+The following example shows a MySQL input binding that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query filtered by a parameter from the query string and returns the row in the HTTP response.

+# [Model v4](#tab/nodejs-v4)

+```typescript

+import { app, HttpRequest, HttpResponseInit, input, InvocationContext } from '@azure/functions';

+const mysqlInput = input.generic({

+ commandText: 'select * from Products where ProductId= @productId',

+ commandType: 'Text',

+ parameters: '@productId={productid}',

+ connectionStringSetting: 'MySqlConnectionString',

+});

+export async function httpTrigger1(request: HttpRequest, context: InvocationContext): Promise<HttpResponseInit> {

+ context.log('HTTP trigger and MySQL input binding function processed a request.');

+ const products = context.extraInputs.get(mysqlInput);

+ return {

+ jsonBody: products,

+ };

+}

+app.http('httpTrigger1', {

+ methods: ['GET', 'POST'],

+ authLevel: 'anonymous',

+ extraInputs: [mysqlInput],

+ handler: httpTrigger1,

+});

+```

+# [Model v3](#tab/nodejs-v3)

+TypeScript samples aren't documented for model v3.

+# [Model v4](#tab/nodejs-v4)

+```javascript

+const { app, input } = require('@azure/functions');

+const mysqlInput = input.generic({

+ type: 'mysql',

+ commandText: 'select * from Products where ProductId= @productId',

+ commandType: 'Text',

+ parameters: '@productId={productid}',

+ connectionStringSetting: 'MySqlConnectionString'

+})

+app.http('GetProducts', {

+ methods: ['GET', 'POST'],

+ authLevel: 'anonymous',

+ route: 'getproducts/{productid}',

+ extraInputs: [mysqlInput],

+ handler: async (request, context) => {

+ const products = JSON.stringify(context.extraInputs.get(mysqlInput));

+ return {

+ status: 200,

+ body: products

+ };

+ }

+});

+```

+# [Model v3](#tab/nodejs-v3)

+The following example is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "getproducts/{productid}"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "select * from Products where ProductId= @productId",

+ "commandType": "Text",

+ "parameters": "@productId={productid}",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample JavaScript code:

+```javascript

+module.exports = async function (context, req, products) {

+ context.log('JavaScript HTTP trigger function processed a request.');

+ context.log(JSON.stringify(products));

+ return {

+ status: 200,

+ body: products

+ };

+}

+```

+<a id="http-trigger-delete-one-or-multiple-rows-javascript"></a>

+### HTTP trigger, delete rows

+The following example shows a MySQL input binding that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and executes a stored procedure with input from the HTTP request query parameter.

+The stored procedure `DeleteProductsCost` must be created on the database. In this example, the stored procedure deletes a single record or all records depending on the value of the parameter.

+```sql

+DROP PROCEDURE IF EXISTS DeleteProductsCost;

+Create Procedure DeleteProductsCost(cost INT)

+BEGIN

+ DELETE from Products where Products.cost = cost;

+END

+```

+# [Model v4](#tab/nodejs-v4)

+```typescript

+import { app, HttpRequest, HttpResponseInit, input, InvocationContext } from '@azure/functions';

+const mysqlInput = input.generic({

+ commandText: 'DeleteProductsCost',

+ commandType: 'StoredProcedure',

+ parameters: '@Cost={cost}',

+ connectionStringSetting: 'MySqlConnectionString',

+});

+export async function httpTrigger1(request: HttpRequest, context: InvocationContext): Promise<HttpResponseInit> {

+ context.log('HTTP trigger and MySQL input binding function processed a request.');

+ const products = context.extraInputs.get(mysqlInput);

+ return {

+ jsonBody: products,

+ };

+}

+app.http('httpTrigger1', {

+ methods: ['GET', 'POST'],

+ authLevel: 'anonymous',

+ extraInputs: [mysqlInput],

+ handler: httpTrigger1,

+});

+```

+# [Model v3](#tab/nodejs-v3)

+TypeScript samples aren't documented for model v3.

+# [Model v4](#tab/nodejs-v4)

+```javascript

+const { app, input } = require('@azure/functions');

+const mysqlInput = input.generic({

+ type: 'mysql',

+ commandText: 'DeleteProductsCost',

+ commandType: 'StoredProcedure',

+ parameters: '@Cost={cost}',

+ connectionStringSetting: 'MySqlConnectionString'

+})

+app.http('httpTrigger1', {

+ methods: ['POST'],

+ authLevel: 'anonymous',

+ route: 'DeleteProductsByCost',

+ extraInputs: [mysqlInput],

+ handler: async (request, context) => {

+ const products = JSON.stringify(context.extraInputs.get(mysqlInput));

+ return {

+ status: 200,

+ body: products

+ };

+ }

+});

+```

+# [Model v3](#tab/nodejs-v3)

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "DeleteProductsByCost"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "DeleteProductsCost",

+ "commandType": "StoredProcedure",

+ "parameters": "@Cost={cost}",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample JavaScript code:

+```javascript

+module.exports = async function (context, req, products) {

+ context.log('JavaScript HTTP trigger function processed a request.');

+ context.log(JSON.stringify(products));

+ return {

+ status: 200,

+ body: products

+ };

+}

+```

+More samples for the Azure Database for MySQL input binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-powershell).

+This section contains the following examples:

+* [HTTP trigger, get multiple rows](#http-trigger-get-multiple-items-powershell)

+* [HTTP trigger, get row by ID from query string](#http-trigger-look-up-id-from-query-string-powershell)

+* [HTTP trigger, delete rows](#http-trigger-delete-one-or-multiple-rows-powershell)

+The examples refer to a database table:

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-get-multiple-items-powershell"></a>

+### HTTP trigger, get multiple rows

+The following example shows a MySQL input binding in a function.json file and a PowerShell function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query and returns the results in the HTTP response.

+The following example is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "Request",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "getproducts/{cost}"

+ },

+ {

+ "name": "response",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "select * from Products",

+ "commandType": "Text",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample PowerShell code for the function in the `run.ps1` file:

+```powershell

+using namespace System.Net

+param($Request, $TriggerMetadata, $products)

+Write-Host "PowerShell function with MySql Input Binding processed a request."

+Push-OutputBinding -Name response -Value ([HttpResponseContext]@{

+ StatusCode = [System.Net.HttpStatusCode]::OK

+ Body = $products

+})

+```

+<a id="http-trigger-look-up-id-from-query-string-powershell"></a>

+### HTTP trigger, get row by ID from query string

+The following example shows a MySQL input binding in a PowerShell function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query filtered by a parameter from the query string and returns the row in the HTTP response.

+The following example is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "Request",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "getproducts/{productid}"

+ },

+ {

+ "name": "response",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "select * from Products where ProductId= @productId",

+ "commandType": "Text",

+ "parameters": "MySqlConnectionString",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following is sample PowerShell code for the function in the `run.ps1` file:

+```powershell

+using namespace System.Net

+param($Request, $TriggerMetadata, $products)

+Write-Host "PowerShell function with MySql Input Binding processed a request."

+Push-OutputBinding -Name response -Value ([HttpResponseContext]@{

+ StatusCode = [System.Net.HttpStatusCode]::OK

+ Body = $products

+})

+```

+<a id="http-trigger-delete-one-or-multiple-rows-powershell"></a>

+### HTTP trigger, delete rows

+The following example shows a MySQL input binding in a function.json file and a PowerShell function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and executes a stored procedure with input from the HTTP request query parameter.

+The stored procedure `DeleteProductsCost` must be created on the database. In this example, the stored procedure deletes a single record or all records depending on the value of the parameter.

+```sql

+DROP PROCEDURE IF EXISTS DeleteProductsCost;

+Create Procedure DeleteProductsCost(cost INT)

+BEGIN

+ DELETE from Products where Products.cost = 'cost';

+END

+```

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "Request",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "deleteproducts-storedprocedure/{cost}"

+ },

+ {

+ "name": "response",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "DeleteProductsCost",

+ "commandType": "StoredProcedure",

+ "parameters": "@Cost={cost}",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample PowerShell code for the function in the `run.ps1` file:

+```powershell

+using namespace System.Net

+param($Request, $TriggerMetadata, $products)

+Write-Host "PowerShell function with MySql Input Binding processed a request."

+Push-OutputBinding -Name response -Value ([HttpResponseContext]@{

+ StatusCode = [System.Net.HttpStatusCode]::OK

+ Body = $products

+}

+```

+More samples for the Azure Database for MySQL input binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-python).

+This section contains the following examples:

+* [HTTP trigger, get multiple rows](#http-trigger-get-multiple-items-python)

+* [HTTP trigger, get row by ID from query string](#http-trigger-look-up-id-from-query-string-python)

+* [HTTP trigger, delete rows](#http-trigger-delete-one-or-multiple-rows-python)

+The examples refer to a database table:

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+> [!NOTE]

+> Please note that Azure Functions version 1.22.0b4 must be used for Python .

+>

+<a id="http-trigger-get-multiple-items-python"></a>

+### HTTP trigger, get multiple rows

+The following example shows a MySQL input binding in a function.json file and a Python function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query and returns the results in the HTTP response.

+# [v2](#tab/python-v2)

+The following example is sample python code for the function_app.py file:

+```python

+import azure.functions as func

+import datetime

+import json

+import logging

+

+app = func.FunctionApp()

+

+

+@app.generic_trigger(arg_name="req", type="httpTrigger", route="getproducts/{cost}")

+@app.generic_output_binding(arg_name="$return", type="http")

+@app.generic_input_binding(arg_name="products", type="mysql",

+ commandText= "select * from Products",

+ command_type="Text",

+ connection_string_setting="MySqlConnectionString")

+def mysql_test(req: func.HttpRequest, products: func.MySqlRowList) -> func.HttpResponse:

+ rows = list(map(lambda r: json.loads(r.to_json()), products))

+

+ return func.HttpResponse(

+ json.dumps(rows),

+ status_code=200,

+ mimetype="application/json"

+ )

+```

+# [v1](#tab/python-v1)

+The following example is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "getproducts/{cost}"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "select * from Products",

+ "commandType": "Text",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+ }

+```

+The [configuration](#configuration) section explains these properties.

+The following is sample Python code:

+```python

+import azure.functions as func

+import json

+def main(req: func.HttpRequest, products: func.MySqlRowList) -> func.HttpResponse:

+ rows = list(map(lambda r: json.loads(r.to_json()), products))

+ return func.HttpResponse(

+ json.dumps(rows),

+ status_code=200,

+ mimetype="application/json"

+ )

+```

+<a id="http-trigger-look-up-id-from-query-string-python"></a>

+### HTTP trigger, get row by ID from query string

+The following example shows a MySQL input binding in a Python function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and reads from a query filtered by a parameter from the query string and returns the row in the HTTP response.

+# [v2](#tab/python-v2)

+The following example is sample python code for the function_app.py file:

+```python

+import azure.functions as func

+import datetime

+import json

+import logging

+

+app = func.FunctionApp()

+

+

+@app.generic_trigger(arg_name="req", type="httpTrigger", route="getproducts/{cost}")

+@app.generic_output_binding(arg_name="$return", type="http")

+@app.generic_input_binding(arg_name="products", type="mysql",

+ commandText= "select * from Products where ProductId= @productId",

+ command_type="Text",

+ parameters= "@productId={productid}",

+ connection_string_setting="MySqlConnectionString")

+def mysql_test(req: func.HttpRequest, products: func.MySqlRowList) -> func.HttpResponse:

+ rows = list(map(lambda r: json.loads(r.to_json()), products))

+

+ return func.HttpResponse(

+ json.dumps(rows),

+ status_code=200,

+ mimetype="application/json"

+ )

+```

+# [v1](#tab/python-v1)

+The following is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "getproducts/{productid}"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "select * from Products where ProductId= @productId",

+ "commandType": "Text",

+ "parameters": "@productId={productid}",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+ }

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample Python code:

+```python

+import azure.functions as func

+import json

+def main(req: func.HttpRequest, products: func.MySqlRowList) -> func.HttpResponse:

+ rows = list(map(lambda r: json.loads(r.to_json()), products))

+ return func.HttpResponse(

+ json.dumps(rows),

+ status_code=200,

+ mimetype="application/json"

+ )

+```

+<a id="http-trigger-delete-one-or-multiple-rows-python"></a>

+### HTTP trigger, delete rows

+The following example shows a MySQL input binding in a function.json file and a Python function that is [triggered by an HTTP](./functions-bindings-http-webhook-trigger.md) request and executes a stored procedure with input from the HTTP request query parameter.

+The stored procedure `DeleteProductsCost` must be created on the database. In this example, the stored procedure deletes a single record or all records depending on the value of the parameter.

+```sql

+DROP PROCEDURE IF EXISTS DeleteProductsCost;

+Create Procedure DeleteProductsCost(cost INT)

+BEGIN

+ DELETE from Products where Products.cost = cost;

+END

+```

+# [v2](#tab/python-v2)

+The following example is sample python code for the function_app.py file:

+```python

+import azure.functions as func

+import datetime

+import json

+import logging

+

+app = func.FunctionApp()

+

+

+@app.generic_trigger(arg_name="req", type="httpTrigger", route="getproducts/{cost}")

+@app.generic_output_binding(arg_name="$return", type="http")

+@app.generic_input_binding(arg_name="products", type="mysql",

+ commandText= "DeleteProductsCost",

+ command_type="StoredProcedure",

+ parameters= "@Cost={cost}",

+ connection_string_setting="MySqlConnectionString")

+def mysql_test(req: func.HttpRequest, products: func.MySqlRowList) -> func.HttpResponse:

+ rows = list(map(lambda r: json.loads(r.to_json()), products))

+

+ return func.HttpResponse(

+ json.dumps(rows),

+ status_code=200,

+ mimetype="application/json"

+ )

+```

+# [v1](#tab/python-v1)

+```json

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "type": "httpTrigger",

+ "direction": "in",

+ "methods": [

+ "get"

+ ],

+ "route": "getproducts-storedprocedure/{cost}"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "products",

+ "type": "mysql",

+ "direction": "in",

+ "commandText": "DeleteProductsCost",

+ "commandType": "StoredProcedure",

+ "parameters": "@Cost={cost}",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+ }

+```

+The [configuration](#configuration) section explains these properties.

+The following is sample Python code:

+```python

+import json

+import azure.functions as func

+# The input binding executes the `SELECT * FROM Products WHERE Cost = @Cost` query.

+# The Parameters argument passes the `{cost}` specified in the URL that triggers the function,

+# `getproducts/{cost}`, as the value of the `@Cost` parameter in the query.

+# CommandType is set to `Text`, since the constructor argument of the binding is a raw query.

