def create_arm_client_factory(config):
if arm_client_factory:
return arm_client_factory(config)
else:
return change_ssl_cert_verification(SubscriptionClient(
config, base_url=CLOUD.endpoints.resource_manager))
# Load the Auth File.
with open(file='config/credentials/azure_sigma_auth_sp.jsonc',
mode='r') as auth_file:
auth_dict = json.load(fp=auth_file)
# Retrieve the IDs and secret to use with ServicePrincipalCredentials
tenant_id = auth_dict['tenantId']
client_id = auth_dict['clientId']
client_secret = auth_dict['clientSecret']
# Grab our credentials.
credential = DefaultAzureCredential()
# Pass through the credential.
subscription_client = SubscriptionClient(credentials=credential)
# Grab the Subscriptions Tenants.
for tenant_page in subscription_client.tenants.list():
# Redfine this for Type Hinting.
tenant: TenantIdDescription = tenant_page
print(tenant.id)
print(tenant.tenant_id)
print(tenant.domains)
print(tenant.country)
# If you want a "dictionary", you need to explicitly say that.
pprint(tenant.as_dict())
def subscription_client(self):
return SubscriptionClient(self.credentials)
# ------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License (MIT). See License.txt in the repo root for
# license information.
# ------------------------------------------------------------
from msrestazure.azure_active_directory import MSIAuthentication
from azure.mgmt.resource import SubscriptionClient
import azure.mgmt.cosmosdb as cosmosdbmgmt
__credentials__ = MSIAuthentication()
__subscription_client__ = SubscriptionClient(__credentials__)
__subscription__ = next(__subscription_client__.subscriptions.list())
__subscription_id__ = __subscription__.subscription_id
def get_client_using_msi_profile():
"""Return a SDK client initialized with MSI credentials using default subscription
"""
return cosmosdbmgmt.CosmosDB(__credentials__, __subscription_id__)
def sql_vm_discovery(credentials, confluence):
#Create output variables
output_name = ""
output_application = ""
output_environment = ""
output_application = ""
output_owner_login = ""
output_owner = ""
output_project = ""
output_subscription_name = ""
output_resource_group = ""
output_location = ""
# Build Confluene body
today = date.today()
post_body = ''
# Create a Subscription Client
subscription_client = SubscriptionClient(credentials)
for subscriptions in subscription_client.subscriptions.list():
vm_count = 0
print(subscriptions.display_name)
subscription_name = subscriptions.display_name
subscription_id = subscriptions.subscription_id
output_subscription_name = subscription_name
body = ''
body += '<h2>Subscription: ' + subscription_name + '</h2>'
body += '<table><colgroup><col /><col /></colgroup><tbody>'
body += '<tr>'
body += '<th>SQL Server Name</th>'
body += '<th>Version</th>'
body += '<th>Edition</th>'
body += '<th>License</th>'
body += '<th>SQL Management</th>'
body += '<th>Location</th>'
body += '</tr>'
sql_client = SqlVirtualMachineManagementClient(credentials,
subscription_id)
for sql in sql_client.sql_virtual_machines.list():
vm_count += 1
output_name = sql.name
output_location = sql.location
output_image = sql.sql_image_offer
output_sku = sql.sql_image_sku
output_management = sql.sql_management
output_license = sql.sql_server_license_type
tags = sql.tags
if tags != None:
if "Application" in tags:
output_application = tags["Application"]
else:
output_application = ""
if "OwnerLogin" in tags:
output_owner_login = tags["OwnerLogin"]
else:
output_owner_login = ""
if "Owner" in tags:
output_owner = tags["Owner"]
else:
output_owner = ""
if "Environment" in tags:
output_environment = tags["Environment"]
else:
output_environment = ""
if "Project" in tags:
output_project = tags["Project"]
else:
output_project = ""
body += '<tr>'
body += '<td>' + output_name + '</td>'
body += '<td>' + output_image + '</td>'
