AzureRMR/README.md

# AzureRMR

[![CRAN](https://www.r-pkg.org/badges/version/AzureRMR)](https://cran.r-project.org/package=AzureRMR)
![Downloads](https://cranlogs.r-pkg.org/badges/AzureRMR)
[![Travis Build Status](https://travis-ci.org/cloudyr/AzureRMR.png?branch=master)](https://travis-ci.org/cloudyr/AzureRMR)

AzureRMR is a package for interacting with Azure Active Directory and Azure Resource Manager: obtain AAD authentication tokens, list subscriptions, manage resource groups, deploy and delete templates and resources. It calls the Resource Manager [REST API](https://docs.microsoft.com/en-us/rest/api/resources) directly, so you don't need to have PowerShell or Python installed.

You can install the development version from GitHub, via `devtools::install_github("cloudyr/AzureRMR")`.


## Before you begin

To use AzureRMR, you must create and register a service principal with Azure Active Directory. This is a one-time task, and the easiest method is to use the Azure cloud shell.

- In the Azure Portal (https://portal.azure.com/), click on the Cloud Shell icon:

![](vignettes/images/cloudportal2.png)

- If you haven't used the shell before, there will be a dialog box to choose whether to use bash or PowerShell. Choose bash.
- In the shell, type `az ad sp create-for-rbac --name {app-name} --subscription "{your-subscription-name}" --years {N}`, substituting the desired name of your service principal (try to make it memorable to you, and unlikely to clash with other names), your subscription name, and the number of years you want the password to be valid.
- Wait until the app creation is complete. You should see a screen like this.

![](vignettes/images/cloudshell.png)

- Record your tenant ID, app ID, and password.

If you want to allow access at something other than subscription level, you can use the `--scopes` argument in place of `--subscription`. For example, to restrict AzureRMR to only the "AnalyticsRG" resource group: `az ad sp create-for-rbac --scopes /subscriptions/{your-subscription-ID}/resourceGroups/AnalyticsRG`.


## Authentication

Under the hood, AzureRMR uses a similar authentication process to the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/?view=azure-cli-latest). The first time you authenticate with a given Azure Active Directory tenant, you call `create_azure_login()` and supply your tenant, app ID and password. The resulting Resource Manager client object is saved on your machine, and can be retrieved in subsequent R sessions with `get_azure_login("{tenant}")`. AzureRMR will automatically refresh your credentials so you don't have to re-authenticate.


## Sample workflow

```r
library(AzureRMR)

# authenticate with Azure AD:
# - on first login to this client, call create_azure_login(...)
# - on subsequent logins, call get_azure_login("myaadtenant")
az <- create_azure_login("myaadtenant", app="app_id", password="password")

# get a subscription and resource group
sub <- az$get_subscription("{subscription_id}")
rg <- sub$get_resource_group("rgname")

# get a resource (storage account)
stor <- rg$get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage")

# method chaining works too
stor <- az$
    get_subscription("{subscription_id}")$
    get_resource_group("rgname")$
    get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage")


# create a new resource group and resource
rg2 <- sub$create_resource_group("newrgname", location="westus")

stor2 <- rg2$create_resource(type="Microsoft.Storage/storageAccounts", name="mystorage2",
    kind="Storage", sku=list(name="Standard_LRS"))

# delete them
stor2$delete(confirm=FALSE)
rg2$delete(confirm=FALSE)
```

## Extending

AzureRMR is meant to be a generic mechanism for working with Resource Manager. You can extend it to provide support for service-specific features; examples of packages that do this include [AzureVM](https://github.com/cloudyr/AzureVM) for [virtual machines](https://azure.microsoft.com/en-us/services/virtual-machines/), and [AzureStor](https://github.com/cloudyr/AzureStor) for [storage accounts](https://azure.microsoft.com/en-us/services/storage/). For more information, see the ["Extending AzureRMR" vignette](vignettes/extend.Rmd).

## Acknowledgements

AzureRMR is inspired by the package AzureSMR, originally written by Alan Weaver and Andrie de Vries, and would not have been possible without their pioneering work. Thanks, guys!

---
[![cloudyr project logo](https://i.imgur.com/JHS98Y7.png)](https://github.com/cloudyr)
tweak readme 2018-11-09 11:33:36 +03:00			`# AzureRMR`

add badges 2018-12-03 09:21:01 +03:00			`[![CRAN](https://www.r-pkg.org/badges/version/AzureRMR)](https://cran.r-project.org/package=AzureRMR)`
			`![Downloads](https://cranlogs.r-pkg.org/badges/AzureRMR)`
			`[![Travis Build Status](https://travis-ci.org/cloudyr/AzureRMR.png?branch=master)](https://travis-ci.org/cloudyr/AzureRMR)`

update readme 2019-01-10 22:28:08 +03:00			`AzureRMR is a package for interacting with Azure Active Directory and Azure Resource Manager: obtain AAD authentication tokens, list subscriptions, manage resource groups, deploy and delete templates and resources. It calls the Resource Manager [REST API](https://docs.microsoft.com/en-us/rest/api/resources) directly, so you don't need to have PowerShell or Python installed.`
tweak readme 2018-11-09 11:33:36 +03:00
			You can install the development version from GitHub, via `devtools::install_github("cloudyr/AzureRMR")`.