+def main(req: func.HttpRequest, products: func.MySqlRowList) -> func.HttpResponse:

+ rows = list(map(lambda r: json.loads(r.to_json()), products))

+ return func.HttpResponse(

+ json.dumps(rows),

+ status_code=200,

+ mimetype="application/json"

+ )

+```

+## Attributes

+The [C# library](functions-dotnet-class-library.md) uses the MySqlAttribute attribute to declare the MySQL bindings on the function, which has the following properties:

+| Attribute property |Description|

+|||

+| **CommandText** | Required. The MySQL query command or name of the stored procedure executed by the binding. |

+| **ConnectionStringSetting** | Required. The name of an app setting that contains the connection string for the database against which the query or stored procedure is being executed. This value isn't the actual connection string and must instead resolve to an environment variable name. |

+| **CommandType** | Required. A [CommandType](/dotnet/api/system.data.commandtype) value, which is [Text](/dotnet/api/system.data.commandtype#fields) for a query and [StoredProcedure](/dotnet/api/system.data.commandtype#fields) for a stored procedure. |

+| **Parameters** | Optional. Zero or more parameter values passed to the command during execution as a single string. Must follow the format `@param1=param1,@param2=param2`. Neither the parameter name nor the parameter value can contain a comma (`,`) or an equals sign (`=`). |

+## Annotations

+In the [Java functions runtime library](/java/api/overview/azure/functions/runtime), use the `@MySQLInput` annotation on parameters whose value would come from Azure Database for MySQL. This annotation supports the following elements:

+| Element |Description|

+|||

+| **commandText** | Required. The MySQL query command or name of the stored procedure executed by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database against which the query or stored procedure is being executed. This value isn't the actual connection string and must instead resolve to an environment variable name. |

+| **commandType** | Required. A [CommandType](/dotnet/api/system.data.commandtype) value, which is ["Text"](/dotnet/api/system.data.commandtype#fields) for a query and ["StoredProcedure"](/dotnet/api/system.data.commandtype#fields) for a stored procedure. |

+|**name** | Required. The unique name of the function binding. |

+| **parameters** | Optional. Zero or more parameter values passed to the command during execution as a single string. Must follow the format `@param1=param1,@param2=param2`. Neither the parameter name nor the parameter value can contain a comma (`,`) or an equals sign (`=`). |

+## Configuration

+# [Model v4](#tab/nodejs-v4)

+The following table explains the properties that you can set on the `options` object passed to the `input.generic()` method.

+| Property | Description |

+||-|

+| **commandText** | Required. The MySQL query command or name of the stored procedure executed by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database against which the query or stored procedure is being executed. This value isn't the actual connection string and must instead resolve to an environment variable name. Optional keywords in the connection string value are [available to refine MySQL bindings connectivity](./functions-bindings-azure-mysql.md#mysql-connection-string). |

+| **commandType** | Required. A [CommandType](/dotnet/api/system.data.commandtype) value, which is [Text](/dotnet/api/system.data.commandtype#fields) for a query and [StoredProcedure](/dotnet/api/system.data.commandtype#fields) for a stored procedure. |

+| **parameters** | Optional. Zero or more parameter values passed to the command during execution as a single string. Must follow the format `@param1=param1,@param2=param2`. Neither the parameter name nor the parameter value can contain a comma (`,`) or an equals sign (`=`). |

+# [Model v3](#tab/nodejs-v3)

+The following table explains the binding configuration properties that you set in the function.json file.

+| Property | Description |

+||-|

+|**type** | Required. Must be set to `Mysql`. |

+|**direction** | Required. Must be set to `in`. |

+|**name** | Required. The name of the variable that represents the query results in function code. |

+| **commandText** | Required. The MySQL query command or name of the stored procedure executed by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database against which the query or stored procedure is being executed. This value isn't the actual connection string and must instead resolve to an environment variable name. Optional keywords in the connection string value are [available to refine MySQL bindings connectivity](./functions-bindings-azure-mysql.md#mysql-connection-string). |

+| **commandType** | Required. A [CommandType](/dotnet/api/system.data.commandtype) value, which is [Text](/dotnet/api/system.data.commandtype#fields) for a query and [StoredProcedure](/dotnet/api/system.data.commandtype#fields) for a stored procedure. |

+| **parameters** | Optional. Zero or more parameter values passed to the command during execution as a single string. Must follow the format `@param1=param1,@param2=param2`. Neither the parameter name nor the parameter value can contain a comma (`,`) or an equals sign (`=`). |

+## Configuration

+The following table explains the binding configuration properties that you set in the function.json file.

+|function.json property | Description|

+||-|

+|**type** | Required. Must be set to `mysql`. |

+|**direction** | Required. Must be set to `in`. |

+|**name** | Required. The name of the variable that represents the query results in function code. |

+| **commandText** | Required. The MySQL query command or name of the stored procedure executed by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database against which the query or stored procedure is being executed. This value isn't the actual connection string and must instead resolve to an environment variable name. Optional keywords in the connection string value are [available to refine MySQL bindings connectivity](./functions-bindings-azure-mysql.md#mysql-connection-string). |

+| **commandType** | Required. A [CommandType](/dotnet/api/system.data.commandtype) value, which is [Text](/dotnet/api/system.data.commandtype#fields) for a query and [StoredProcedure](/dotnet/api/system.data.commandtype#fields) for a stored procedure. |

+| **parameters** | Optional. Zero or more parameter values passed to the command during execution as a single string. Must follow the format `@param1=param1,@param2=param2`. Neither the parameter name nor the parameter value can contain a comma (`,`) or an equals sign (`=`). |

+## Usage

+The attribute's constructor takes the MySQL command text, the command type, parameters, and the connection string setting name. The command can be a MYSQL query with the command type `System.Data.CommandType.Text` or stored procedure name with the command type `System.Data.CommandType.StoredProcedure`. The connection string setting name corresponds to the application setting (in `local.settings.json` for local development) that contains the [connection string](https://dev.mysql.com/doc/connector-net/en/connector-net-connections-string.html) to the Azure Database for MySQL.

+If an exception occurs when a MySQL input binding is executed then the function code won't execute. This might result in an error code being returned, such as an HTTP trigger returning a 500 error code.

+## Next steps

+- [Save data to a database (Output binding)](./functions-bindings-azure-mysql-output.md)

+- [Run a function from a HTTP request (trigger)](./functions-bindings-http-webhook-trigger.md)

+

+ Title: Azure Database for MySQL output binding for Functions

+description: Learn to use the Azure Database for MySQL output binding in Azure Functions.

+zone_pivot_groups: programming-languages-set-functions

+# Azure Database for MySQL output binding for Azure Functions (Preview)

+The Azure Database for MySQL output binding lets you write to a database.

+For information on setup and configuration details, see the [overview](./functions-bindings-azure-mysql.md).

+## Examples

+<a id="example"></a>

+# [Isolated worker model](#tab/isolated-process)

+More samples for the Azure Database for MySQL output binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples).

+This section contains the following example:

+* [HTTP trigger, write one record](#http-trigger-write-one-record-c-oop)

+The examples refer to a `Product` class and a corresponding database table:

+```csharp

+namespace AzureMySqlSamples.Common

+{

+ public class Product

+ {

+ public int? ProductId { get; set; }

+ public string Name { get; set; }

+ public int Cost { get; set; }

+ public override bool Equals(object obj)

+ }

+}

+```

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-write-one-record-c-oop"></a>

+### HTTP trigger, write one record

+The following example shows a [C# function](functions-dotnet-class-library.md) that adds a record to a database, using data provided in an HTTP POST request as a JSON body.

+```cs

+using Microsoft.AspNetCore.Mvc;

+using Microsoft.Azure.Functions.Worker;

+using Microsoft.Azure.Functions.Worker.Extensions.MySql;

+using Microsoft.Azure.Functions.Worker.Http;

+using AzureMySqlSamples.Common;

+namespace AzureMySqlSamples.OutputBindingSamples

+{

+ public static class AddProduct

+ {

+ [FunctionName(nameof(AddProduct))]

+ public static IActionResult Run(

+ [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "addproduct")]

+ [FromBody] Product prod,

+ [MySql("Products", "MySqlConnectionString")] out Product product)

+ {

+ product = prod;

+ return new CreatedResult($"/api/addproduct", product);

+ }

+ }

+}

+```

+# [In-process model](#tab/in-process)

+More samples for the Azure Database for MySQL output binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-csharp).

+This section contains the following example:

+* [HTTP trigger, write one record](#http-trigger-write-one-record-c)

+The examples refer to a `Product` class and a corresponding database table:

+```csharp

+namespace AzureMySqlSamples.Common

+{

+ public class Product

+ {

+ public int? ProductId { get; set; }

+ public string Name { get; set; }

+ public int Cost { get; set; }

+ public override bool Equals(object obj)

+ }

+}

+```

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-write-one-record-c"></a>

+### HTTP trigger, write one record

+The following example shows a [C# function](functions-dotnet-class-library.md) that adds a record to a database, using data provided in an HTTP POST request as a JSON body.

+```csharp

+using Microsoft.AspNetCore.Mvc;

+using Microsoft.Azure.WebJobs;

+using Microsoft.Azure.WebJobs.Extensions.Http;

+using Microsoft.Azure.WebJobs.Extensions.MySql;

+using AzureMySqlSamples.Common;

+namespace AzureMySqlSamples.OutputBindingSamples

+{

+ public static class AddProduct

+ {

+ [FunctionName(nameof(AddProduct))]

+ public static IActionResult Run(

+ [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "addproduct")]

+ [FromBody] Product prod,

+ [MySql("Products", "MySqlConnectionString")] out Product product)

+ {

+ product = prod;

+ return new CreatedResult($"/api/addproduct", product);

+ }

+ }

+}

+```

+More samples for the Azure Database for MySQL output binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-java).

+This section contains the following example:

+* [HTTP trigger, write a record to a table](#http-trigger-write-record-to-table-java)

+The examples refer to a `Product` class and a corresponding database table:

+```java

+package com.function.Common;

+import com.fasterxml.jackson.annotation.JsonProperty;

+public class Product {

+ @JsonProperty("ProductId")

+ private int ProductId;

+ @JsonProperty("Name")

+ private String Name;

+ @JsonProperty("Cost")

+ private int Cost;

+ public Product() {

+ }

+ public Product(int productId, String name, int cost) {

+ ProductId = productId;

+ Name = name;

+ Cost = cost;

+ }

+}

+```

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-write-record-to-table-java"></a>

+### HTTP trigger, write a record to a table

+The following example shows a MySQL output binding in a Java function that adds a record to a table, using data provided in an HTTP POST request as a JSON body. The function takes an additional dependency on the [com.google.code.gson](https://github.com/google/gson) library to parse the JSON body.

+```xml

+<dependency>

+ <groupId>com.google.code.gson</groupId>

+ <artifactId>gson</artifactId>

+ <version>2.10.1</version>

+</dependency>

+```

+```java

+package com.function;

+import com.microsoft.azure.functions.HttpMethod;

+import com.microsoft.azure.functions.HttpRequestMessage;

+import com.microsoft.azure.functions.HttpResponseMessage;

+import com.microsoft.azure.functions.HttpStatus;

+import com.microsoft.azure.functions.OutputBinding;

+import com.microsoft.azure.functions.annotation.AuthorizationLevel;

+import com.microsoft.azure.functions.annotation.FunctionName;

+import com.microsoft.azure.functions.annotation.HttpTrigger;

+import com.microsoft.azure.functions.mysql.annotation.MySqlOutput;

+import com.fasterxml.jackson.core.JsonParseException;

+import com.fasterxml.jackson.databind.JsonMappingException;

+import com.fasterxml.jackson.databind.ObjectMapper;

+import com.function.Common.Product;

+import java.io.IOException;

+import java.util.Optional;

+public class AddProduct {

+ @FunctionName("AddProduct")

+ public HttpResponseMessage run(

+ @HttpTrigger(

+ name = "req",

+ methods = {HttpMethod.POST},

+ authLevel = AuthorizationLevel.ANONYMOUS,

+ route = "addproduct")

+ HttpRequestMessage<Optional<String>> request,

+ @MySqlOutput(

+ name = "product",

+ commandText = "Products",

+ connectionStringSetting = "MySqlConnectionString")

+ OutputBinding<Product> product) throws JsonParseException, JsonMappingException, IOException {

+ String json = request.getBody().get();

+ ObjectMapper mapper = new ObjectMapper();

+ Product p = mapper.readValue(json, Product.class);

+ product.setValue(p);

+ return request.createResponseBuilder(HttpStatus.OK).header("Content-Type", "application/json").body(product).build();

+ }

+}

+```

+More samples for the Azure Database for MySQL output binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples).

+This section contains the following example:

+* [HTTP trigger, write records to a table](#http-trigger-write-records-to-table-javascript)

+The examples refer to a database table:

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-write-records-to-table-javascript"></a>

+### HTTP trigger, write records to a table

+The following example shows a MySQL output binding that adds records to a table, using data provided in an HTTP POST request as a JSON body.

+# [Model v4](#tab/nodejs-v4)

+```typescript

+const { app, output } = require('@azure/functions');

+const mysqlOutput = output.generic({

+ type: 'mysql',

+ commandText: 'Products',

+ connectionStringSetting: 'MySqlConnectionString'

+})

+// Upsert the product, which will insert it into the Products table if the primary key (ProductId) for that item doesn't exist.

+// If it does then update it to have the new name and cost.

+app.http('AddProduct', {

+ methods: ['POST'],

+ authLevel: 'anonymous',

+ extraOutputs: [mysqlOutput],

+ handler: async (request, context) => {

+ // Note that this expects the body to be a JSON object or array of objects which have a property

+ // matching each of the columns in the table to upsert to.

+ const product = await request.json();

+ context.extraOutputs.set(mysqlOutput, product);

+ return {

+ status: 201,

+ body: JSON.stringify(product)

+ };

+ }

+});

+```

+# [Model v3](#tab/nodejs-v3)

+TypeScript samples aren't documented for model v3.

+# [Model v4](#tab/nodejs-v4)

+```javascript

+const { app, output } = require('@azure/functions');

+const mysqlOutput = output.generic({

+ type: 'mysql',

+ commandText: 'Products',

+ connectionStringSetting: 'MySqlConnectionString'

+})

+// Upsert the product, which will insert it into the Products table if the primary key (ProductId) for that item doesn't exist.

+// If it does then update it to have the new name and cost.

+app.http('AddProduct', {

+ methods: ['POST'],

+ authLevel: 'anonymous',

+ extraOutputs: [mysqlOutput],

+ handler: async (request, context) => {

+ // Note that this expects the body to be a JSON object or array of objects which have a property

+ // matching each of the columns in the table to upsert to.

