共用方式為


Deploying a Suspicious Activity Bot in Azure Commercial or Azure Government

Having spent many years in the Public Sector space, I have made a lot of friends on both the contractor and government employee sides of the aisle. So we are always having conversations about how Azure is making the world better both commercially as well as in the Public Sector space. Because of that, my mind is always thinking about how Azure can be leveraged by the Public Sector community and I believe that I have come up with a pretty cool solution that can be used in both the Commercial Azure Regions, but can also be deployed in Azure Government. 

 

Let me start by giving you a description of the application that I built, what technologies I used, and talk about how simple it really was. Then I will talk about how it can deployed in both the Azure Commercial and Government regions. I say it this way, because it cannot be deployed in the same way in both regions. That is because not all of the same services are available quite yet in both the Commercial and Government regions. I will make sure to call them out as I go through the project.

Suspicious Activity Bot

One thing that most of us see as we drive around where we live are big signs on major highways that provide a phone number that you can call if you should see any suspicious activity. This allows you to provide information to some legal authority or law enforcement agency making them aware that you believe that something might be happening that shouldn't be. 

 

What if we took that same idea and instead of requiring a person to person conversation, we could allow you to use the most popular type of communication method on the planet today: messaging. With a Bot application, you can do exactly that, you can build an application that will allow someone to send the same information via a conversation with a bot over SMS, Skype, Facebook Messenger etc.

 

Using the following information from the Department of Homeland Security, I put together a Bot application that can do exactly what I described: https://www.dhs.gov/how-do-i/report-suspicious-activity.

 

This project uses all of the following technologies to ask the person a series of questions and then save off the answers so that a member of law enforcement can act on the information:

 

  • Node JS (Express and Mongoose libraries)
  • Azure Bot Framework SDK
  • Azure App Services (Web or API Apps)
  • Azure Functions (Commercial Only)
  • CosmosDB (Commerical Only)
  • MongoDB VM

 

You will notice that I created these projects in completely Open Source technologies because we are not always very good about providing good solid examples in both .NET as well as OSS languages or technologies. 

 

There are two code projects that make up this Bot Application. The first is a fairly simple API built on the Express library for NodeJS that will handle all of the standard verbs, GET, POST, PUT, and DELETE for a given Suspicious Activity entry. I did this so that anyone could drop a simple No Code platform on top to retrieve, update, or delete records. All data storage is done against either a MongoDB database or uses the MongoDB Driver within CosmosDB by leveraging the Mongoose ORM library for NoSQL databases and specifically Mongo based databases. 

 

The second application is the actual Bot application that connects to a given channel and waits for a user to interact with it. The user then is walked through a series of questions with all answers being stored in a local session variable before ultimately sending a POST request to the API application mentioned above. The project that you will find in my Github repository uses the default Console channel which is primarily used for testing, but can also be used inside of other applications. I did this because I do not have relevant subscriptions for Facebook Messenger or available channels.

 

Both of these applications are available for anyone to use and extend from within my Github repository and they were designed and developed for deployment in Azure App Services:

 

 

I am not going to walk through all of the code, because there are plenty of examples on how to create a REST API using Node JS, Express, and Mongoose. I provided one that I found helpful below. In addition, we do have some really good Bot Framework documentation that is specific to NodeJS, so I don't think that it is necessary to walk through the Bot Application code considering its simplicity. 

Application Deployment

As I mentioned above, these applications can be deployed using services that are available in both the Commerical verison of Azure as well as Azure Government. Because both applications are completely self-contained, they can each be deployed within Azure App Services. Where things start to differ is the Data layer. As you can tell, I am really trying to provide an application that does not require IaaS based services within Azure. However, our Azure Government region does not currently have the CosmosDB service. Thankfully though, I used the MongoDB driver within the API application. This means that you can pass in any MongoDB Connection string into the App Service connection string settings whether it is an IaaS based VM, CosmosDB service or even the MonngoDB as a service feature that is directly available from MongoDB.

So with this as an overview, I am hoping that it is quite obvious how this project can deployed in your own Azure subscription. Specific instructions can be found within each Github repositories ReadMe files.

  • Hotline API: Azure App Service, either Web or API, both will work. I would recommend API however if you want to use API Management to provide policies on top of the APIs or make the API available as a product.
  • Suspicious Activity Bot Application: Azure App Service Web App. In Azure Commercial, you can also use the fairly new Bot Service
  • Data Document Storage:  For Azure Government you will have to have a MongoDB VM available which can be retrieved from within the Azure Marketplace. If you are able to use Azure Commercial regions, then you can very quickly create a CosmosDB instance making sure that the database is using the MongoDB driver.

One more thing that I want to mention with respect to deployment is that these code projects can be even easier in the Azure Commerical regions. I was able to convert the Hotline API into a completely Serverless set of APIs using the HTTP trigger in Azure Functions. Not only can you create a fully functional NodeJS based REST API using Azure Functions, but we have direct integration with CosmosDB in Azure Functions thereby removing the need for the Mongoose ORM library and making each API function about 10 lines of code. Using this in combination with the Bot Service that is also available in the Azure Commercial regions, you could make this entire application Serverless. That is just freakin AWESOME.

Unfortunately, neither Azure Functions nor the Bot Service is available in Azure Government. I do realize however that not all Law Enforcement agencies or Legal Authorities are limited to using Azure Government. Please feel free to reach out to me directly if you would like to talk about the Serverless version of this. I will hopefully be making a separate set of repositories available for this in the future.

Finally

Hopefully you will find these projects interesting and see how easy it can be to both develop and deploy an Azure Bot Application in both the Azure commercial and Azure Government regions. All of the code for both projects are available for downloading or forking. Should you run into any Bugs or would like to see some enhancements, you are welcome to make a Pull request and update the code yourselves or file an Issue on the specific project. As always, feel free to post any comments that you might have with the blog as well.

Please be aware that is a lot of additional detail about each individual project within the README file for each Github repositories

Additional Resources

There are additional links available within the README files for each project within the Github repository, but this should be a good starting point: