def _build_password_credential(password, years): years = years or 1 start_date = datetime.datetime.now(TZ_UTC) end_date = start_date + relativedelta(years=years) from azure.graphrbac.models import PasswordCredential return PasswordCredential(start_date=start_date, end_date=end_date, key_id=str(_gen_guid()), value=password)
def _create_role_assignment(cli_ctx, role, assignee_object_id, scope): factory = _auth_client_factory(cli_ctx, scope) assignments_client = factory.role_assignments definitions_client = factory.role_definitions scope = '/subscriptions/' + assignments_client.config.subscription_id role_id = _resolve_role_id(role, scope, definitions_client) from azure.mgmt.authorization.models import RoleAssignmentCreateParameters parameters = RoleAssignmentCreateParameters(role_definition_id=role_id, principal_id=assignee_object_id) return assignments_client.create(scope=scope, role_assignment_name=_gen_guid(), parameters=parameters)
def _create_role_assignment(cli_ctx, role, assignee_object_id, scope): factory = _auth_client_factory(cli_ctx, scope) assignments_client = factory.role_assignments definitions_client = factory.role_definitions scope = '/subscriptions/' + assignments_client.config.subscription_id role_id = _resolve_role_id(role, scope, definitions_client) from azure.mgmt.authorization.models import RoleAssignmentCreateParameters parameters = RoleAssignmentCreateParameters( role_definition_id=role_id, principal_id=assignee_object_id) return assignments_client.create(scope=scope, role_assignment_name=_gen_guid(), parameters=parameters)
def _create_role_assignment(cli_ctx, role, assignee_object_id, scope): from azure.cli.core.profiles import ResourceType, get_sdk factory = _auth_client_factory(cli_ctx, scope) assignments_client = factory.role_assignments definitions_client = factory.role_definitions role_id = _resolve_role_id(role, scope, definitions_client) RoleAssignmentCreateParameters = get_sdk(cli_ctx, ResourceType.MGMT_AUTHORIZATION, 'RoleAssignmentCreateParameters', mod='models', operation_group='role_assignments') parameters = RoleAssignmentCreateParameters(role_definition_id=role_id, principal_id=assignee_object_id) return assignments_client.create(scope=scope, role_assignment_name=_gen_guid(), parameters=parameters)
def _create_sp_password(sp_password): return str(_gen_guid()) if sp_password is None else sp_password