+ const product = await request.json();

+ context.extraOutputs.set(mysqlOutput, product);

+ return {

+ status: 201,

+ body: JSON.stringify(product)

+ };

+ }

+});

+```

+# [Model v3](#tab/nodejs-v3)

+The following example is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "direction": "in",

+ "type": "httpTrigger",

+ "methods": [

+ "post"

+ ],

+ "route": "addproduct"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "product",

+ "type": "mysql",

+ "direction": "out",

+ "commandText": "Products",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample JavaScript code:

+```javascript

+module.exports = async function (context, req, products) {

+ context.log('JavaScript HTTP trigger and MySQL output binding function processed a request.');

+

+ context.res = {

+ // status: 200, /* Defaults to 200 */

+ mimetype: "application/json",

+ body: products

+ };

+}

+```

+More samples for the Azure Database for MySQL output binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-powershell).

+This section contains the following example:

+* [HTTP trigger, write records to a table](#http-trigger-write-records-to-table-powershell)

+The examples refer to a database table:

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+<a id="http-trigger-write-records-to-table-powershell"></a>

+### HTTP trigger, write records to a table

+The following example shows a MySQL output binding in a function.json file and a PowerShell function that adds records to a table, using data provided in an HTTP POST request as a JSON body.

+The following example is binding data in the function.json file:

+```json

+{

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "Request",

+ "direction": "in",

+ "type": "httpTrigger",

+ "methods": [

+ "post"

+ ],

+ "route": "addproduct"

+ },

+ {

+ "name": "response",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "product",

+ "type": "mysql",

+ "direction": "out",

+ "commandText": "Products",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample PowerShell code for the function in the `run.ps1` file:

+```powershell

+using namespace System.Net

+# Trigger binding data passed in via param block

+param($Request, $TriggerMetadata)

+# Write to the Azure Functions log stream.

+Write-Host "PowerShell function with MySql Output Binding processed a request."

+# Note that this expects the body to be a JSON object or array of objects

+# which have a property matching each of the columns in the table to upsert to.

+$req_body = $Request.Body

+# Assign the value we want to pass to the MySql Output binding.

+# The -Name value corresponds to the name property in the function.json for the binding

+Push-OutputBinding -Name product -Value $req_body

+# Assign the value to return as the HTTP response.

+# The -Name value matches the name property in the function.json for the binding

+Push-OutputBinding -Name response -Value ([HttpResponseContext]@{

+ StatusCode = [HttpStatusCode]::OK

+ Body = $req_body

+})

+```

+More samples for the Azure Database for MySQL output binding are available in the [GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples/samples-python).

+This section contains the following example:

+* [HTTP trigger, write records to a table](#http-trigger-write-records-to-table-python)

+The examples refer to a database table:

+```sql

+DROP TABLE IF EXISTS Products;

+CREATE TABLE Products (

+ ProductId int PRIMARY KEY,

+ Name varchar(100) NULL,

+ Cost int NULL

+);

+```

+> [!NOTE]

+> Please note that Azure Functions version 1.22.0b4 must be used for Python .

+>

+<a id="http-trigger-write-records-to-table-python"></a>

+### HTTP trigger, write records to a table

+The following example shows a MySQL output binding in a function.json file and a Python function that adds records to a table, using data provided in an HTTP POST request as a JSON body.

+# [v2](#tab/python-v2)

+The following example is sample python code for the function_app.py file:

+```python

+import json

+

+import azure.functions as func

+

+app = func.FunctionApp(http_auth_level=func.AuthLevel.ANONYMOUS)

+@app.generic_trigger(arg_name="req", type="httpTrigger", route="addproduct")

+@app.generic_output_binding(arg_name="$return", type="http")

+@app.generic_output_binding(arg_name="r", type="mysql",

+ command_text="Products",

+ connection_string_setting="MySqlConnectionString")

+def mysql_output(req: func.HttpRequest, r: func.Out[func.MySqlRow]) \

+ -> func.HttpResponse:

+ body = json.loads(req.get_body())

+ row = func.MySqlRow.from_dict(body)

+ r.set(row)

+

+ return func.HttpResponse(

+ body=req.get_body(),

+ status_code=201,

+ mimetype="application/json"

+ )

+```

+# [v1](#tab/python-v1)

+The following example is binding data in the function.json file:

+```json

+{

+ "scriptFile": "__init__.py",

+ "bindings": [

+ {

+ "authLevel": "function",

+ "name": "req",

+ "direction": "in",

+ "type": "httpTrigger",

+ "methods": [

+ "post"

+ ],

+ "route": "addproduct"

+ },

+ {

+ "name": "$return",

+ "type": "http",

+ "direction": "out"

+ },

+ {

+ "name": "product",

+ "type": "mysql",

+ "direction": "out",

+ "commandText": "Products",

+ "connectionStringSetting": "MySqlConnectionString"

+ }

+ ],

+ "disabled": false

+}

+```

+The [configuration](#configuration) section explains these properties.

+The following example is sample Python code:

+```python

+import json

+import azure.functions as func

+def main(req: func.HttpRequest, product: func.Out[func.MySqlRow]) -> func.HttpResponse:

+ """Upsert the product, which will insert it into the Products table if the primary key

+ (ProductId) for that item doesn't exist. If it does then update it to have the new name

+ and cost.

+ """

+ # Note that this expects the body to be a JSON object which

+ # have a property matching each of the columns in the table to upsert to.

+ body = json.loads(req.get_body())

+ row = func.MySqlRow.from_dict(body)

+ product.set(row)

+ return func.HttpResponse(

+ body=req.get_body(),

+ status_code=201,

+ mimetype="application/json"

+ )

+```

+## Attributes

+The [C# library](functions-dotnet-class-library.md) uses the MySqlAttribute attribute to declare the MySQL bindings on the function, which has the following properties:

+| Attribute property |Description|

+|||

+| **CommandText** | Required. The name of the table being written to by the binding. |

+| **ConnectionStringSetting** | Required. The name of an app setting that contains the connection string for the database to which data is being written. This isn't the actual connection string and must instead resolve to an environment variable. |

+## Annotations

+In the [Java functions runtime library](/java/api/overview/azure/functions/runtime), use the `@MySQLOutput` annotation on parameters whose value would come from Azure Database for MySQL. This annotation supports the following elements:

+| Element |Description|

+|||

+| **commandText** | Required. The name of the table being written to by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database to which data is being written. This isn't the actual connection string and must instead resolve to an environment variable.|

+|**name** | Required. The unique name of the function binding. |

+## Configuration

+# [Model v4](#tab/nodejs-v4)

+The following table explains the properties that you can set on the `options` object passed to the `output.generic()` method.

+| Property | Description |

+||-|

+| **commandText** | Required. The name of the table being written to by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database to which data is being written. This isn't the actual connection string and must instead resolve to an environment variable. |

+# [Model v3](#tab/nodejs-v3)

+The following table explains the binding configuration properties that you set in the *function.json* file.

+| Property | Description |

+||-|

+|**type** | Required. Must be set to `Mysql`.|

+|**direction** | Required. Must be set to `out`. |

+|**name** | Required. The name of the variable that represents the entity in function code. |

+| **commandText** | Required. The name of the table being written to by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database to which data is being written. This isn't the actual connection string and must instead resolve to an environment variable. |

+## Configuration

+The following table explains the binding configuration properties that you set in the *function.json* file.

+|function.json property | Description|

+||-|

+|**type** | Required. Must be set to `Mysql`.|

+|**direction** | Required. Must be set to `out`. |

+|**name** | Required. The name of the variable that represents the entity in function code. |

+| **commandText** | Required. The name of the table being written to by the binding. |

+| **connectionStringSetting** | Required. The name of an app setting that contains the connection string for the database to which data is being written. This isn't the actual connection string and must instead resolve to an environment variable. |

+> [!NOTE]

+>The output binding supports all special characters including ($, `, -, _) . It is same as mentioned in mysql community [documentation](https://dev.mysql.com/doc/refman/8.0/en/identifiers.html)

+>

+>It is on different programming language if special character is supported to define members attributes containing special characters. For example, C# have few limitations to define [variables](https://learn.microsoft.com/dotnet/csharp/fundamentals/coding-style/identifier-names)

+>

+>Apart from that, the output binding covering all special characters can be done using 'JObject'. The detailed example can be followed in this [Github link](https://github.com/Azure/azure-functions-mysql-extension/blob/main/samples/samples-csharp/OutputBindingSamples/AddProductJObject.cs)

+>

+## Usage

+The `CommandText` property is the name of the table where the data is to be stored. The connection string setting name corresponds to the application setting that contains the connection string to Azure Database for MySQL.

+If an exception occurs when a MySQL output binding is executed then the function code stop executing. This may result in an error code being returned, such as an HTTP trigger returning a 500 error code.

+## Next steps

+- [Read data from a database (Input binding)](./functions-bindings-azure-mysql-input.md)

+ Title: Azure Database for MySQL bindings for Functions

+description: Understand how to use Azure Database for MySQL bindings in Azure Functions.

+ - build-2023

+ - devx-track-extended-java

+ - devx-track-js

+ - devx-track-python

+ - ignite-2023

+zone_pivot_groups: programming-languages-set-functions-lang-workers

+# Azure Database for MySQL bindings for Azure Functions overview (Preview)

+This set of articles explains how to work with [Azure Database for MySQL](/azure/mysql/index) bindings in Azure Functions. For preview, Azure Functions supports input bindings and output bindings for Azure Database for MySQL.

+| Action | Type |

+|||

+| Read data from a database | [Input binding](./functions-bindings-azure-mysql-input.md) |

+| Save data to a database |[Output binding](./functions-bindings-azure-mysql-output.md) |

+## Install extension

+The extension NuGet package you install depends on the C# mode you're using in your function app:

+# [Isolated worker model](#tab/isolated-process)

+Functions execute in an isolated C# worker process. To learn more, see [Guide for running C# Azure Functions in an isolated worker process](dotnet-isolated-process-guide.md).

+Add the extension to your project by installing this [NuGet package](https://www.nuget.org/packages/Microsoft.Azure.Functions.Worker.Extensions.MySql/1.0.3-preview/).

+```bash

+dotnet add package Microsoft.Azure.Functions.Worker.Extensions.MySql --version 1.0.3-preview

+```

+# [In-process model](#tab/in-process)

+Functions execute in the same process as the Functions host. To learn more, see [Develop C# class library functions using Azure Functions](functions-dotnet-class-library.md).

+Add the extension to your project by installing this [NuGet package](https://www.nuget.org/packages/Microsoft.Azure.WebJobs.Extensions.MySql/1.0.3-preview).

+```bash

+dotnet add package Microsoft.Azure.WebJobs.Extensions.MySql --version 1.0.3-preview

+```

+## Install bundle

+The MySQL bindings extension is part of the v4 [extension bundle](https://learn.microsoft.com/azure/azure-functions/functions-bindings-register#extension-bundles), which is specified in your host.json project file.

+### Preview Bundle v4.x

+You can use the preview extension bundle by adding or replacing the following code in your `host.json` file:

+```json

+{

+ "version": "2.0",

+ "extensionBundle": {

+ "id": "Microsoft.Azure.Functions.ExtensionBundle.Preview",

+ "version": "[4.*, 5.0.0)"

+ }

+}

+```

+## Functions runtime

+## Install bundle

+The MySQL bindings extension is part of the v4 [extension bundle](https://learn.microsoft.com/azure/azure-functions/functions-bindings-register#extension-bundles), which is specified in your host.json project file.

+### Preview Bundle v4.x

+You can use the preview extension bundle by adding or replacing the following code in your `host.json` file:

+```json

+{

+ "version": "2.0",

+ "extensionBundle": {

+ "id": "Microsoft.Azure.Functions.ExtensionBundle.Preview",

+ "version": "[4.*, 5.0.0)"

+ }

+}

+```

+## Install bundle

+The MySQL bindings extension is part of the v4 [extension bundle](https://learn.microsoft.com/azure/azure-functions/functions-bindings-register#extension-bundles), which is specified in your host.json project file.

+### Preview Bundle v4.x

+You can use the preview extension bundle by adding or replacing the following code in your `host.json` file:

+```json

+{

+ "version": "2.0",

+ "extensionBundle": {

+ "id": "Microsoft.Azure.Functions.ExtensionBundle.Preview",

+ "version": "[4.*, 5.0.0)"

+ }

+}

+```

+## Update packages

+You can use the preview extension bundle with an update to the `pom.xml` file in your Java Azure Functions project as seen in the following snippet:

+```xml

+<dependency>

+<groupId>com.microsoft.azure.functions</groupId>

+<artifactId>azure-functions-java-library-mysql</artifactId>

+<version>1.0.1-preview</version>

+</dependency>

+```

+## MySQL connection string

+Azure Database for MySQL bindings for Azure Functions have a required property for the connection string on all bindings. These pass the connection string to the MySql.Data.MySqlClient library and supports the connection string as defined in the [MySqlClient ConnectionString documentation](https://dev.mysql.com/doc/connector-net/en/connector-net-connections-string.html). Notable keywords include:

+- `server` the host on which the server instance is running. The value can be a host name, IPv4 address, or IPv6 address.

+- `uid` the MySQL user account to provide for the authentication process

+- `pwd` the password to use for the authentication process.

+- `database` The default database for the connection. If no database is specified, the connection has no default database

+## Considerations

+- Azure Database for MySQL binding supports version 4.x and later of the Functions runtime.

+- Source code for the Azure Database for MySQL bindings can be found in [this GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/src).

+- This binding requires connectivity to an Azure Database for MySQL.

+- Output bindings against tables with columns of spatial data types `GEOMETRY`, `POINT`, or `POLYGON` aren't supported and data upserts will fail.

+## Samples

+In addition to the samples for C#, Java, JavaScript, PowerShell, and Python available in the [Azure SQL bindings GitHub repository](https://github.com/Azure/azure-functions-mysql-extension/tree/main/samples), more are available in Azure Samples.

+## Next steps

+- [Read data from a database (Input binding)](./functions-bindings-azure-mysql-input.md)

+- [Save data to a database (Output binding)](./functions-bindings-azure-mysql-output.md)

+ + Azure Event Grid

+ + Azure Event Hubs

+ + Azure Blob storage (event-based)

+ + Durable Functions (MSSQL storage provider)

+ + HTTP

+ + [Deployment from an Azure Container Registry](functions-deploy-container-apps.md?tabs=acr#create-and-configure-a-function-app-on-azure-with-the-image)

+ + [Triggers and bindings](functions-reference.md#configure-an-identity-based-connection)

+ + [Required host storage connection](functions-identity-based-connections-tutorial.md)

+Azure Functions supports hosting your containerized functions either in Azure Container Apps or in Azure Functions. Running your containers directly in a Kubernetes cluster or in Azure Kubernetes Service (AKS) isn't officially supported by Azure Functions. To learn more, see [Linux container support in Azure Functions](container-concepts.md).

+This deployment account must already be configured when you create your app, including the specific container used for deployments. To learn more about configuring deployments, see [Deployment sources](#deployment-sources).