body += '<td>' + output_sku + '</td>'
body += '<td>' + output_license + '</td>'
body += '<td>' + output_management + '</td>'
body += '<td>' + output_location.capitalize() + '</td>'
body += '</tr>'
body += '</tbody></table>'
body += '<p></p>'
if vm_count == 0:
print("No VMs in subscription:" + subscription_name)
else:
post_body += body
post_body += '<p>Azure Automated Inventory - SQL Server Virtual Machines </p>'
post_body += '<p>Last discovery execution date :' + str(today) + '</p>'
# print (post_body)
#status = confluence.create_page(space='DCS',parent_id=1463911167,title="Azure Virtual Machines",body=body)
status = confluence.update_page(page_id=1465450878,
title="Azure SQL Server Virtual Machines",
body=post_body)
print(status)
def _set_subscriptions(self):
# Create the client
subscription_client = SubscriptionClient(
self.credentials.arm_credentials)
# Get all the accessible subscriptions
accessible_subscriptions_list = list(
subscription_client.subscriptions.list())
if not accessible_subscriptions_list:
print_exception(
'The provided credentials do not have access to any subscriptions'
)
self.subscription_list = []
return
# Final list, start empty
subscriptions_list = []
# No subscription provided, infer
if not (self.subscription_ids or self.all_subscriptions):
try:
# Tries to read the subscription list
print_info('No subscription set, inferring ID')
s = next(subscription_client.subscriptions.list())
except StopIteration:
print_info('Unable to infer a subscription')
# If the user cannot read subscription list, ask Subscription ID:
if not self.programmatic_execution:
s = input('Subscription ID: ')
else:
print_exception('Unable to infer a Subscription ID')
raise
finally:
print_info('Running against the "{}" subscription'.format(
s.subscription_id))
subscriptions_list.append(s)
# A specific set of subscriptions
elif self.subscription_ids:
# Only include accessible subscriptions
subscriptions_list = [
s for s in accessible_subscriptions_list
if s.subscription_id in self.subscription_ids
]
# Verbose skip
for s in self.subscription_ids:
if not any(subs.subscription_id == s
for subs in accessible_subscriptions_list):
print_info(
'Skipping subscription "{}": this subscription does not exist or '
'is not accessible with the provided credentials'.
format(s))
print_info('Running against {} subscription(s)'.format(
len(subscriptions_list)))
# All subscriptions
elif self.all_subscriptions:
subscriptions_list = accessible_subscriptions_list
print_info('Running against {} subscription(s)'.format(
len(subscriptions_list)))
# Other == error
else:
print_exception('Unknown Azure subscription option')
self.subscription_list = []
raise
if subscriptions_list:
self.subscription_list = subscriptions_list
else:
print_exception('No subscriptions to scan')
self.subscription_list = []
raise
def _set_subscriptions(self):
# Create the client
subscription_client = SubscriptionClient(
self.credentials.arm_credentials)
subscription_client._client.config.add_user_agent(get_user_agent())
# Get all the accessible subscriptions
accessible_subscriptions_list = list(
subscription_client.subscriptions.list())
if not accessible_subscriptions_list:
raise AuthenticationException(
'The provided credentials do not have access to any subscriptions'
)
# Final list, start empty
subscriptions_list = []
# No subscription provided, infer
if not (self.subscription_ids or self.all_subscriptions):
try:
# Tries to read the subscription list
print_info('No subscription set, inferring')
s = next(subscription_client.subscriptions.list())
except StopIteration:
print_info('Unable to infer a subscription')
# If the user cannot read subscription list, ask Subscription ID:
if not self.programmatic_execution:
s = input('Subscription ID: ')
else:
print_exception('Unable to infer a Subscription ID')
# raise
finally:
subscriptions_list.append(s)
