Cloud Comparisons by Resource

 AWS                                                                Azure                                            Google

(1) ADF Trigger invokes API through ADF Web Activity based on schedule

(2) App Service invoke IM Datalink Service and process the data using transformation logic

(3) App Service Generate File (FIX) format and send to COMET SFTP Server

(4) Pager Duty integrated with APIM(Amber) so all notifications can be centralized for connectiviy failures

(5) Developer invoke the API to perform end to end testing on developer machine

(6) AZDO is being used for both Application code and infra code deployments in CI/CD fashion

Azure: Setup OAuth2.0 between ADF and APIM for secured and authenticated traffic

•  Create Service Principal - to be presented to APIM for Auth token
• Create App Registration
• Under Token configuration, add optional claim to ensure only app call end point not the user/human
• No explicit permission needed
• Add the Application URI
• No explicit scopes needed
• No RBACs as resources level as this is for API not users
• 
  
• SPN Name: dept-proj-env-oauth
• SPN API Permissions: none
• SPN RBAC permissions: none
• SPN RBAC permission scope: none
• 
  
• Create Policy for APIM to validate request
• Write the policy, 
• Route the backend if request successful
• ADF pipeline to use api://imdev-dev part of the REST request ( which is also application URI for SPN)