+Other deployment settings are [configured with the app itself](#deployment-sources).

+You can use the [`linuxFxVersion`](./functions-app-settings.md#linuxfxversion) site setting to request that a specific Linux container be deployed to your app when it's created. More settings are required to access images in a private repository. For more information, see [Application configuration](#application-configuration).

+These site settings are required only when using managed identities to obtain the image from an Azure Container Registry instance:

+* **Live Metrics Stream (recommended)**: when your function app is [connected to Application Insights](configure-monitoring.md#enable-application-insights-integration), you can view log data and other metrics in near real-time in the Azure portal using [Live Metrics Stream](/azure/azure-monitor/app/live-stream). Use this method when monitoring functions running on multiple-instances and supports all plan types. This method uses [sampled data](configure-monitoring.md#configure-sampling).

+* **Built-in log streaming**: the App Service platform lets you view a stream of your application log files. This is equivalent to the output seen when you debug your functions during [local development](functions-develop-local.md) and when you use the **Test** tab in the portal. All log-based information is displayed. For more information, see [Stream logs](../app-service/troubleshoot-diagnostic-logs.md#stream-logs). This streaming method supports only a single instance, and can't be used with an app running on Linux in a Consumption plan. When your function is scaled to multiple instances, data from other instances isn't shown using this method.

+## November 2024

+Azure VMware Solution is now ready to update all existing Azure Commercial customers from vSphere 7 to vSphere 8 (Stretched Clusters & Azure Government still pending). Over the coming months, all customers will receive a scheduling notice for this upgrade. If you want to prioritize your vSphere 8 upgrade, open a [Service Request](https://rc.portal.azure.com/#create/Microsoft.Support) with Microsoft requesting a "Priority vSphere 8 upgrade" for your private cloud. [Learn more](architecture-private-clouds.md#vmware-software-versions)

+All new Azure VMware Solution private clouds are being deployed with VMware vSphere 8.0 version in [Microsoft Azure Government](https://azure.microsoft.com/explore/global-infrastructure/government/#why-azure). [Learn more](architecture-private-clouds.md#vmware-software-versions)

+The VMware Cloud Foundations (VCF) license portability feature on Azure VMware Solution allows you to bring your VCF entitlement to Azure VMware Solution and take advantage of potential cost savings.

+All new Azure VMware Solution private clouds are being deployed with VMware vSphere 8.0 version in Azure Commercial (Stretched Clusters excluded). [Learn more](architecture-private-clouds.md#vmware-software-versions)

+ //This is the list of files to stage to a container -- for each job, one container is created and

+ }

+To view trace logs in your Applications Insights resource, click **Search**. This view shows a list of diagnostic data captured by Application Insights including traces, events, and exceptions.

+data that Application Insights logs. However, there are cases when you would always like to monitor the compute nodes. For example, they might be running background work which is not scheduled via the Batch service. In this case, set up a monitoring process to run for the life of the compute node.

+You can find more general guidance on how to set up your service architecture to handle throttling and limitations in the [Azure Architecture](/azure/architecture) documentation for [throttling patterns](/azure/architecture/patterns/throttling). To increase throttling limits you need to make a request to [Azure Support](../support.md).

+Rate Limits for SMS:

+You can send a limited number of email messages. If you exceed the following limits for your subscription, your requests are rejected. You can attempt these requests again, after the Retry-After time passes. Take action before reaching the limit by requesting to raise your sending volume limits if needed.

+The Azure Communication Services email service is designed to support high throughput. However, the service imposes initial rate limits to help customers onboard smoothly and avoid some of the issues that can occur when switching to a new email service. We recommend gradually increasing your email volume using Azure Communication Services Email over a period of two to four weeks, while closely monitoring the delivery status of your emails. This gradual increase enables third-party email service providers to adapt to the change in IP for your domain's email traffic. The gradual change gives you time to protect your sender reputation and maintain the reliability of your email delivery.

+We approve higher limits for customers based on use case requirements, domain reputation, traffic patterns, and failure rates. To request higher limits, follow the instructions at [Quota increase for email domains](./email/email-quota-increase.md). Higher quotas are only available for verified custom domains, not Azure-managed domains.

+> \* Read receipts and typing indicators are not supported on chat threads with more than 20 participants.

+Rate Limits for Job Router:

+Using a Teams interoperability scenario, you'll likely use some Microsoft Graph APIs to create [meetings](/graph/cloud-communications-online-meetings).

+description: Learn about the Azure Communication Services UI Library and how it can help you build communication experiences.

+ Title: 'Quickstart: Integrate chat experiences in your app by using UI Library'

+description: Get started with Azure Communication Services UI Library composites to add chat communication experiences to your applications.

+Azure Communication Services UI Library renders a full chat experience right in your application. It takes care of connecting to Azure Communication Services chat services and updates a participant's presence automatically. As a developer, you need to decide about where in your app's user experience you want the chat experience to start and create only the Azure Communication Services resources as required.

+If you want to clean up and remove an Azure Communication Services subscription, you can delete the resource or resource group.

+ Title: Pre-send email analysis - Detecting sensitive data and inappropriate content using Azure AI

+description: How to detect sensitive data and inappropriate content in email messages before sending, using Azure AI in Azure Communication Services.

+# Pre-send email analysis: Detecting sensitive data and inappropriate content using Azure AI

+Azure Communication Services email enables organizations to send high volume messages to their customers using their applications. This tutorial shows how to leverage Azure AI to ensure that your messages accurately reflect your businessΓÇÖs brand and reputation before sending them. Azure AI offers services to analyze your email content for sensitive data and identify inappropriate content.

+This tutorial describes how to use Azure AI Text Analytics to check for sensitive data and Azure AI Content Safety to identify inappropriate text content. Use these functions to check your content before sending the email using Azure Communication Services.

+## Prerequisites

+You need to complete these quickstarts to set up the Azure AI resources:

+- [Quickstart: Detect Personally Identifying Information (PII) in text](/azure/ai-services/language-service/personally-identifiable-information/quickstart)

+- [Quickstart: Moderate text and images with content safety in Azure AI Studio](/azure/ai-studio/quickstarts/content-safety)

+## Prerequisite check

+1. In a terminal or command window, run the dotnet command to check that the .NET client library is installed.

+ `reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP"`

+

+2. View the subdomains associated with your Email Communication Services resource. Sign in to the Azure portal. Locate your Email Communication Services resource. Open the **Provision domains** tab from the left navigation pane.

+ :::image type="content" source="./media/email-view-subdomains.png" alt-text="Screenshot showing the email subdomains in your Email Communication Services resource in the Azure portal.":::

+

+ > [!NOTE]

+ > Make sure that the email sub-domain you plan to use for sending email is verified in your email communication resource. For more information, see [Quickstart: How to add custom verified email domains](../quickstarts/email/add-custom-verified-domains.md).

+

+3. View the domains connected to your Azure Communication Services resource. Sign in to the Azure portal. Locate your Azure Communication Services resource. Open the **Email** > **Domains** tab from the left navigation pane.

+

+ :::image type="content" source="./media/email-view-connected-domains.png" alt-text="Screenshot showing the email domains connected to your Email Communication Services resource in the Azure portal.":::

+ > [!NOTE]

+ > Verified custom sub-domains must be connected with your Azure Communication Services resource before you use the resource to send emails. For more information, see [Quickstart: How to connect a verified email domain](../quickstarts/email/connect-email-communication-resource.md).

+## Create a new C# application

+This section describes how to create a new C# application, install required packages, and create the Main function.

+1. In a console window (such as cmd, PowerShell, or Bash), use the `dotnet new` command to create a new console app with the name `EmailPreCheck`. This command creates a simple "Hello World" C# project with a single source file: `Program.cs`.

+

+ `dotnet new console -o EmailPreCheck`

+

+2. Change your directory to the newly created `EmailPreCheck` app folder and use the `dotnet build` command to compile your application.

+

+ `cd EmailPreCheck`

+

+ `dotnet build`

+### Install required packages

+From the application directory, install the Azure Communication Services Email client and Azure AI libraries for .NET packages using the `dotnet add package` commands.

+`dotnet add package Azure.Communication.Email`

+`dotnet add package Azure.AI.TextAnalytics`

+`dotnet add package Microsoft.Azure.CognitiveServices.ContentModerator`

+## Create the Main function

+Open `Program.cs` and replace the existing contents with the following code. The `using` directives include the `Azure.Communication.Email` and `Azure.AI namespaces`. The rest of the code outlines the `SendMail` function for your program.

+```csharp

+using System;

+using System.Collections.Generic;

+using System.Threading;

+using System.Threading.Tasks;

+using Azure;

+using Azure.Communication.Email;

+using Azure.AI.TextAnalytics;

+using Azure.AI.ContentSafety;

+namespace SendEmail

+{

+ internal class Program

+ {

+ static async Task Main(string[] args) {

+ // Authenticate and create the Azure Communication Services email client

+ // Set sample content

+

+ // Pre-check for sensitive data and inappropriate content

+ // Send Email

+ }

+ }

+}

+```

+## Add function that checks for sensitive data

+Create a new function to analyze the email subject and body for sensitive data such as social security numbers and credit card numbers.

+```csharp

+private static async Task<bool> AnalyzeSensitiveData(List<string> documents)

+{

+// Client authentication goes here

+// Function implementation goes here

+}

+```

+### Create the Text Analytics client with authentication

+Create a new function with a Text Analytics client that also retrieves your connection information. Add the following code into the `AnalyzeSensitiveData` function to retrieve the connection key and endpoint for the resource from environment variables named `LANGUAGE_KEY` and `LANGUAGE_ENDPOINT`. It also creates the new `TextAnalyticsClient` and `AzureKeyCredential` variables. For more information about managing your Text Analytics connection information, see [Quickstart: Detect Personally Identifiable Information \(PII\) > Get your key and endpoint](/azure/ai-services/language-service/personally-identifiable-information/quickstart#get-your-key-and-endpoint).

+```csharp

+// This example requires environment variables named "LANGUAGE_KEY" and "LANGUAGE_ENDPOINT"

+string languageKey = Environment.GetEnvironmentVariable("LANGUAGE_KEY");

+string languageEndpoint = Environment.GetEnvironmentVariable("LANGUAGE_ENDPOINT");

+var client = new TextAnalyticsClient(new Uri(languageEndpoint), new AzureKeyCredential(languageKey));

+```

+### Check the content for sensitive data

+Loop through the content to check for any sensitive data. Start the sensitivity check with a baseline of `false`. If sensitive data is found, return `true`.

+Add the following code into the `AnalyzeSensitiveData` function following the line that creates the `TextAnalyticsClient` variable.

+```csharp

+bool senstiveDataDetected = false; // we start with a baseline that of no sensitive data

+var actions = new TextAnalyticsActions

+{

+ RecognizePiiEntitiesActions = new List<RecognizePiiEntitiesAction> { new RecognizePiiEntitiesAction() }

+};

+var operation = await client.StartAnalyzeActionsAsync(documents, actions);

+await operation.WaitForCompletionAsync();

+await foreach (var documentResults in operation.Value)

+{

+ foreach (var actionResult in documentResults.RecognizePiiEntitiesResults)

+ {

+ if (actionResult.HasError)

+ {

+ Console.WriteLine($"Error: {actionResult.Error.ErrorCode} - {actionResult.Error.Message}");

+

+ }

+ else

+ {

+ foreach (var document in actionResult.DocumentsResults)

+ {

+ foreach (var entity in document.Entities)

+ {

+ if (document.Entities.Count > 0)

+ {

+ senstiveDataDetected = true; // Sensitive data detected

+ }

+ }

+ }

+ }

+

+ }

+}

+return senstiveDataDetected;

+```

+## Add function that checks for inappropriate content

+Create another new function to analyze the email subject and body for inappropriate content such as hate or violence.

+```csharp

+static async Task<bool> AnalyzeInappropriateContent(List<string> documents)

+{

+// Client authentication goes here

+// Function implementation goes here

+}

+```

+### Create the Content Safety client with authentication

+Create a new function with a Content Safety client that also retrieves your connection information. Add the following code into the `AnalyzeInappropriateContent` function to retrieve the connection key and endpoint for the resource from environment variables named `CONTENT_LANGUAGE_KEY` and `CONTENT_LANGUAGE_ENDPOINT`. It also creates a new `ContentSafetyClient` variable. If you're using the same Azure AI instance for Text Analytics, these values remain the same. For more information about managing your Content Safety connection information, see [Quickstart: Detect Personally Identifiable Information (PII) > Create environment variables](/azure/ai-services/language-service/personally-identifiable-information/quickstart#create-environment-variables).

+```csharp

+// This example requires environment variables named "CONTENT_LANGUAGE_KEY" and "CONTENT_LANGUAGE_ENDPOINT"

+ string contentSafetyLanguageKey = Environment.GetEnvironmentVariable("CONTENT_LANGUAGE_KEY");

+string contentSafetyEndpoint = Environment.GetEnvironmentVariable("CONTENT_LANGUAGE_ENDPOINT");

+var client = new ContentSafetyClient(new Uri(contentSafetyEndpoint), new AzureKeyCredential(contentSafetyLanguageKey));

+```

+### Check for inappropriate content

+Loop through the content to check for inappropriate content. Start the inappropriate content detection with a baseline of `false`. If inappropriate content is found, return `true`.

+Add the following code into the `AnalyzeInappropriateContent` function after the line that creates the `ContentSafetyClient` variable.

+```csharp

+bool inappropriateTextDetected = false;

+foreach (var document in documents)

+{

+ var options = new AnalyzeTextOptions(document);

+ AnalyzeTextResult response = await client.AnalyzeTextAsync(options);

+ // Check the response

+ if (response != null)

+ {

+ // Access the results from the response

+ foreach (var category in response.CategoriesAnalysis)

+ {

+ if (category.Severity > 2) // Severity: 0=safe, 2=low, 4=medium, 6=high

+ {

+ inappropriateTextDetected = true;

+ }

+ }

+ }

+ else

+ {

+ Console.WriteLine("Failed to analyze content.");

+ }

+}

+return inappropriateTextDetected; // No inappropriate content detected

+```

+## Update the Main function to run prechecks and send email

+Now that you added the two functions for checking for sensitive data and inappropriate content, you can call them before sending email from Azure Communication Services.

+### Create and authenticate the email client

+

+You have a few options available for authenticating to an email client. This example fetches your connection string from an environment variable.

+Open `Program.cs` in an editor. Add the following code to the body of the Main function to initialize an `EmailClient` with your connection string. This code retrieves the connection string for the resource from an environment variable named `COMMUNICATION_SERVICES_CONNECTION_STRING`. For more information about managing your resource connection string, see [Quickstart: Create and manage Communication Services resources > Store your connection string](../quickstarts/create-communication-resource.md#store-your-connection-string).

+```csharp

+// This code shows how to fetch your connection string from an environment variable.

