ODS Public Access

<< Click to Display Table of Contents >>

Navigation:  Low-code Process Automation > Automation - Test and Production environments > ODS Operational Data Store > ODS through Public Access >

ODS Public Access

Overview

As an alternative for VPN, the service relies on Microsoft's Security (MS Security) where you enter the SQL name, a user and a password.

With this approach the ODS is accessed through a public endpoint, which is protected by the white list and Microsoft's security, using SQL credentials.
Refer to Azure SQL security to learn more about how Azure protects your ODS.

 

To further protect your information, you must provide a list of IPs ranges/addresses, as whitelist, from which you wish to connect (different than Automation Services's whitelist).

 

 

 

 

ODS_Public_Accesss_Infra_Diagram_01

 

 

Prerequisites for connecting to ODS

1.To connect to ODS you need an on-prem application which supports connectivity to SQL Azure databases.

We recommend using SQL Server Management Studio, with a version 18 or above (ideally latest SQL Server Management Studio).

 

2.Ensure your IT team can enable access to this SQL Server endpoint.

 

3.Allow outbound connectivity for port number 1433 using TLS 1.2 encryption.

 

4.Enable Fully Qualified Domain Names (FQDN) in your firewall policy configuration to: [databasename].database.windows.net

 

5.The service requires the definition of a whitelist, containing all IPs for authorized access.

The whitelist may be different for accessing ODS in Development, Testing and Production. At any moment, you may inform Bizagi if you wish to modify entries of the IP whitelist, via a support ticket.

This ODS whitelist is different than the whitelist defined to access Automation Services.

 

 

Connecting to your ODS

Make sure you safekeep the credentials, given that these grant access to a replica of your Production environment holding your business data and Bizagi data.

 

1.You will receive SQL credentials containing: Server name (i.e. [databasename].database.windows.net), DB name, Login, Password.

 

2.Open SQL Server Management Studio. When attempting to connect to your database server, ensure you:

a.Input Server name as provided

b.Select SQL Server Authentication

c.Specify Login and Password as provided

 

3.Click Options and in the Connection Properties tab, ensure you:

a.Input the DB name provided, in the Connect to database: field.

b.Tick the Encrypt connection checkbox.

c.Tick Trust Server certificate checkbox.

 

BI_information3

 

4.Click Connect when done.

 

5.You will be able to connect in read-only mode, and run queries using SQL Management Studio.

This service does not include query design. It is recommended to request the support of the Bizagi Professional Services team to define queries and implement best practices according to your business case.

 

Considerations

If you require to grant access within your corporate network to ODS endpoints, refer to the following article, for a list of Azure IPs

https://docs.microsoft.com/en-us/azure/azure-sql/database/connectivity-architecture?view=azuresql#gateway-ip-addresses


Last Updated 12/5/2024 11:46:18 AM