# All subscriptions
elif self.all_subscriptions:
subscriptions_list = accessible_subscriptions_list
# A specific set of subscriptions
elif self.subscription_ids:
# Only include accessible subscriptions
subscriptions_list = [
s for s in accessible_subscriptions_list
if s.subscription_id in self.subscription_ids
]
# Verbose skip
for s in self.subscription_ids:
if not any(subs.subscription_id == s
for subs in accessible_subscriptions_list):
raise AuthenticationException(
'Subscription {} does not exist or is not accessible '
'with the provided credentials'.format(s))
# Other == error
else:
raise AuthenticationException('Unknown Azure subscription option')
if subscriptions_list and len(subscriptions_list) > 0:
self.subscription_list = subscriptions_list
if len(subscriptions_list) == 1:
print_info('Running against subscription {}'.format(
subscriptions_list[0].subscription_id))
else:
print_info('Running against {} subscriptions'.format(
len(subscriptions_list)))
else:
raise AuthenticationException('No subscriptions to scan')
def _get_subscription(self, session_factory, config):
session = local_session(session_factory)
client = SubscriptionClient(session.get_credentials())
details = client.subscriptions.get(
subscription_id=session.get_subscription_id())
return details.serialize(True)
def authenticate(self, cli=None, msi=None, service_principal=None, file_auth=None, user_account=None,
tenant_id=None, subscription_id=None, client_id=None, client_secret=None, username=None,
password=None, **kargs):
"""
Implements authentication for the Azure provider
"""
try:
if cli:
cli_credentials, subscription_id = get_azure_cli_credentials()
return AzureCredentials(cli_credentials, subscription_id)
elif msi:
msi_auth_credentials = MSIAuthentication()
# Get the subscription ID
subscription_client = SubscriptionClient(msi_auth_credentials)
try:
# Tries to read the subscription list
subscription = next(subscription_client.subscriptions.list())
subscription_id = subscription.subscription_id
except StopIteration:
# If the VM cannot read subscription list, ask Subscription ID:
subscription_id = input('Subscription ID: ')
return AzureCredentials(msi_auth_credentials, subscription_id)
elif file_auth:
data = json.loads(file_auth.read())
subscription_id = data.get('subscriptionId')
tenant_id = data.get('tenantId')
client_id = data.get('clientId')
client_secret = data.get('clientSecret')
credentials = ServicePrincipalCredentials(
client_id=client_id,
secret=client_secret,
tenant=tenant_id
)
return AzureCredentials(credentials, subscription_id)
elif service_principal:
subscription_id = subscription_id if subscription_id else input(
"Subscription ID: ")
tenant_id = tenant_id if tenant_id else input("Tenant ID: ")
client_id = client_id if client_id else input("Client ID: ")
client_secret = client_secret if client_secret else getpass(
"Client secret: ")
credentials = ServicePrincipalCredentials(
client_id=client_id,
secret=client_secret,
tenant=tenant_id
)
return AzureCredentials(credentials, subscription_id, tenant_id)
elif user_account:
username = username if username else input("Username: "******"Password: ")
credentials = UserPassCredentials(username, password)
if not subscription_id:
# Get the subscription ID
subscription_client = SubscriptionClient(credentials)
try:
# Tries to read the subscription list
subscription = next(subscription_client.subscriptions.list())
subscription_id = subscription.subscription_id
except StopIteration:
# If the user cannot read subscription list, ask Subscription ID:
subscription_id = input('Subscription ID: ')
return AzureCredentials(credentials, subscription_id)
except Exception as e:
raise AuthenticationException(e)
def read(self):
"""Return an Azure cloud infrastructure configuration record.
Yields:
dict: An Azure cloud infrastructure configuration record.