+string connectionString = Environment.GetEnvironmentVariable("COMMUNICATION_SERVICES_CONNECTION_STRING");

+EmailClient emailClient = new EmailClient(connectionString);

+```

+## Add sample content

+Add the sample email content into the Main function, following the lines that create the email client.

+You need to get the sender email address. For more information about Azure Communication Services email domains, see [Quickstart: How to add Azure Managed Domains to Email Communication Service](../quickstarts/email/add-custom-verified-domains.md).

+Modify the recipient email address variable.

+Put both the subject and the message body into a `List<string>` which can be used by the two content checking functions.

+```csharp

+//Set sample content

+var sender = "donotreply@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.azurecomm.net"; // get the send email from your email resource in the Azure Portal

+var recipient = "emailalias@contoso.com"; // modify the recipient

+var subject = "Precheck Azure Communication Service Email with Azure AI";

+var htmlContent = "<html><body><h1>Precheck email test</h1><br/><h4>This email message is sent from Azure Communication Service Email. </h4>";

+htmlContent += "<p> My SSN is 123-12-1234. My Credit Card Number is: 1234 4321 5678 8765. My address is 1011 Main St, Redmond, WA, 998052 </p>";

+htmlContent += "<p>A 51-year-old man was found dead in his car. There were blood stains on the dashboard and windscreen.";

+htmlContent += "At autopsy, a deep, oblique, long incised injury was found on the front of the neck. It turns out that he died by suicide.</p>";

+htmlContent += "</body></html>";

+List<string> documents = new List<string> { subject, htmlContent };

+```

+### Pre-check content before sending email

+You need to call the two functions to look for violations and use the results to determine whether or not to send the email. Add the following code to the Main function after the sample content.

+```csharp

+// Pre-Check content

+bool containsSensitiveData = await AnalyzeSensitiveData(documents);

+bool containsInappropriateContent = await AnalyzeInappropriateContent(documents);

+// Send email only if not sensitive data or inappropriate content is detected

+if (containsSensitiveData == false && containsInappropriateContent == false)

+{

+ /// Send the email message with WaitUntil.Started

+ EmailSendOperation emailSendOperation = await emailClient.SendAsync(

+ Azure.WaitUntil.Started,

+ sender,

+ recipient,

+ subject,

+ htmlContent);

+ /// Call UpdateStatus on the email send operation to poll for the status manually

+ try

+ {

+ while (true)

+ {

+ await emailSendOperation.UpdateStatusAsync();

+ if (emailSendOperation.HasCompleted)

+ {

+ break;

+ }

+ await Task.Delay(100);

+ }

+ if (emailSendOperation.HasValue)

+ {

+ Console.WriteLine($"Email queued for delivery. Status = {emailSendOperation.Value.Status}");

+ }

+ }

+ catch (RequestFailedException ex)

+ {

+ Console.WriteLine($"Email send failed with Code = {ex.ErrorCode} and Message = {ex.Message}");

+ }

+ /// Get the OperationId so that it can be used for tracking the message for troubleshooting

+ string operationId = emailSendOperation.Id;

+ Console.WriteLine($"Email operation id = {operationId}");

+}

+else

+{

+ Console.WriteLine("Sensitive data and/or inappropriate content detected, email not sent\n\n");

+}

+```

+## Next steps

+- Learn more about [Azure Communication Services](../overview.md).

+- Learn more about [Azure AI Studio](/azure/ai-studio/).

+description: Learn how to use UI Library to enable inline image support in Teams Interoperability Chat.

+# Enable inline image by using UI Library in Teams Interoperability Chat

+With Teams Interoperability Chat ("Interop Chat"), you can enable Azure Communication Services users to receive inline images sent by Teams users. When a rich text editor is enabled, Azure Communication Services users can send inline images to Teams users. To learn more, see [UI Library use cases](../concepts/ui-library/ui-library-use-cases.md).

+The feature in Azure Communication Services for receiving inline images comes with the `CallWithChat` composite without extra setup. To enable the feature in Azure Communication Services for sending inline images, set `richTextEditor` to `true` under `CallWithChatCompositeOptions`.

+> The feature in Azure Communication Services for sending inline images is currently in preview.

+- [Node.js](https://nodejs.org/), Active Long-Term Support (LTS) and Maintenance LTS versions. Use the `node --version` command to check your version.

+- An active Azure Communication Services resource and connection string. For more information, see [Create an Azure Communication Services resource](../quickstarts/create-communication-resource.md).

+- UI Library version [1.15.0](https://www.npmjs.com/package/@azure/communication-react/v/1.15.0) or the latest version for receiving inline images. Use the UI Library version [1.19.0-beta.1](https://www.npmjs.com/package/@azure/communication-react/v/1.19.0-beta.1) or the latest beta version for sending inline images.

+- A Teams meeting created and the meeting link ready.

+- A familiarity with how [ChatWithChat composite](https://azure.github.io/communication-ui-library/?path=/docs/composites-call-with-chat-basicexample--basic-example) works.

+First of all, Teams Interop Chat must be part of a Teams meeting currently. When the Teams user creates an online meeting, a chat thread is created and associated with the meeting. To enable the Azure Communication Services user to join the chat and start to send or receive messages, a meeting participant (a Teams user) must admit them to the call first. Otherwise, they don't have access to the chat.

+After the Azure Communication Services user is admitted to the call, they can start to chat with other participants on the call. In this tutorial, you learn how the feature for sending and receiving inline images works in Interop Chat.

+Because you need to join a Teams meeting first, we need to use the `ChatWithChat` composite from UI Library.

+Let's follow the basic example from the [storybook page](https://azure.github.io/communication-ui-library/?path=/docs/composites-call-with-chat-basicexample--basic-example) to create a `ChatWithChat` composite.

+No specific setup is needed to enable receiving inline images. But to send inline images, the `richTextEditor` function must be enabled through `CallWithChatExampleProps`. Here's a code snippet on how to enable it:

+To start the composite for meeting chat, you need to pass `TeamsMeetingLinkLocator`, which looks like this:

+No other setup is needed.

+Let's run `npm run start`. Then you can access the sample app via `localhost:3000`.

+

+Select the chat button located at the bottom of the pane to open the chat pane. Now, if a Teams user sends an image, you should see something like the following screenshot.

+

+

+When the feature for sending inline images is enabled, you should see something like the following screenshot.

+

+

+## Known issues

+* UI Library might not support certain GIF images at this time. The user might receive a static image instead.

+* The web UI Library doesn't support clips (short videos) sent by Teams users at this time.

+* For certain Android devices, pasting a single image is supported only when you hold down the rich text editor and select **Paste**. Selecting from the clipboard view by using the keyboard might not be supported.

+## Next step

+> [Check the rest of UI Library](https://azure.github.io/communication-ui-library/)

+You might also want to:

+- [Create user access tokens](../quickstarts/identity/access-tokens.md)

+- [Add file sharing with UI Library in Azure Communication Services Chat](./file-sharing-tutorial-acs-chat.md)

+Azure Data Factory supports the following file formats. Refer to each article for format-based settings.

+- [Avro format](format-avro.md)

+- [Binary format](format-binary.md)

+- [Delimited text format](format-delimited-text.md)

+- [Excel format](format-excel.md)

+- [Iceberg format](format-iceberg.md)

+- [JSON format](format-json.md)

+- [ORC format](format-orc.md)

+- [Parquet format](format-parquet.md)

+- [XML format](format-xml.md)

+Azure Data Factory supports the following file formats. Refer to each article for format-based settings.

+- [Avro format](format-avro.md)

+- [Binary format](format-binary.md)

+- [Delimited text format](format-delimited-text.md)

+- [Iceberg format](format-iceberg.md)

+- [JSON format](format-json.md)

+- [ORC format](format-orc.md)

+- [Parquet format](format-parquet.md)

+In the sink transformation, you can write to either a container or folder in Azure Data Lake Storage Gen2. The **Settings** tab lets you manage how the files get written.

+ Title: Upgrade plan for Azure Data Factory connectors

+description: This article describes future upgrades for some connectors of Azure Data Factory.

+# Upgrade plan for Azure Data Factory connectors

+This article describes future upgrades for some connectors of Azure Data Factory.

+- [Iceberg format](format-iceberg.md)

+Azure Data Factory supports the following file formats. Refer to each article for format-based settings.

+- [Avro format](format-avro.md)

+- [Binary format](format-binary.md)

+- [Delimited text format](format-delimited-text.md)

+- [Excel format](format-excel.md)

+- [Iceberg format](format-iceberg.md) (only for Azure Data Lake Storage Gen2)

+- [JSON format](format-json.md)

+- [ORC format](format-orc.md)

+- [Parquet format](format-parquet.md)

+- [XML format](format-xml.md)

+ Title: Iceberg format in Azure Data Factory

+description: This topic describes how to deal with Iceberg format in Azure Data Factory and Azure Synapse Analytics.

+# Iceberg format in Azure Data Factory and Azure Synapse Analytics

+Follow this article when you want to **write the data into Iceberg format**.

+Iceberg format is supported for the following connectors:

+- [Azure Data Lake Storage Gen2](connector-azure-data-lake-storage.md)

+You can use Iceberg dataset in [Copy activity](copy-activity-overview.md).

+## Dataset properties

+For a full list of sections and properties available for defining datasets, see the [Datasets](concepts-datasets-linked-services.md) article. This section provides a list of properties supported by the Iceberg format dataset.

+| Property | Description | Required |

+| - | | -- |

+| type | The type property of the dataset must be set to **Iceberg**. | Yes |

+| location | Location settings of the file(s). Each file-based connector has its own location type and supported properties under `location`. | Yes |

+Below is an example of Iceberg dataset on Azure Data Lake Storage Gen2:

+```json

+{

+ "name": "IcebergDataset",

+ "properties": {

+ "type": "Iceberg",

+ "linkedServiceName": {

+ "referenceName": "<Azure Data Lake Storage Gen2 linked service name>",

+ "type": "LinkedServiceReference"

+ },

+ "schema": [ < physical schema, optional, auto retrieved during authoring >

+ ],

+ "typeProperties": {

+ "location": {

+ "type": "AzureBlobFSLocation",

+ "fileSystem": "filesystemname",

+ "folderPath": "folder/subfolder",

+ }

+ }

+ }

+}

+```

+## Copy activity properties

+For a full list of sections and properties available for defining activities, see the [Pipelines](concepts-pipelines-activities.md) article. This section provides a list of properties supported by the Iceberg sink.

+### Iceberg as sink

+The following properties are supported in the copy activity ***\*sink\**** section.

+| Property | Description | Required |

+| -- | | -- |

+| type | The type property of the copy activity source must be set to **IcebergSink**. | Yes |

+| formatSettings | A group of properties. Refer to **Iceberg write settings** table below. | No |

+| storeSettings | A group of properties on how to write data to a data store. Each file-based connector has its own supported write settings under `storeSettings`. | No |

+Supported **Iceberg write settings** under `formatSettings`:

+| Property | Description | Required |

+| - | | -- |

+| type | The type of formatSettings must be set to **IcebergWriteSettings**. | Yes |

+## Related connectors and formats

+Here are some common connectors and formats related to the delimited text format:

+- [Azure Data Lake Storage Gen2](connector-azure-data-lake-storage.md)

+- [Binary format](format-binary.md)

+- [Delta format](format-delta.md)

+- [Excel format](format-excel.md)

+- [JSON format](format-json.md)

+- [Parquet format](format-parquet.md)

+## Related content

+- [Data type mapping in dataset schemas](copy-activity-schema-and-type-mapping.md#data-type-mapping)

+- [Copy activity overview](copy-activity-overview.md)

+ Title: HPE ProLiant DL360 Gen 11 OT monitoring - Microsoft Defender for IoT

+description: Learn about the HPE ProLiant DL360 Gen 11 appliance when used for OT monitoring with Microsoft Defender for IoT.

+# HPE ProLiant DL360 Gen 11

+This article describes the **HPE ProLiant DL360 Gen 11** appliance for OT sensors, customized for use with Microsoft Defender for IoT.

+| Appliance characteristic |Details |

+|||

+|**Hardware profile** | C5600 |

+|**Performance** | Max bandwidth: 3 Gbps <br> Max devices: 12,000 |

+|**Physical specifications** | Mounting: 1U|

+|**Status** | Supported, available preconfigured|

+The following image displays the hardware elements on the HPE ProLiant DL360 Gen11 that are used by Defender for IoT:

+## Specifications

+|Component |Specifications|

+|||

+|**Chassis** |1U rack server |

+|**Physical Characteristics** | HPE DL360 Gen11 8SFFΓÇ» |

+|**Processor** | INT Xeon-S 4510 CPU for HPE OEM |

+|**Chipset** | Intel C262|

+|**Memory** | 4 HPE 32GB (1x32GB) Dual Rank x8 DDR5-5600 CAS-46-45-45 EC8 Registered Smart Memory Kit |

+|**Storage**| 6 HPE 2.4TB SAS 12G Mission Critical 10K SFF BC 3-year Warranty 512e Multi Vendor HDD |

+|**Network controller**| On-board: 8 x 1 Gb |

+|**Management** | HPE iLO Advanced |

+|**Power** |HPE 800W Flex Slot Titanium Hot Plug Low Halogen Power Supply Kit |

+|**Rack support** | HPE 1U Rail 3 kit |

+## HPE DL360 Gen 11 Plus (NHP 4SFF) - Bill of materials

+|PN |Description |Quantity|

+|-- | --| |

+|**P55428-B21** | HPE OEM ProLiant DL360 Gen11 SFF NC Configure-to-order Server |1|

+|**P55428-B21#B19** | HPE OEM ProLiant DL360 Gen11 SFF NC Configure-to-order Server |1|

+|**P67824-B21** | INT Xeon-S 4510 CPU for HPE OEM |2|

+|**P64706-B21** | HPE 32GB (1x32GB) Dual Rank x8 DDR5-5600 CAS-46-45-45 EC8 Registered Smart Memory Kit |4|

+|**P48896-B21** | HPE ProLiant DL360 Gen11 8SFF x4 U.3 Tri-Mode Backplane Kit |1|

+|**P28352-B21** | HPE 2.4TB SAS 12G Mission Critical 10K SFF BC 3-year Warranty 512e Multi Vendor HDD |6|

+|**P48901-B21** | HPE ProLiant DL360 Gen11 x16 Full Height Riser Kit |1|

+|**P51178-B21** | Broadcom BCM5719 Ethernet 1Gb 4-port BASE-T Adapter for HPE |1|

+|**P47789-B21** | HPE MR216i-o Gen11 x16 Lanes without Cache OCP SPDM Storage Controller |1|

+|**P10097-B21** | Broadcom BCM57416 Ethernet 10Gb 2-port BASE-T OCP3 Adapter for HPE |1|

+|**P48907-B21** | HPE ProLiant DL3X0 Gen11 1U Standard Fan Kit |1|

+|**P54697-B21** | HPE ProLiant DL3X0 Gen11 1U 2P Standard Fan Kit |1|

+|**865438-B21** | HPE 800W Flex Slot Titanium Hot Plug Low Halogen Power Supply Kit |2|

+|**AF573A** | HPE C13 - C14 WW 250V 10Amp Flint Gray 2.0m Jumper Cord |2|

+|**P48830-B21** | HPE ProLiant DL3XX Gen11 CPU2 to OCP2 x8 Enablement Kit |1|

+|**P52416-B21** | HPE ProLiant DL360 Gen11 OROC Tri-Mode Cable Kit |1|

+|**BD505A** | HPE iLO Advanced 1-server License with 3yr Support on iLO Licensed Features |1|

+|**P48904-B21** | HPE ProLiant DL3X0 Gen11 1U Standard Heat Sink Kit |2|

+|**P52341-B21** | HPE ProLiant DL3XX Gen11 Easy Install Rail 3 Kit |1|

+## HPE ProLiant DL360 Gen 11 installation

+This section describes how to install OT sensor software on the HPE ProLiant DL360 Gen 11 appliance and includes adjusting the appliance's BIOS configuration.

