def dataframe_management_grp_subcriptions(self, management_grp): """ https://docs.microsoft.com/en-us/python/api/azure-mgmt-managementgroups/azure.mgmt.managementgroups.operations.entities_operations.entitiesoperations?view=azure-python :param management_grp: :return: """ management_client = ManagementGroupsAPI(self.credentials) mngrp_subscriptions = management_client.entities.list(group_name=management_grp) """Here we want to only return subscriptions""" subscriptions_limited = [ [ subscriptions.name, subscriptions.tenant_id, subscriptions.display_name, management_grp, ] for subscriptions in mngrp_subscriptions if "/subscriptions" in subscriptions.type ] df = pd.DataFrame( data=subscriptions_limited, columns=self.limited_subscription_columns() ) df.set_index("subscription_id", inplace=True) return df
def get_subscriptions_list(managed_resource_group, credentials): client = ManagementGroupsAPI(credentials) groups = client.management_groups.get( group_id=managed_resource_group, recurse=True, expand="children").serialize()["properties"] subscriptions = ManagedGroupHelper.filter_subscriptions('type', groups) subscriptions = [ subscription['name'] for subscription in subscriptions ] return subscriptions
def setUp(self): super(MgmtResourcePolicyTest, self).setUp() self.policy_client = self.create_mgmt_client( azure.mgmt.resource.PolicyClient) if self.is_live: # special client from azure.mgmt.managementgroups import ManagementGroupsAPI self.mgmtgroup_client = ManagementGroupsAPI( credentials=self.settings.get_credentials())
def setUp(self): super(MgmtResourceLinksTest, self).setUp() self.mgmt_client = self.create_mgmt_client( azure.mgmt.resource.ApplicationClient) self.resource_client = self.create_mgmt_client( azure.mgmt.resource.ResourceManagementClient) if self.is_live: # special client from azure.mgmt.managementgroups import ManagementGroupsAPI self.mgmtgroup_client = ManagementGroupsAPI( credentials=self.settings.get_credentials())
async def get_api_client(hub, ctx, **kwargs): """ .. versionadded:: 2.0.0 Load the ManagementGroupsAPI client and returns the client object. """ ( credentials, subscription_id, cloud_env, ) = await hub.exec.azurerm.utils.determine_auth(ctx, **kwargs) client = ManagementGroupsAPI(credentials=credentials, base_url=None) return client
def get_management_group_entities(self, management_grp, subscriptions_only=True): entity_list = list() management_client = ManagementGroupsAPI(self.credentials) mngrp_subscriptions = management_client.entities.list( group_name=management_grp) for entity in mngrp_subscriptions: if subscriptions_only: if "/subscriptions" in entity.type: sub_entity = dict() sub_entity['name'] = entity.name sub_entity['display_name'] = entity.display_name sub_entity['resource_id'] = entity.id sub_entity['tenant_id'] = entity.tenant_id entity_list.append(sub_entity) else: raise NotImplementedError return entity_list
from azure.common.credentials import ServicePrincipalCredentials from azure.mgmt.managementgroups import ManagementGroupsAPI from settings import AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_KEY, AZURE_SUBSCRIPTION_ID # This script expects that the following environment vars are set in settings.py: # # AZURE_TENANT_ID: with your Azure Active Directory tenant id or domain # AZURE_CLIENT_ID: with your Azure Active Directory Application Client ID # AZURE_CLIENT_SECRET: with your Azure Active Directory Application Secret # AZURE_SUBSCRIPTION_ID: with your Azure Subscription Id # if __name__ == "__main__": # Delete me print(AZURE_TENANT_ID) print(AZURE_CLIENT_ID) print(AZURE_KEY) print(AZURE_SUBSCRIPTION_ID) credentials = ServicePrincipalCredentials(client_id=AZURE_CLIENT_ID, secret=AZURE_KEY, tenant=AZURE_TENANT_ID) management_group_client = ManagementGroupsAPI(credentials, base_url=None) dir_test = vars(management_group_client) print("Vars") print(dir_test)
def create_management_grp_policy_assignments(self, management_grp, subscription_id): """ This method create a policies within a management group per subscription The subscription id in required to make a query against the Python SDK when querying a management group. Looking for alternatives. :param management_grp: :param subscription_id: :return: """ with change_dir(OPERATIONSPATH): config = ConfigParser() config.read(CONFVARIABLES) management_client = ManagementGroupsAPI(self.credentials) mngrp_subscriptions = management_client.entities.list(group_name=management_grp) for subscription in mngrp_subscriptions: if ( "/providers/Microsoft.Management/managementGroups" not in subscription.type ): policy_client = PolicyClient( credentials=self.credentials, subscription_id=subscription_id, base_url=None, ) policies = policy_client.policy_definitions.list_by_management_group( management_grp ) scope = "/subscriptions/{subscriptionId}".format( subscriptionId=subscription.name ) for policy in policies: if ( not policy.metadata.get("category") is None and policy.metadata.get("category") in config["FILTERS"]["policy_defition_category"] ): assignment = PolicyAssignment( display_name=policy.display_name, policy_definition_id=policy.id, scope=scope, parameters=None, description=policy.description, ) policy_assignment_name = "{}-assignment".format( assignment.display_name ) try: result = policy_client.policy_assignments.create( scope=scope, policy_assignment_name=policy_assignment_name, parameters=assignment, ) if result: print( "Subscription deployed: {}".format( subscription.name, policy_assignment_name, policy.display_name, ) ) except ErrorResponseException: print( "Subcription failed: {}".format( subscription.name, policy_assignment_name, policy.display_name, ) )
def get_subscriptions_list(managed_resource_group, credentials): client = ManagementGroupsAPI(credentials) entities = client.entities.list(filter='name eq \'%s\'' % managed_resource_group) return [e.name for e in entities if e.type == '/subscriptions']