"""
# pylint: disable=R0914
subscription_client = SubscriptionClient(self._credentials)
for i, sub in enumerate(subscription_client.subscriptions.list()):
subscription_id = str(sub.subscription_id)
_log.info('Found subscription #%d; subscription_id: %s; '
'display_name: %s',
i, subscription_id, sub.display_name)
# Initialize Azure clients for the current subscription.
creds = self._credentials
compute_client = ComputeManagementClient(creds, subscription_id)
network_client = NetworkManagementClient(creds, subscription_id)
storage_client = StorageManagementClient(creds, subscription_id)
resource_client = ResourceManagementClient(creds, subscription_id)
# Get iterators for each type of data.
vm_list = compute_client.virtual_machines.list_all()
app_gw_list = network_client.application_gateways.list_all()
lb_iter = network_client.load_balancers.list_all()
nic_list = network_client.network_interfaces.list_all()
nsg_list = network_client.network_security_groups.list_all()
pubip_list = network_client.public_ip_addresses.list_all()
storage_account_list = storage_client.storage_accounts.list()
resource_group_list = resource_client.resource_groups.list()
resource_list = resource_client.resources.list()
# Retrieve data using each iterator.
for record in itertools.chain(
_get_record(vm_list, 'virtual_machine',
subscription_id, self._max_recs),
_get_record(app_gw_list, 'app_gateway',
subscription_id, self._max_recs),
_get_record(lb_iter, 'lb',
subscription_id, self._max_recs),
_get_record(nic_list, 'nic',
subscription_id, self._max_recs),
_get_record(nsg_list, 'nsg',
subscription_id, self._max_recs),
_get_record(pubip_list, 'public_ip',
subscription_id, self._max_recs),
_get_record(storage_account_list, 'storage_account',
subscription_id, self._max_recs),
_get_record(resource_group_list, 'resource_group',
subscription_id, self._max_recs),
_get_record(resource_list, 'resource',
subscription_id, self._max_recs),
):
yield record
# Break after pulling data for self._max_subs number of
# subscriptions. Note that if self._max_subs is 0 or less,
# then the following condition never evaluates to True.
if i + 1 == self._max_subs:
_log.info('Ending subscriptions fetch due to '
'_max_subs: %d', self._max_subs)
break
def main(req: func.HttpRequest) -> func.HttpResponse:
logger = logging.getLogger(__name__)
formatter = logging.Formatter(
'%(asctime)s %(name)s %(levelname)s: %(message)s')
func_context = os.environ['FUNCTION_CONTEXT']
logger.debug(f"Function context --> {func_context}")
credentials = None
subscription_id = None
kv_credentials = None
kv_subscription_id = None
if func_context == 'local':
filehandler = logging.FileHandler('func.log')
filehandler.setFormatter(formatter)
logger.addHandler(filehandler)
logger.setLevel(logging.DEBUG)
credentials, kv_credentials, subscription_id = get_local_credentials()
else:
console = logging.StreamHandler()
console.setLevel(logging.INFO)
console.setFormatter(formatter)
credentials, kv_credentials, subscription_id = get_azure_credentials()
logger.debug('Python HTTP trigger function processed a request.')