+During this procedure, you configure the iLO port. We recommend that you also change the default password provided for the administrative user.

+> [!NOTE]

+> Installation procedures are only relevant if you need to re-install software on a pre-configured device, or if you buy your own hardware and configure the appliance yourself.

+>

+### Enable remote access and update the password

+Use the following procedure to set up network options and update the default password.

+**To enable and update the password**:

+1. Connect a screen and a keyboard to the HP appliance, turn on the appliance, and press **F9**.

+ :::image type="content" source="../media/tutorial-install-components/hpe-proliant-screen-v2.png" alt-text="Screenshot that shows the HPE ProLiant window.":::

+1. Go to **System Utilities** > **System Configuration** > **iLO 5 Configuration Utility** > **Network Options**.

+ :::image type="content" source="../media/tutorial-install-components/system-configuration-window-v2.png" alt-text="Screenshot that shows the System Configuration window.":::

+ 1. Select **Shared Network Port-LOM** from the **Network Interface Adapter** field.

+ 1. Set **Enable DHCP** to **Off**.

+ 1. Enter the IP address, subnet mask, and gateway IP address.

+1. Select **F10: Save**.

+1. Select **Esc** to get back to the **iLO 5 Configuration Utility**, and then select **User Management**.

+1. Select **Edit/Remove User**. The administrator is the only default user defined.

+1. Change the default password and select **F10: Save**.

+### Set up the BIOS and RAID array

+This procedure describes how to configure the BIOS configuration for an unconfigured sensor appliance.

+If any of the steps below are missing in the BIOS, make sure that the hardware matches the specifications above.

+HPE BIOS iLO is a system management software designed to give administrators control of HPE hardware remotely. It allows administrators to monitor system performance, configure settings, and troubleshoot hardware issues from a web browser. It can also be used to update system BIOS and firmware. The BIOS can be set up locally or remotely. To set up the BIOS remotely from a management computer, you need to define the HPE IP address and the management computer's IP address on the same subnet.

+**To configure the HPE BIOS**:

+> [!IMPORTANT]

+> Please make sure your server is using the HPE SPP 2022.03.1 (BIOS version U32 v2.6.2) or later.

+1. Select **System Utilities** > **System Configuration** > **BIOS/Platform Configuration (RBSU)**.

+1. In the **BIOS/Ethernet Adapter/NIC Configuration**, disable LLDP Agent for all NIC cards.

+1. In the **BIOS/Platform Configuration (RBSU)** form, select **Boot Options**.

+1. Change **Boot Mode** to **UEFI BIOS Mode**, and then select **F10: Save**.

+1. Select **Esc** twice to close the **System Configuration** form.

+1. Select **Embedded RAID1: HPE Smart Array P408i-a SR Gen 10** > **Array Configuration** > **Create Array**.

+1. In the **Create Array** form, select all the drives, and enable RAID Level 5.

+> [!NOTE]

+> For **Data-at-Rest** encryption, see the HPE guidance for activating RAID Secure Encryption or using Self-Encrypting-Drives (SED).

+>

+### Install OT sensor software on the HPE DL360

+This procedure describes how to install OT sensor software on the HPE DL360.

+The installation process takes about 20 minutes. After the installation, the system is restarted several times.

+**To install OT sensor software**:

+1. Connect a screen and keyboard to the appliance, and then connect to the CLI.

+1. Connect an external CD or disk-on-key that contains the sensor software you downloaded from the Azure portal.

+1. Continue with the generic procedure for installing OT sensor software. For more information, see [Defender for IoT software installation](../how-to-install-software.md).

+## Next steps

+Continue understanding system requirements for physical or virtual appliances. For more information, see [Which appliances do I need?](../ot-appliance-sizing.md).

+Then, use any of the following procedures to continue:

+- [Download software for an OT sensor](../ot-deploy/install-software-ot-sensor.md#download-software-files-from-the-azure-portal)

+- [Download software files for an on-premises management console](../legacy-central-management/install-software-on-premises-management-console.md#download-software-files-from-the-azure-portal)

+### Use FQDN tags and service tags for endpoints through Azure Firewall

+Managing network security controls for dev boxes can be complex. To simplify configuration, use fully qualified domain name (FQDN) tags and service tags to allow network traffic.

+- **FQDN tags**

+ An [FQDN tag](/azure/firewall/fqdn-tags) is a predefined tag in Azure Firewall that represents a group of fully qualified domain names. By using FQDN tags, you can easily create and maintain egress rules for specific services like Windows 365 without manually specifying each domain name.

+ The groupings defined by FQDN tags can overlap. For example, the Windows365 FQDN tag includes AVD endpoints for standard ports, see [reference](/windows-365/enterprise/azure-firewall-windows-365#windows365-tag).

+ Non-Microsoft firewalls don't usually support FQDN tags or service tags. There might be a different term for the same functionality; check your firewall documentation.

+- **Service tags**

+ A [service tag](/azure/firewall/service-tags) represents a group of IP address prefixes from a given Azure service. Microsoft manages the address prefixes encompassed by the service tag and automatically updates the service tag as addresses change, minimizing the complexity of frequent updates to network security rules. Service tags can be used in both [Network Security Group (NSG)](/azure/virtual-network/network-security-groups-overview) and [Azure Firewall](/azure/firewall/service-tags) rules to restrict outbound network access, and in [User Defined Route (UDR)](/azure/virtual-network/virtual-networks-udr-overview#user-defined) to customize traffic routing behavior.

+## Required endpoints for physical device network connectivity

+Any device you use to connect to a dev box must have access to the following FQDNs and endpoints. Allowing these FQDNs and endpoints is essential for a reliable client experience. Blocking access to these FQDNs and endpoints is unsupported and affects service functionality.

+|Address |Protocol |Outbound port |Purpose |Clients |

+||||||

+|login.microsoftonline.com |TCP |443 |Authentication to Microsoft Online Services |All |

+|*.wvd.microsoft.com |TCP |443 |Service traffic |All |

+|*.servicebus.windows.net |TCP |443 |Troubleshooting data |All |

+|go.microsoft.com |TCP |443 |Microsoft FWLinks |All |

+|aka.ms |TCP |443 |Microsoft URL shortener |All |

+|learn.microsoft.com |TCP |443 |Documentation |All |

+|privacy.microsoft.com |TCP |443 |Privacy statement |All |

+|query.prod.cms.rt.microsoft.com |TCP |443 |Download an MSI to update the client. Required for automatic updates. |Windows Desktop |

+These FQDNs and endpoints only correspond to client sites and resources.

+## Required endpoints for dev box provisioning

+The following URLs and ports are required for the provisioning of dev boxes and the Azure Network Connection (ANC) health checks. All endpoints connect over port 443 unless otherwise specified.

+| Category | Endpoints | FQDN tag or Service tag |

+||--|-|

+| **Dev box communication endpoints** | *.agentmanagement.dc.azure.com<br>*.cmdagent.trafficmanager.net | N/A |

+| **Windows 365 service and registration endpoints** | For current Windows 365 registration endpoints, see [Windows 365 network requirements](/windows-365/enterprise/requirements-network?tabs=enterprise%2Cent#windows-365-service). | FQDN tag: *Windows365* |

+| **Azure Virtual Desktop service endpoints** | For current AVD service endpoints, see [Session host virtual machines](/azure/virtual-desktop/required-fqdn-endpoint?tabs=azure#session-host-virtual-machines). | FQDN tag: *WindowsVirtualDesktop* |

+| **Microsoft Entra ID** | FQDNs and endpoints for Microsoft Entra ID can be found under ID 56, 59 and 125 in [Office 365 URLs and IP address ranges](/office365/enterprise/urls-and-ip-address-ranges#microsoft-365-common-and-office-online). | Service tag: *AzureActiveDirectory* |

+| **Microsoft Intune** | For current FQDNs and endpoints for Microsoft Entra ID, see [Intune core service](/mem/intune/fundamentals/intune-endpoints?tabs=north-america#intune-core-service).| FQDN tag: *MicrosoftIntune* |

+The listed FQDNs and endpoints and tags correspond to the required resources. They don't include FQDNs and endpoints for all services. For service tags for other services, see [Available service tags](/azure/virtual-network/service-tags-overview#available-service-tags).

+Direct connectivity to Azure Virtual Desktop RDP broker service endpoints is critical for remote performance to a dev box. These endpoints affect both connectivity and latency. To align with the Microsoft 365 network connectivity principles, you should categorize these endpoints as *Optimize* endpoints, and use a [Remote Desktop Protocol (RDP) Shortpath](/windows-365/enterprise/rdp-shortpath-public-networks) from your Azure virtual network to those endpoints. RDP Shortpath can provide another connection path for improved dev box connectivity, especially in suboptimal network conditions.

+To make it easier to configure network security controls, use Azure Virtual Desktop service tags to identify those endpoints for direct routing using an Azure Networking User Defined Route (UDR). A UDR results in direct routing between your virtual network and the RDP broker for lowest latency.

+Some enterprise customers use traffic interception, TLS decryption, deep packet inspection, and other similar technologies for security teams to monitor network traffic. These traffic interception technologies can cause issues with running Azure network connection checks or dev box provisioning. Make sure no network interception is enforced for dev boxes provisioned within Microsoft Dev Box.

+ If the dev box user encounters sign in problems and sees an error message indicating that the sign in attempt failed, ensure you enabled the PKU2U protocol on both the local PC and the session host.

+ For more information about troubleshooting sign in errors, see [Troubleshoot connections to Microsoft Entra joined VMs - Windows Desktop client](/azure/virtual-desktop/troubleshoot-azure-ad-connections#the-logon-attempt-failed).

+If you're experiencing IPv6 issues, check that the *Microsoft.AzureActiveDirectory* service endpoint isn't enabled on the virtual network or subnet. This service endpoint converts the IPv4 to IPv6.

+When you update the image used in a dev box definition, you must ensure that you have sufficient IP addresses available in your virtual network. More free IP addresses are necessary for the Azure Network connection health check. If the health check fails, the dev box definition doesn't update. You need one extra IP address per dev box, and one IP addresses for the health check and Dev Box infrastructure.

+`retries` | > 0 | | Default is 2147483647.

+When you configure a new Azure Firewall, you can route all Internet-bound traffic to a designated next hop instead of going directly to the Internet. For example, you could have a default route advertised via BGP or using User Defined Routes (UDRs) to force traffic to an on-premises edge firewall or other network virtual appliance (NVA) to process network traffic before it's passed to the Internet. To support this configuration, you must create an Azure Firewall with the Firewall Management NIC enabled.

+You might prefer not to expose a public IP address directly to the Internet. In this case, you can deploy Azure Firewall with the Management NIC enabled without a public IP address. When the Management NIC is enabled, it creates a management interface with a public IP address that is used by Azure Firewall for its operations. The public IP address is used exclusively by the Azure platform and can't be used for any other purpose. The tenant data path network can be configured without a public IP address, and Internet traffic can be forced tunneled to another firewall or blocked.

+Azure Firewall provides automatic SNAT for all outbound traffic to public IP addresses. Azure Firewall doesnΓÇÖt SNAT when the destination IP address is a private IP address range per IANA RFC 1918. This logic works perfectly when you egress directly to the Internet. However, with forced tunneling configured, Internet-bound traffic might be SNATed to one of the firewall private IP addresses in the AzureFirewallSubnet. This hides the source address from your on-premises firewall. You can configure Azure Firewall to not SNAT regardless of the destination IP address by adding *0.0.0.0/0* as your private IP address range. With this configuration, Azure Firewall can never egress directly to the Internet. For more information, see [Azure Firewall SNAT private IP address ranges](snat-private-range.md).

+Azure Firewall also supports split tunneling, which is the ability to selectively route traffic. For example, you can configure Azure Firewall to direct all traffic to your on-premises network while routing traffic to the Internet for KMS activation, ensuring the KMS server is activated. You can do this using route tables on the AzureFirewallSubnet. For more information, see [Configuring Azure Firewall in Forced Tunneling mode - Microsoft Community Hub](https://techcommunity.microsoft.com/t5/azure-network-security-blog/configuring-azure-firewall-in-forced-tunneling-mode/ba-p/3581955).

+> DNAT isn't supported with forced tunneling enabled. Firewalls deployed with Forced Tunneling enabled can't support inbound access from the Internet because of asymmetric routing. However, firewalls with a Management NIC still support DNAT.

+When the Firewall Management NIC is enabled, the *AzureFirewallSubnet* can now include routes to any on-premises firewall or NVA to process traffic before it's passed to the Internet. You can also publish these routes via BGP to *AzureFirewallSubnet* if **Propagate gateway routes** is enabled on this subnet.

+If you configure forced tunneling, Internet-bound traffic is SNATed to one of the firewall private IP addresses in AzureFirewallSubnet, hiding the source from your on-premises firewall.

+## Related content

+- [Azure Firewall Management NIC](management-nic.md)

+ Title: Azure Firewall Management NIC

+description: You can configure a Management NIC to support the Forced Tunneling and Packet Capture features.

+# Azure Firewall Management NIC

+> [!NOTE]

+> This feature was previously called Forced Tunneling. Originally, a Management NIC was required only for Forced Tunneling. However, upcoming Firewall features will also require a Management NIC, so it has been decoupled from Forced Tunneling. All relevant documentation has been updated to reflect this.

+An Azure Firewall Management NIC separates firewall management traffic from customer traffic. Upcoming Firewall features will also require a Management NIC. To support any of these capabilities, you must create an Azure Firewall with the Firewall Management NIC enabled or enable it on an existing Azure Firewall. This is a mandatory requirement to avoid service disruption.