Cli auth (#2) * changes to enable auth with CLI app id * api for persistent logins * dev version number * typo * add documentation * update docs to use get_az_login * update mds * allow new login flow to use svc principal * fix delete_az_login * more fixups * fix list_az_logins * update news * update intro * add badges * az_login -> azure_login * doc fix * cleanup * document * document fixup * update tests * rationalise auth arguments: resource_host first arg, auth_type default based on pwd * fix vignette img links 2018-12-26 07:15:31 +03:00
tweak readme 2018-11-09 11:33:36 +03:00			`## Before you begin`

			`To use AzureRMR, you must create and register a service principal with Azure Active Directory. This is a one-time task, and the easiest method is to use the Azure cloud shell.`

			`- In the Azure Portal (https://portal.azure.com/), click on the Cloud Shell icon:`

			`![](vignettes/images/cloudportal2.png)`

			`- If you haven't used the shell before, there will be a dialog box to choose whether to use bash or PowerShell. Choose bash.`
			- In the shell, type `az ad sp create-for-rbac --name {app-name} --subscription "{your-subscription-name}" --years {N}`, substituting the desired name of your service principal (try to make it memorable to you, and unlikely to clash with other names), your subscription name, and the number of years you want the password to be valid.
			`- Wait until the app creation is complete. You should see a screen like this.`

			`![](vignettes/images/cloudshell.png)`

			`- Record your tenant ID, app ID, and password.`

			If you want to allow access at something other than subscription level, you can use the `--scopes` argument in place of `--subscription`. For example, to restrict AzureRMR to only the "AnalyticsRG" resource group: `az ad sp create-for-rbac --scopes /subscriptions/{your-subscription-ID}/resourceGroups/AnalyticsRG`.

Cli auth (#2) * changes to enable auth with CLI app id * api for persistent logins * dev version number * typo * add documentation * update docs to use get_az_login * update mds * allow new login flow to use svc principal * fix delete_az_login * more fixups * fix list_az_logins * update news * update intro * add badges * az_login -> azure_login * doc fix * cleanup * document * document fixup * update tests * rationalise auth arguments: resource_host first arg, auth_type default based on pwd * fix vignette img links 2018-12-26 07:15:31 +03:00
			`## Authentication`

more tidying, export data dir fn 2019-01-15 03:03:42 +03:00			Under the hood, AzureRMR uses a similar authentication process to the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/?view=azure-cli-latest). The first time you authenticate with a given Azure Active Directory tenant, you call `create_azure_login()` and supply your tenant, app ID and password. The resulting Resource Manager client object is saved on your machine, and can be retrieved in subsequent R sessions with `get_azure_login("{tenant}")`. AzureRMR will automatically refresh your credentials so you don't have to re-authenticate.
Cli auth (#2) * changes to enable auth with CLI app id * api for persistent logins * dev version number * typo * add documentation * update docs to use get_az_login * update mds * allow new login flow to use svc principal * fix delete_az_login * more fixups * fix list_az_logins * update news * update intro * add badges * az_login -> azure_login * doc fix * cleanup * document * document fixup * update tests * rationalise auth arguments: resource_host first arg, auth_type default based on pwd * fix vignette img links 2018-12-26 07:15:31 +03:00

tweak readme 2018-11-09 11:33:36 +03:00			`## Sample workflow`

			```r
			`library(AzureRMR)`

Cli auth (#2) * changes to enable auth with CLI app id * api for persistent logins * dev version number * typo * add documentation * update docs to use get_az_login * update mds * allow new login flow to use svc principal * fix delete_az_login * more fixups * fix list_az_logins * update news * update intro * add badges * az_login -> azure_login * doc fix * cleanup * document * document fixup * update tests * rationalise auth arguments: resource_host first arg, auth_type default based on pwd * fix vignette img links 2018-12-26 07:15:31 +03:00			`# authenticate with Azure AD:`
			`# - on first login to this client, call create_azure_login(...)`
			`# - on subsequent logins, call get_azure_login("myaadtenant")`
more tidying, export data dir fn 2019-01-15 03:03:42 +03:00			`az <- create_azure_login("myaadtenant", app="app_id", password="password")`
tweak readme 2018-11-09 11:33:36 +03:00
			`# get a subscription and resource group`
			`sub <- az$get_subscription("{subscription_id}")`
			`rg <- sub$get_resource_group("rgname")`

			`# get a resource (storage account)`
			`stor <- rg$get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage")`

			`# method chaining works too`
			`stor <- az$`
			`get_subscription("{subscription_id}")$`
			`get_resource_group("rgname")$`
slight readme fix 2018-11-18 23:51:10 +03:00			`get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage")`
tweak readme 2018-11-09 11:33:36 +03:00

			`# create a new resource group and resource`
			`rg2 <- sub$create_resource_group("newrgname", location="westus")`

slight readme fix 2018-11-18 23:51:10 +03:00			`stor2 <- rg2$create_resource(type="Microsoft.Storage/storageAccounts", name="mystorage2",`
			`kind="Storage", sku=list(name="Standard_LRS"))`
tweak readme 2018-11-09 11:33:36 +03:00
			`# delete them`
			`stor2$delete(confirm=FALSE)`
			`rg2$delete(confirm=FALSE)`
			```

			`## Extending`

			AzureRMR is meant to be a generic mechanism for working with Resource Manager. You can extend it to provide support for service-specific features; examples of packages that do this include [AzureVM](https://github.com/cloudyr/AzureVM) for [virtual machines](https://azure.microsoft.com/en-us/services/virtual-machines/), and [AzureStor](https://github.com/cloudyr/AzureStor) for [storage accounts](https://azure.microsoft.com/en-us/services/storage/). For more information, see the ["Extending AzureRMR" vignette](vignettes/extend.Rmd).

acknowledge AzureSMR 2019-01-12 13:58:09 +03:00			`## Acknowledgements`

			`AzureRMR is inspired by the package AzureSMR, originally written by Alan Weaver and Andrie de Vries, and would not have been possible without their pioneering work. Thanks, guys!`

tweak readme 2018-11-09 11:33:36 +03:00			`---`
			`[![cloudyr project logo](https://i.imgur.com/JHS98Y7.png)](https://github.com/cloudyr)`