logger.debug(f"method={req.method}, url={req.url}, params={req.params}")
logger.debug(f"body={req.get_json()}")
# Handle WebHook
webhook = req.get_json()
# Get resource information specifically tags if this is an alert
resource_id = None
if "azureMonitorCommonAlertSchema" in webhook["schemaId"]:
if check_keys(webhook, 'data', 'essentials', 'alertTargetIDs'):
resource_id = webhook["data"]["essentials"]["alertTargetIDs"]
if resource_id:
resource_client = ResourceManagementClient(credentials,
subscription_id)
try:
resource = resource_client.resources.get_by_id(
resource_id[0], api_version='2018-06-01')
if resource.tags:
# webhook['resource_tags'] = resource.tags
logger.info(f"found resource tags {resource.tags}")
else:
logger.info(f"no tags found in resource {resource_id}")
except:
logger.error(
f"received exception from ResourceManagementClient for {resource_id}"
)
else:
logger.info("no resource_id found in webhook")
subscription_client = SubscriptionClient(credentials)
subscription = next(subscription_client.subscriptions.list())
webhook['additionalData'] = {}
if 'motsID' in subscription.tags.keys():
webhook['additionalData']['motsID'] = subscription.tags['motsID']
logger.info(f"added subscription tags={subscription.tags}")
# Key Vault stuff
kv_mgmt_client = KeyVaultManagementClient(credentials, subscription_id)
# kv_client = KeyVaultClient(credentials)
kv_client = SecretClient(vault_url=os.environ['KEY_VAULT_URI'],
credential=kv_credentials)
namespace = kv_client.get_secret('EventHubNamespace').value
event_hub = kv_client.get_secret('EventHub').value
user = kv_client.get_secret('EventHubKeyName').value
key = kv_client.get_secret('EventHubKey').value
# Check whether connection string exists in Key Vault
kv_prop = kv_client.list_properties_of_secrets()
if 'EventHubConnectionString' in [prop.name for prop in kv_prop]:
conn_string = get_kv_secret(kv_client,
'EventHubConnectionString').value
else:
conn_string = f"Endpoint=sb://{namespace}.servicebus.windows.net/;SharedAccessKeyName={user};SharedAccessKey={key}"
eh_prod_client = EventHubProducerClient.from_connection_string(
conn_string, eventhub_name=event_hub)
event_data_batch = eh_prod_client.create_batch()
event_data_batch.add(EventData(json.dumps(webhook)))
eh_prod_client.send_batch(event_data_batch)
logger.info(f"sending event to {namespace}, {json.dumps(webhook)}")
date = datetime.datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%f")
return func.HttpResponse(json.dumps({'date': date, 'status': 'SUCCESS'}))
def authenticate(self, cli=None, msi=None, service_principal=None, file_auth=None, user_account=None,
tenant_id=None, subscription_id=None, client_id=None, client_secret=None, username=None,
password=None, **kargs):
"""
Implements authentication for the Azure provider using azure-cli.
Refer to https://docs.microsoft.com/en-us/python/azure/python-sdk-azure-authenticate?view=azure-python.
:return:
"""
try:
if cli:
cli_credentials, self.aws_account_id = get_azure_cli_credentials() # TODO: Remove aws_account_id
self.credentials = AzureCredentials(cli_credentials, self.aws_account_id)
return True
elif msi:
credentials = MSIAuthentication()
# Get the subscription ID
subscription_client = SubscriptionClient(credentials)
try:
# Tries to read the subscription list
subscription = next(subscription_client.subscriptions.list())
self.aws_account_id = subscription.subscription_id
except StopIteration:
# If the VM cannot read subscription list, ask Subscription ID:
self.aws_account_id = input('Subscription ID: ')
self.credentials = AzureCredentials(credentials, self.aws_account_id)
return True
elif file_auth:
data = json.loads(file_auth.read())
subscription_id = data.get('subscriptionId')
tenant_id = data.get('tenantId')
client_id = data.get('clientId')
client_secret = data.get('clientSecret')
self.aws_account_id = tenant_id # TODO this is for AWS
credentials = ServicePrincipalCredentials(
client_id=client_id,
secret=client_secret,
tenant=tenant_id
)
self.credentials = AzureCredentials(credentials, subscription_id)
return True
elif service_principal:
subscription_id = subscription_id if subscription_id else input("Subscription ID: ")