+## What happens when you enable the Management NIC

+If you enable a Management NIC, the firewall routes its management traffic via the AzureFirewallManagementSubnet (minimum subnet size /26) with its associated public IP address. You assign this public IP address for the firewall to manage traffic. It's used exclusively by the Azure platform and can't be used for any other purpose. All traffic required for firewall operational purposes is incorporated into the AzureFirewallManagementSubnet.

+By default, the service associates a system-provided route table to the Management subnet. The only route allowed on this subnet is a default route to the Internet and *Propagate gateway routes* must be disabled. Avoid associating customer route tables to the Management subnet, as this can cause service disruptions if configured incorrectly. If you do associate a route table, then ensure it has a default route to the Internet to avoid service disruptions.

+## Enable the Management NIC on existing firewalls

+For Standard and Premium firewall versions, the Firewall Management NIC must be manually enabled during the create process as shown previously, but all Basic Firewall versions and all Secured Hub firewalls always have a Management NIC enabled.

+For a pre-existing firewall, you must stop the firewall and then restart it with the Firewall Management NIC enabled to support Forced tunneling. Stopping/starting the firewall can be used to enable the Firewall Management NIC without the need to delete an existing firewall and redeploy a new one. You should always start/stop the firewall during maintenance hours to avoid disruptions, including when attempting to enable the Firewall Management NIC.

+Use the following steps:

+1. Create the `AzureFirewallManagementSubnet` on the Azure portal and use the appropriate IP address range for the virtual network.

+ :::image type="content" source="media/management-nic/firewall-management-subnet.png" alt-text="Screenshot showing add a subnet.":::

+1. Create the new management public IP address with the same properties as the existing firewall public IP address: SKU, Tier, and Location.

+ :::image type="content" source="media/management-nic/firewall-management-ip.png" lightbox="media/management-nic/firewall-management-ip.png" alt-text="Screenshot showing the public IP address creation.":::

+

+1. Stop the firewall

+ Use the information in [Azure Firewall FAQ](firewall-faq.yml#how-can-i-stop-and-start-azure-firewall) to stop the firewall:

+

+ ```azurepowershell

+ $azfw = Get-AzFirewall -Name "FW Name" -ResourceGroupName "RG Name"

+ $azfw.Deallocate()

+ Set-AzFirewall -AzureFirewall $azfw

+ ```

+

+

+1. Start the firewall with the management public IP address and subnet.

+ Start a firewall with one public IP address and a Management public IP address:

+

+ ```azurepowershell

+ $azfw = Get-AzFirewall -Name "FW Name" -ResourceGroupName "RG Name"

+ $vnet = Get-AzVirtualNetwork -Name "VNet Name" -ResourceGroupName "RG Name"

+ $pip = Get-AzPublicIpAddress -Name "azfwpublicip" -ResourceGroupName "RG Name"

+ $mgmtPip = Get-AzPublicIpAddress -Name "mgmtpip" -ResourceGroupName "RG Name"

+ $azfw.Allocate($vnet, $pip, $mgmtPip)

+ $azfw | Set-AzFirewall

+ ```

+

+ Start a firewall with two public IP addresses and a Management public IP address:

+

+ ```azurepowershell

+ $azfw = Get-AzFirewall -Name "FW Name" -ResourceGroupName "RG Name"

+ $vnet = Get-AzVirtualNetwork -Name "VNet Name" -ResourceGroupName "RG Name"

+ $pip1 = Get-AzPublicIpAddress -Name "azfwpublicip" -ResourceGroupName "RG Name"

+ $pip2 = Get-AzPublicIpAddress -Name "azfwpublicip2" -ResourceGroupName "RG Name"

+ $mgmtPip = Get-AzPublicIpAddress -Name "mgmtpip" -ResourceGroupName "RG Name"

+ $azfw.Allocate($vnet,@($pip1,$pip2), $mgmtPip)

+ $azfw | Set-AzFirewall

+ ```

+

+ > [!NOTE]

+ > You must reallocate a firewall and public IP to the original resource group and subscription. When stop/start is performed, the private IP address of the firewall may change to a different IP address within the subnet. This can affect the connectivity of previously configured route tables.

+Now when you view the firewall in the Azure portal, you see the assigned Management public IP address:

+> [!NOTE]

+> If you remove all other IP address configurations on your firewall, the management IP address configuration is removed as well, and the firewall is deallocated. The public IP address assigned to the management IP address configuration can't be removed, but you can assign a different public IP address.

+## Related content

+- [Azure Firewall forced tunneling](forced-tunneling.md)

+> [!IMPORTANT]

+> Support for TLS 1.0 and 1.1 will be discontinued on March 1, 2025.

+Azure Front Door currently supports four versions of the TLS protocol: TLS versions 1.0, 1.1, 1.2 and 1.3. All Azure Front Door profiles created after September 2019 use TLS 1.2 as the default minimum with TLS 1.3 enabled, but TLS 1.0 and TLS 1.1 are still supported for backward compatibility. Support for TLS 1.0 and 1.1 will be discontinued on March 1, 2025.

+You can configure the minimum TLS version in Azure Front Door in the custom domain HTTPS settings using the Azure portal or theΓÇ»[Azure REST API](/rest/api/frontdoorservice/frontdoor/frontdoors/createorupdate#minimumtlsversion). Currently, you can choose between 1.0 and 1.2. As such, specifying TLS 1.2 as the minimum version controls the minimum acceptable TLS version Azure Front Door will accept from a client. For minimum TLS version 1.2 the negotiation will attempt to establish TLS 1.3 and then TLS 1.2, while for minimum TLS version 1.0 all four versions will be attempted. When Azure Front Door initiates TLS traffic to the origin, it will attempt to negotiate the best TLS version that the origin can reliably and consistently accept. Supported TLS versions for origin connections are TLS 1.0, TLS 1.1, TLS 1.2 and TLS 1.3. Support for TLS 1.0 and 1.1 will be discontinued on March 1, 2025.

+> [!CAUTION]

+> Currently in public preview, adjusting the instance count may result in message loss or duplication. At this time, it's recommended to not adjust the instance count for a profile with active dataflows.

+ instanceCount: 1

+ instanceCount: 1

+### Create an Azure Event Hubs namespace and event hub

+ | Authentication method| The method used for authentication. Choose *SASL*. |

+ | Synced secret name | The name of the secret. Required if using *SASL*. |

+You can set a client ID prefix for the MQTT client. The client ID is generated by appending the dataflow instance name to the prefix.

+> [!CAUTION]

+> Most applications should not modify the client ID prefix. Don't modify this after an initial IoT Operations deployment. Changing the client ID prefix after deployment might result in data loss.

+The topic is defined in the following example. The `clientId` is an upper-case hex encoded representation of the MQTT ClientId of the client that initiated the `KEYNOTIFY` request and `keyName` is a hex encoded representation of the key that changed. The state store follows the Base 16 encoding rules of [RFC 4648 - The Base16, Base32, and Base64 Data Encodings](https://datatracker.ietf.org/doc/html/rfc4648#section-8) for this encoding.

+- Currently in public preview, adjusting the instance count (instanceCount) in a dataflow profile may result in messages being discarded or duplicated on the destination. At this time, it's recommended to not adjust the instance count for a profile with active dataflows.

+| `testType` | string | Y | | Test type. Possible values:<br/><ul><li>`URL`: URL-based load test</li><li>`JMX`: JMeter-based load test</li><li>`Locust`: Locust-based load test</li></ul> |

+| `testPlan` | string | Y | | Reference to the test plan file.<br/><ul><li>If `testType: JMX`: relative path to the JMeter test script.</li><li>If `testType: Locust`: relative path to the Locust test script.</li><li>If `testType: URL`: relative path to the [requests JSON file](./how-to-add-requests-to-url-based-test.md).</li></ul> |

+| `configurationFiles` | array of string | N | | List of external files, required by the test script. For example, CSV data files, images, or any other data file.<br/>Azure Load Testing uploads all files in the same folder as the test script. In the JMeter script or the Locust script, only refer to external files using the file name, and remove any file path information. |

+| `properties` | object | N | | <ul><li>If `testType: JMX`: JMeter user property file references.</li><li>If `testType: Locust`: Locust configuration file references.</li></ul> See [properties](#properties-configuration) for more details. |

+| `zipArtifacts` | array of string| N | | Specifies the list of zip artifact files. For files other than JMeter scripts and user properties for JMeter-based tests and Locust script and configuration files for Locust-based tests, if the file size exceeds 50 MB, compress them into a ZIP file. Ensure that the ZIP file remains below 50 MB in size. Only 5 ZIP artifacts are allowed with a maximum of 1000 files in each and uncompressed size of 1 GB. Only applies for `testType: JMX` and `testType: Locust`. |

+| `secrets` | object | N | | List of secrets that the Apache JMeter or Locust script references. See [secrets](#secrets-configuration) for more details. |

+| `env` | object | N | | List of environment variables that the Apache JMeter script or Locust references. See [environment variables](#env-configuration) for more details. |

+| `certificates` | object | N | | List of client certificates for authenticating with application endpoints in the JMeter or Locust script. See [certificates](#certificates-configuration) for more details.|

+| `userPropertyFile` | string | | File to use as an Apache JMeter [user properties file](https://jmeter.apache.org/usermanual/test_plan.html#properties) or a Locust [configuration file](https://docs.locust.io/en/stable/configuration.html#configuration-file). For Locust, files with extensions .conf, .ini and .toml are supported as a configuration file. The file is uploaded to the Azure Load Testing resource alongside the test script and other configuration files. If the file is in a subfolder on your local machine, use a path relative to the location of the test script. |

+The following code snippet shows a load test configuration, which specifies a Locust configuration file.

+```yaml

+version: v0.1

+testId: SampleTest

+displayName: Sample Test

+description: Load test website home page

+testPlan: SampleTest.py

+testType: Locust

+engineInstances: 1

+properties:

+ userPropertyFile: 'locust.conf'

+```

+Each Azure Managed Grafana instance can only be assigned one managed identity, user-assigned or system-assigned, but not both.

+> [!NOTE]

+> Because Azure Workload Identity is not yet supported by Azure OpenShift, this article still uses username and password for database authentication instead of using passwordless database connections.

+|KubevirtVmiMemoryAvailableBytes|VMOrchestrator|Kubevirt VMI Memory Available Bytes|Bytes|Amount of usable memory as seen by the domain. This value may not be accurate if a balloon driver is in use or if the guest OS doesn't initialize all assigned pages. In the absence of data, this metric will default to 0|Name, Node|

+|KubevirtVmiOutdatedInstances|VMOrchestrator|Kubevirt VMI Outdated Count|Count|Indication for the total number of VirtualMachineInstance (VMI) workloads that aren't running within the most up-to-date version of the virt-launcher environment. In the absence of data, this metric will default to 0||

+|NexusClusterHeartbeatConnectionStatus|Nexus Cluster|Cluster Heartbeat Connection Status|Count|Indicates whether the Cluster is having issues communicating with the Cluster Manager. The value of the metric is 0 when the connection is healthy and 1 when it's unhealthy. In the absence of data, this metric will retain the most recent value emitted|Reason|

+|PurefaHardwareChassisHealth|Storage Array|Nexus Storage HW Chassis Health (Deprecated)|Count|Deprecated - Denotes whether a hardware chassis of the pure storage array is healthy or not. A value of 0 means the chassis is healthy, a value of 1 means it's unhealthy. In the absence of data, this metric will default to 0||

+|PurefaHardwareControllerHealth|Storage Array|Nexus Storage HW Controller Health (Deprecated)|Count|Deprecated - Denotes whether a hardware controller of the pure storage array is healthy or not. A value of 0 means the controller is healthy, a value of 1 means it's unhealthy. In the absence of data, this metric will default to 0|Controller|

+### Operator Resources

+As the first step towards cleaning up a deployed environment, start by deleting operator resources in the following order:

+Only once these operator resources are succesfully deleted, should a user proceed to delete other environment resources, such as the NAKS cluster.

+> [!IMPORTANT]

+> Deleting resources out of order can result in orphaned resources left behind.

+### Publisher Resources

+As the first step towards cleaning up an onboarded environment, start by deleting publisher resources in the following order:

+> [!IMPORTANT]

+> Make sure SNS is deleted before you delete the NFDV.

+> Deleting resources out of order can result in orphaned resources left behind.

+Improve resiliency for cloud native network functions with Azure Operator Service Manager (AOSM) cluster registry (CR)

+## Document history

+* Updated for GC: November 5, 2024

+## Feature dependencies

+This feature requires the following minimum environment:

+* First version, with GC for NF kubernetes extension: 2.0.2860-160

+## Cluster registry overview

+AOSM cluster extension runs a background garbage collection (GC) job to regularly clean up container images. This job will run based on a schedule, check if the cluster registry usage has reached the specified threshold, and if so, initiate the garbage collection process. The job schedule and threshold is configured by the end-user, but by default the job runs once per day at a 0% utilization threshold.

+The following parameters configure the schedule and threshold for the garbage collection job.

+* For more configuration details, please refer to the latest [Network function extension installation instructions](manage-network-function-operator.md)

+#### Can I use AOSM cluster registry with a CNF application previously deployed?

+If there's a CNF application already deployed without cluster registry, the container images are not available automatically. The cluster registry must be enabled before deploying the network function with AOSM.

+#### Can I change the storage size after a deployment?

+Storage size can't be modified after the initial deployment. We recommend configuring the volume size by 3x to 4x of the starting size.

+#### Can I list the files presently stored in the cluster repository?

+The following command can be used to list files in a human readable format:

+```bash

+ kubectl get artifacts -A -o jsonpath='{range .items[*]}{.spec.sourceArtifact}'

+```

+This command should produce output similar to the following:

+```bash

+ ppleltestpublisheras2f88b55037.azurecr.io/nginx:1.0.0

+```

+* NFO - Use of Cert-manager for service certificate management and rotation. This change can result in failed SNS deployments if not properly reconciled.

+## Compliance

+Oracle Database@Azure is an Oracle Cloud database service that runs Oracle Database workloads in a customer's Azure environment. Oracle Database@Azure offers various Oracle Database Services through customerΓÇÖs Microsoft Azure environment. This service allows customers to monitor database metrics, audit logs, events, logging data, and telemetry natively in Azure. It runs on infrastructure managed by Oracle's Cloud Infrastructure operations team who performs software patching, infrastructure updates, and other operations through a connection to Oracle Cloud.

+All infrastructure for Oracle Database@Azure is co-located in Azure's physical data centers and uses Azure Virtual Network for networking, managed within the Azure environment. Federated identity and access management for Oracle Database@Azure is provided by Microsoft Entra ID.

