Synchronize DB Resources in MS Azure

Overview

QueryPie supports integration with Microsoft Azure for database registration and management. By synchronizing resources from Azure, you can register them as managed databases in QueryPie, assign access permissions to users and groups, and configure policies for these synchronized databases.

Registering Azure Integration in QueryPie

1. Navigate to the Administrator > Databases > Connection Management > Cloud Providers menu.

2. Click the Create Provider button in the upper right corner.

3. Name: Enter a name to distinguish the provider.

4. Cloud Provider: Select Microsoft Azure.

5. Tenant ID: Enter the Tenant ID for the resources to be synchronized.

6. Subscription ID: Enter the Subscription ID.

7. Credential: Enter the necessary credential information. Currently, only the Client Secret method is supported.

   • The Client Secret method allows for manual synchronization only. Click the Synchronize button on the details page, enter the Client Secret ID and Client Secret Value, and perform a one-time synchronization.

8. Database Type Filter: Select the resources to be synchronized.

   • Currently, only Azure SQL Database can be synchronized.

9. Database Type Filter: Select the resources to be synchronized.

10. Replication Frequency: Choose the synchronization method:

    • Manual: Synchronize only when triggered manually.

    • Scheduling: Synchronize on a regular schedule using Cron Expressions.

11. Click Save to register the Cloud Provider.

Synchronizing and Managing Azure Cloud Providers

1. Navigate to the Administrator > Databases > Connection Management > Cloud Providers menu.

2. Click on the registered Cloud Provider to open the details screen.

3. Click the Sychronize button in the upper right corner to sync resources from Azure.

4. You can monitor synchronization progress in the Synchronization Log or view the history under Administrator > General > Systems > Jobs.

5. Once a Cloud Provider is registered, certain provider details cannot be modified:

   1. Name: Changeable

   2. Cloud Provider: Not changeable

   3. Tenant ID: Not changeable

   4. Subscription ID: Not changeable

   5. Credential: Not changeable

   6. Database Type Filter: Not changeable

   7. Replication Frequency: Not changeable

Synchronizing via Service Account

1. After registering the Cloud Provider for Azure, click the Synchronize button in the details page.

2. Enter the Client Secret ID and Client Secret Value in the respective fields.

   • Client Secret ID: Enter the ID value of the Microsoft Azure application.

   • Client Secret Value: Enter the value of the client secret.

3. Click Ok to perform a one-time synchronization. The synchronized resources will be available in the DB Connections menu.

Registering an Application in Microsoft Azure and Obtaining Client Secret Information

• In the Azure console, navigate to the Microsoft Entra ID menu.

• In the left menu, go to App registrations and register a new application.

  • Use the application's ID as the Client Secret ID.

• In the application’s details page, navigate to Certificates & secrets.

• Click the New client secret button to generate a new client secret.

• Go to the IAM menu under Subscription.

• Use Add role assignment to assign the Reader role to the application you registered.