tenant_id = tenant_id if tenant_id else input("Tenant ID: ")
client_id = client_id if client_id else input("Client ID: ")
client_secret = client_secret if client_secret else getpass("Client secret: ")
self.aws_account_id = tenant_id # TODO this is for AWS
credentials = ServicePrincipalCredentials(
client_id=client_id,
secret=client_secret,
tenant=tenant_id
)
self.credentials = AzureCredentials(credentials, subscription_id)
return True
elif user_account:
username = username if username else input("Username: "******"Password: ")
credentials = UserPassCredentials(username, password)
if subscription_id:
self.aws_account_id = subscription_id
else:
# Get the subscription ID
subscription_client = SubscriptionClient(credentials)
try:
# Tries to read the subscription list
subscription = next(subscription_client.subscriptions.list())
self.aws_account_id = subscription.subscription_id
except StopIteration:
# If the user cannot read subscription list, ask Subscription ID:
self.aws_account_id = input('Subscription ID: ')
self.credentials = AzureCredentials(credentials, self.aws_account_id)
return True
except Exception as e:
printError('Failed to authenticate to Azure')
printException(e)
return False
def authenticate(self,
cli=None,
user_account=None,
service_principal=None,
file_auth=None,
msi=None,
tenant_id=None,
subscription_id=None,
client_id=None,
client_secret=None,
username=None,
password=None,
programmatic_execution=False,
**kargs):
"""
Implements authentication for the Azure provider
"""
try:
# Set logging level to error for libraries as otherwise generates a lot of warnings
logging.getLogger('adal-python').setLevel(logging.ERROR)
logging.getLogger('msrest').setLevel(logging.ERROR)
logging.getLogger('urllib3').setLevel(logging.ERROR)
if cli:
credentials, subscription_id, tenant_id = get_azure_cli_credentials(
with_tenant=True)
graphrbac_credentials, placeholder_1, placeholder_2 = \
get_azure_cli_credentials(with_tenant=True, resource='https://graph.windows.net')
elif user_account:
if not (username and password):
if not programmatic_execution:
username = username if username else input(
"Username: "******"Password: "******"Tenant ID: ")
else:
raise AuthenticationException('No Tenant ID set')
if not client_id:
if not programmatic_execution:
client_id = input("Client ID: ")
else:
raise AuthenticationException('No Client ID set')
if not client_secret:
if not programmatic_execution:
client_secret = getpass("Client secret: ")
else:
raise AuthenticationException('No Client Secret set')
credentials = ServicePrincipalCredentials(client_id=client_id,
secret=client_secret,
tenant=tenant_id)
graphrbac_credentials = ServicePrincipalCredentials(
client_id=client_id,
secret=client_secret,
tenant=tenant_id,
resource='https://graph.windows.net')
elif file_auth:
data = json.loads(file_auth.read())
subscription_id = data.get('subscriptionId')
tenant_id = data.get('tenantId')
client_id = data.get('clientId')
client_secret = data.get('clientSecret')
credentials = ServicePrincipalCredentials(client_id=client_id,
secret=client_secret,
tenant=tenant_id)
graphrbac_credentials = ServicePrincipalCredentials(
client_id=client_id,
secret=client_secret,
tenant=tenant_id,
resource='https://graph.windows.net')
elif msi:
credentials = MSIAuthentication()
graphrbac_credentials = MSIAuthentication(
resource='https://graph.windows.net')
if not subscription_id:
try:
# Get the subscription ID
subscription_client = SubscriptionClient(credentials)
print_info('No subscription set, inferring ID')
# Tries to read the subscription list
subscription = next(
subscription_client.subscriptions.list())
subscription_id = subscription.subscription_id
tenant_id = subscription.tenant_id
print_info(
'Running against the {} subscription'.format(
subscription_id))
except StopIteration:
# If the VM cannot read subscription list, ask Subscription ID:
if not programmatic_execution:
subscription_id = input('Subscription ID: ')
else:
raise AuthenticationException(
'Unable to infer a Subscription ID')
return AzureCredentials(credentials, graphrbac_credentials,
subscription_id, tenant_id)
except Exception as e:
raise AuthenticationException(e)
def authenticate(self,
cli=None,
msi=None,