+For detailed information on the compliance certifications please visit [Microsoft Services Trust Portal](https://servicetrust.microsoft.com/) and [Oracle compliance website](https://docs.oracle.com/en-us/iaas/Content/multicloud/compliance.htm). If you have further questions about OracleDB@Azure compliance please reach out to your account team and/or get information through [Oracle and Microsoft support for Oracle Database@Azure](https://docs.oracle.com/en-us/iaas/Content/multicloud/oaahelp.htm).

+## Available regions

+Oracle Database@Azure is available in the following locations. Oracle Database@Azure infrastructure resources must be provisioned in the Azure regions listed.

+|Azure region|Oracle Exadata Database@Azure|Oracle Autonomous Database@Azure|

+|-|:-:|:--:|

+|East US |&check; | &check;|

+|Germany West Central | &check;|&check; |

+|France Central |&check; | |

+|UK South |&check; |&check; |

+|Canada Central |&check; |&check; |

+|Australia East |&check; |&check; |

+## Oracle Support scope and contact information

+Oracle Support is your first line of support for all Oracle Database@Azure issues. Oracle Support can help you with the following types of Oracle Database@Azure issues:

+- Database connection issues (Oracle TNS)

+- Oracle Database performance issues

+- Oracle Database error resolution

+- Networking issues related to communications with the OCI tenancy associated with the service

+- Quota (limits) increases to receive more capacity

+- Scaling to add more compute and storage capacity to Oracle Database@Azure

+- New generation hardware upgrades

+- Billing issues related to Oracle Database@Azure

+If you contact Oracle Support, be sure to tell your Oracle Support agent that your issue is related to Oracle Database@Azure. Support requests for this service are handled by a support team that specializes in these deployments. A member of this specialized team contacts you directly.

+1. Call **1-800-223-1711.** If you're outside of the United States, visit [Oracle Support Contacts Global Directory](https://www.oracle.com/support/contact.html) to find contact information for your country or region.

+2. Choose option "2" to open a new Service Request (SR).

+3. Choose option "4" for "unsure".

+4. Enter "#" each time you're asked for your CSI number. At the third attempt, your call is directed to an Oracle Support agent.

+5. Let the agent know that you have an issue with your multicloud system, and the name of the product (for example, or). An internal Service Request is opened on your behalf and a support engineer contacts you directly.

+You can also submit a question to the Oracle Database@Azure forum in Oracle's [Cloud Customer Connect](https://community.oracle.com/customerconnect/categories/oracle-cloud-infrastructure-and-platform) community. This option is available to all customers.

+## Azure Support scope and contact information

+Azure provides support for the following, collaborating with OCI as needed:

+- Virtual networking issues including those involving network address translation (NAT), firewalls, DNS and traffic management, and delegated Azure subnets.

+- Bastion and virtual machine (VM) issues including database host connection, software installation, latency, and host performance.

+- VM metrics, database logs, database events.

+See [Contact Microsoft Azure Support](https://support.microsoft.com/topic/contact-microsoft-azure-support-2315e669-8b1f-493b-5fb1-d88a8736ffe4) in the Azure documentation for information on Azure support. For SLA information about the service offering, please refer to the [Oracle PaaS and IaaS Public Cloud Services Pillar Document](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.oracle.com%2Fcontracts%2Fdocs%2Fpaas_iaas_pub_cld_srvs_pillar_4021422.pdf%3Fdownload%3Dfalse&data=05%7C02%7Cjacobjaygbay%40microsoft.com%7Cc226ce0d176442b3302608dc3ed3a6d0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638454325970975560%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=VZvhVUJzmUCzI25kKlf9hKmsf5GlrMPsQujqjGNsJbk%3D&reserved=0)

+## Brazil

+To disable zone-redundancy for a single database or an elastic pool, you can use the portal, ARM API, PowerShell, or CLI.

+### Disable zone-redundancy for a single database

+# [Portal](#tab/portal)

+1. Go to the [Azure portal](https://portal.azure.com) to find and select the database that you no longer want to be zone-redundant.

+1. Select **No** for **Would you like to make this database zone redundant?**

+# [PowerShell](#tab/powershell)

+set-azsqlDatabase -ResourceGroupName "<Resource-Group-Name>" -DatabaseName "<Database-Name>" -ServerName "<Server-Name>" -ZoneRedundant:$false

+# [CLI](#tab/cli)

+az sql db update --resource-group "RSETLEM-AzureSQLDB" --server "rs-az-testserver1" --name "TestDB1" --zone-redundant false

+# [ARM](#tab/arm)

+See [Databases - Create Or Update in ARM](/rest/api/sql/2022-05-01-preview/databases/create-or-update?tabs=HTTP) and use the `properties.zoneRedundant` property.

+### Disable zone-redundancy for an elastic pool

+# [Portal](#tab/portal)

+1. Go to the [Azure portal](https://portal.azure.com) to find and select the elastic pool that you no longer want to be zone-redundant.

+1. Select **No** for **Would you like to make this elastic pool zone redundant?**.

+# [PowerShell](#tab/powershell)

+Set-AzSqlElasticpool -ResourceGroupName "<Resource-Group-Name>" -ServerName "<Server-Name>" -ElasticPoolName "<Elastic-Pool-Name>" -ZoneRedundant:$false

+# [CLI](#tab/cli)

+az sql elastic-pool update --resource-group "RSETLEM-AzureSQLDB" --server "rs-az-testserver1" --name "testep10" --zone-redundant false

+# [ARM](#tab/arm)

+See [Databases - Create Or Update in ARM](/rest/api/sql/elastic-pools/create-or-update?tabs=HTTP) and use the `properties.zoneRedundant` property.

+To disable zone-redundancy for Hyperscale service tier, you can reverse the steps documented in [Redeployment (Hyperscale)](#redeployment-hyperscale).

+- November 5, 2024: Add missing step to start HANA [High availability of SAP HANA on Azure VMs on RHEL](./sap-hana-high-availability-rhel.md).

+1. **[2]** Start HANA.

+ Run the following command as <hanasid\>adm to start HANA:

+ ```bash

+ sapcontrol -nr 03 -function StartSystem

+ ```

+Many security solutions provide a set of APIs for retrieving log files and other security data from their product or service. Those APIs connect to Microsoft Sentinel with one of the following methods:

+- The data source APIs are configured with the [Codeless Connector Platform](create-codeless-connector.md).

+- The data connector uses the Log Ingestion API for Azure Monitor as part of an Azure Function or Logic App.

+For more information about connecting with Azure Functions, see the following articles:

+- [Azure Functions pricing](https://azure.microsoft.com/pricing/details/functions/)

+For more information about connecting with Logic Apps, see [Connect with Logic Apps](create-custom-connector.md#connect-with-logic-apps).

+|**[Log Ingestion API in Azure Monitor](#connect-with-the-log-ingestion-api)** <br>Best for ISVs implementing integration, and for unique collection requirements | Supports all capabilities available with the code. | Depends on the implementation | High |

+> - [Ingest Fastly Web Application Firewall logs into Microsoft Sentinel](https://techcommunity.microsoft.com/blog/microsoftsentinelblog/ingest-fastly-web-application-firewall-logs-into-azure-sentinel/1238804)

+The Codeless Connector Platform (CCP) provides a configuration file that can be used by both customers and partners, and then deployed to your own workspace, or as a solution to Microsoft Sentinel's content hub.

+- [Hunting for Capital One Breach TTPs in AWS logs using Microsoft Sentinel](https://techcommunity.microsoft.com/blog/microsoftsentinelblog/hunting-for-capital-one-breach-ttps-in-aws-logs-using-azure-sentinelpart-i/1014258) (blog)

+> Logstash also enables scaled data collection using a cluster. For more information, see [Using a load-balanced Logstash VM at scale](https://techcommunity.microsoft.com/blog/microsoftsentinelblog/scaling-up-syslog-cef-collection/1185854).

+- [Secure your Microsoft Teams calls with scheduled activation](https://techcommunity.microsoft.com/blog/microsoftsentinelblog/secure-your-calls--monitoring-microsoft-teams-callrecords-activity-logs-using-az/1574600) (blog)

+- [Ingesting AlienVault OTX threat indicators into Microsoft Sentinel](https://techcommunity.microsoft.com/blog/microsoftsentinelblog/ingesting-alien-vault-otx-threat-indicators-into-azure-sentinel/1086566) (blog)

+## Connect with the Log Ingestion API

+For more information, see the following articles:

+- [Log Ingestion API in Azure Monitor](/azure/azure-monitor/logs/logs-ingestion-api-overview).

+- [Sample code to send data to Azure Monitor using Logs ingestion API](/azure/azure-monitor/logs/tutorial-logs-ingestion-code).

+- [Monitoring Zoom with Microsoft Sentinel](https://techcommunity.microsoft.com/blog/microsoftsentinelblog/monitoring-zoom-with-azure-sentinel/1341516) (blog)

+- [Hunt for threats](hunting.md)

+>

+> [!IMPORTANT]

+> Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.

+> [!IMPORTANT]

+> Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.

+> [!NOTE]

+> The field names listed in each section below are valid when resource logs are sent to Azure storage or to an event hub. When the logs are sent to a Log Analytics workspace, the field names might be different.

+ "resourceId": "/subscriptions/00001111-aaaa-2222-bbbb-3333cccc4444/resourceGroups/mytestrp/providers/Microsoft.Storage/storageAccounts/testaccount1/blobServices/default",

+ "correlationId": "aaaa0000-bb11-2222-33cc-444444dddddd",

+ "denyAssignmentId": "aaaa0000-bb11-2222-33cc-444444dddddd",

+ "id": "aaaaaaaa-bbbb-cccc-1111-222222222222",

+ "roleAssignmentId": "00aa00aa-bb11-cc22-dd33-44ee44ee44ee",

+ "roleDefinitionId": "11bb11bb-cc22-dd33-ee44-55ff55ff55ff",

+ "appId": "00001111-aaaa-2222-bbbb-3333cccc4444",

+ "objectId": "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb",

+ "tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee",

+ "tokenIssuer": "https://sts.windows.net/2c2c2c2c-3333-dddd-4444-5e5e5e5e5e5e",

+ "uniqueName": "someone@example.com"

+ "delegatedResource": {

+ "tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee",

+ "resourceId": "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1",

+ "objectId": "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1"

+ },

+ "accountName": "contoso",

+ "requestUrl": "https://contoso.blob.core.windows.net:443/upload?restype=container&comp=list&prefix=&delimiter=/&marker=&maxresults=30&include=metadata&_=1551405598426",

+ "referrerHeader": "blob:https://portal.azure.com/00001111-aaaa-2222-bbbb-3333cccc4444",

+ "smbCommandMinor" : "DirectoryCloseAndDelete",

+ "downloadRange" : "bytes=4-4194307",

+ "accessTier": "None",

+ "sourceAccessTier": "Hot",

+ "rehydratePriority":"High"

+- Secure your storage account by using a private link. You can manually configure the storage firewall to block connections on the public endpoint of the storage service. Creating a private link does not automatically block connections on the public endpoint.

+> [!NOTE]

+> ```mssparkutils.fs.append()``` and ```mssparkutils.fs.put()``` do not support concurrent writing to the same file due to lack of atomicity guarantees.

+* To optimize performance and scalability, the number of concurrent user connections accessing FSLogix profile containers stored on a single Azure NetApp Files regular volume should be limited to 3,000.

+ A user connection is defined as either:

+

+ - a connection to an [FSLogix profile container](/fslogix/concepts-container-types#profile-container)

+ - a connection to an [FSLogix ODFC container](/fslogix/concepts-container-types#odfc-container)

+ If you're utilizing both FSLogix profiles and FSLogix ODFC containers, note that a single regular volume should contain no more than 3,000 FSLogix profiles _or_ FSLogix ODFC containers (combined). Having more than 3,000 concurrent user connections on a single volume causes significant increased latency on the volume. If your scenario requires more than 3,000 concurrent user connections, divide users across multiple regular volumes or use a large volume.

+ A single large volume can accommodate up to 50,000 concurrent user connections for FSLogix containers. For more information on large volumes, see [Requirements and considerations for large volumes](../azure-netapp-files/large-volumes-requirements-considerations.md).

+ If you're utilizing both FSLogix profiles and FSLogix ODFC containers, note that a single large volume should contain no more than 50,000 FSLogix profiles _or_ FSLogix ODFC containers (combined).

+## Limitations and limits for peering and connected groups

+* A virtual network can be peered up to 1000 virtual networks using Azure Virtual Network Manager's hub and spoke topology. This means that you can peer up to 1000 spoke virtual networks to a hub virtual network.

+* By default, a [connected group](concept-connectivity-configuration.md) can have up to 250 virtual networks. This is a soft limit and can be increased up to 1000 virtual networks by submitting a request using [this form](https://forms.office.com/pages/responsepage.aspx?id=v4j5cvGGr0GRqy180BHbRzeHatNxLHpJshECDnD5QidURTM2OERMQlYxWkE1UTNBMlRNUkJUNkhDTy4u&route=shorturl).

+* By default, a virtual network can be part of up to two connected groups. For example, a virtual network:

+ * Can be part of two mesh configurations.

+ * Can be part of a mesh topology and a network group that has direct connectivity enabled in a hub-and-spoke topology.

+ * Can be part of two network groups with direct connectivity enabled in the same or a different hub-and-spoke configuration.

+* The following BareMetal Infrastructures are not supported:

+* The maximum number of private endpoints per connected group is 1000.

+To customize your traffic routes, you shouldn't modify the default routes but you should create custom, or user-defined(static) routes which override Azure's default system routes. In Azure, you create a route table, then associate the route table to zero or more virtual network subnets. Each subnet can have zero or one route table associated to it. To learn about the maximum number of routes you can add to a route table and the maximum number of user-defined route tables you can create per Azure subscription, see [Azure limits](../azure-resource-manager/management/azure-subscription-service-limits.md?toc=%2fazure%2fvirtual-network%2ftoc.json#networking-limits).

+By default, a route table can contain up to 1000 user-defined routes (UDRs). With Azure Virtual Network ManagerΓÇÖs [routing configuration](../virtual-network-manager/concept-user-defined-route.md), this can be expanded to 1000 UDRs per route table. This increased limit supports more advanced routing setups, such as directing traffic from on-premises data centers through a firewall to each spoke virtual network in a hub-and-spoke topology when you have a higher number of spoke virtual networks.

+When you create a route table and associate it to a subnet, the table's routes are combined with the subnet's default routes. If there are conflicting route assignments, user-defined routes override the default routes.

+|4| ExpressRoute ECMP Support | Today, ExpressRoute ECMP is not enabled by default for virtual hub deployments. When multiple ExpressRoute circuits are connected to a Virtual WAN hub, ECMP enables traffic from spoke virtual networks to on-premises over ExpressRoute to be distributed across all ExpressRoute circuits advertising the same on-premises routes. | | To enable ECMP for your Virtual WAN hub, please reach out to virtual-wan-ecmp@microsoft.com after January 1, 2025. |