service_principal=None,
file_auth=None,
user_account=None,
tenant_id=None,
subscription_id=None,
client_id=None,
client_secret=None,
username=None,
password=None,
programmatic_execution=False,
**kargs):
"""
Implements authentication for the Azure provider
"""
try:
if cli:
credentials, subscription_id = get_azure_cli_credentials()
elif msi:
credentials = MSIAuthentication()
# Get the subscription ID
subscription_client = SubscriptionClient(credentials)
try:
print_info('No subscription set, inferring ID')
# Tries to read the subscription list
subscription = next(
subscription_client.subscriptions.list())
subscription_id = subscription.subscription_id
print_info('Running against the {} subscription'.format(
subscription_id))
except StopIteration:
# If the VM cannot read subscription list, ask Subscription ID:
if not programmatic_execution:
subscription_id = input('Subscription ID: ')
else:
AuthenticationException(
'Unable to infer a Subscription ID')
elif file_auth:
data = json.loads(file_auth.read())
subscription_id = data.get('subscriptionId')
tenant_id = data.get('tenantId')
client_id = data.get('clientId')
client_secret = data.get('clientSecret')
credentials = ServicePrincipalCredentials(client_id=client_id,
secret=client_secret,
tenant=tenant_id)
elif service_principal:
if not subscription_id:
if not programmatic_execution:
subscription_id = input('Subscription ID: ')
else:
AuthenticationException('No Subscription ID set')
if not tenant_id:
if not programmatic_execution:
tenant_id = input("Tenant ID: ")
else:
AuthenticationException('No Tenant ID set')
if not client_id:
if not programmatic_execution:
client_id = input("Client ID: ")
else:
AuthenticationException('No Client ID set')
if not client_secret:
if not programmatic_execution:
client_secret = getpass("Client secret: ")
else:
AuthenticationException('No Client Secret set')
credentials = ServicePrincipalCredentials(client_id=client_id,
secret=client_secret,
tenant=tenant_id)
elif user_account:
if not username and password:
if not programmatic_execution:
username = username if username else input(
"Username: "******"Password: ")
else:
AuthenticationException(
'Username and/or password not set')
credentials = UserPassCredentials(username, password)
if not subscription_id:
# Get the subscription ID
subscription_client = SubscriptionClient(credentials)
try:
# Tries to read the subscription list
print_info('No subscription set, inferring ID')
subscription = next(
subscription_client.subscriptions.list())
subscription_id = subscription.subscription_id
print_info(
'Running against the {} subscription'.format(
subscription_id))
except StopIteration:
print_info('Unable to infer a subscription')
# If the user cannot read subscription list, ask Subscription ID:
if not programmatic_execution:
subscription_id = input('Subscription ID: ')
else:
AuthenticationException(
'Unable to infer a Subscription ID')
return AzureCredentials(credentials, subscription_id, tenant_id)
except Exception as e:
raise AuthenticationException(e)
from azure.mgmt.storage import StorageManagementClient
from azure.mgmt.storage.models import StorageAccountCreateParameters
from pprint import pprint
from msrestazure.azure_active_directory import MSIAuthentication
from azure.mgmt.resource import ResourceManagementClient, SubscriptionClient
credentials, sub_id = get_azure_cli_credentials()
print(credentials)
# exit(0)
# subscriptionClient = get_client_from_cli_profile(SubscriptionClient)
subscriptionClient = SubscriptionClient(credentials)
for subscription in subscriptionClient.subscriptions.list():
subscription_id = subscription.subscription_id
print("Subcription ID: {} Name: {} State: {} \n\tAuth: {}".format(
subscription.subscription_id, subscription.display_name,
subscription.state, subscription.authorization_source))
print("\tLocation: {} \n\tQuota: {} \n\tSpendLimit: {}".format(
subscription.subscription_policies.location_placement_id,
subscription.subscription_policies.quota_id,
subscription.subscription_policies.spending_limit))
storageClient = StorageManagementClient(credentials, subscription_id)
storage_accounts = storageClient.storage_accounts.list()
for sa in storage_accounts:
