R package for interacting with Azure Resource Manager
Перейти к файлу
Hong Ooi c43ddf446a switch to Github Actions 2020-10-11 06:30:01 +11:00
.github/workflows switch to Github Actions 2020-10-11 06:30:01 +11:00
R some resources don't have provisioning state 2020-07-24 14:58:37 +10:00
man update for release 2020-07-26 16:38:18 +10:00
tests really fix resource tests 2020-07-24 15:17:55 +10:00
vignettes refresh vignettes, doc 2019-10-29 03:38:12 +11:00
.Rbuildignore switch to Github Actions 2020-10-11 06:30:01 +11:00
.gitattributes R files 2018-04-30 21:09:03 +10:00
.gitignore require confirmation before delete 2018-05-08 12:40:22 +10:00
AzureRMR.Rproj change repo name 2018-05-09 12:54:40 +10:00
AzureRMR.rxproj change repo name 2018-05-09 12:54:40 +10:00
AzureRMR.sln add sln file 2018-05-09 12:55:07 +10:00
CONTRIBUTING.md add contrib 2019-05-22 22:20:17 +10:00
DESCRIPTION switch to Github Actions 2020-10-11 06:30:01 +11:00
LICENSE move license to license.md for cran 2018-11-14 09:07:24 -08:00
LICENSE.md move license to license.md for cran 2018-11-14 09:07:24 -08:00
NAMESPACE export get_paged_list 2020-01-22 19:02:43 +11:00
NEWS.md update for release 2020-07-26 16:38:18 +10:00
README.md switch to Github Actions 2020-10-11 06:30:01 +11:00

README.md

AzureRMR

CRAN Downloads R-CMD-check

AzureRMR is a package for interacting with Azure Resource Manager: list subscriptions, manage resource groups, deploy and delete templates and resources. It calls the Resource Manager REST API directly, so you don't need to have PowerShell or Python installed. Azure Active Directory OAuth tokens are obtained using the AzureAuth package.

The primary repo for this package is at https://github.com/Azure/AzureRMR; please submit issues and PRs there. It is also mirrored at the Cloudyr org at https://github.com/cloudyr/AzureRMR. You can install the development version of the package with devtools::install_github("Azure/AzureRMR").

Authentication

Under the hood, AzureRMR uses a similar authentication process to the Azure CLI. The first time you authenticate with a given Azure Active Directory tenant, you call create_azure_login() and supply your credentials. AzureRMR will prompt you for permission to create a special data directory in which to cache the obtained authentication token and Resource Manager login. Once this information is saved on your machine, it can be retrieved in subsequent R sessions with get_azure_login(). Your credentials will be automatically refreshed so you don't have to reauthenticate.

Unless you have a specific reason otherwise, it's recommended that you allow AzureRMR to create this caching directory. Note that many other cloud engineering tools save credentials in this way, including the Azure CLI itself.

In most cases, AzureRMR can authenticate without requiring you to create your own service principal. However, AzureRMR can also use a custom service principal, and in general it's a good idea to supply your own to authenticate with (if possible). See the "Introduction to AzureRMR" vignette for more details.

Linux DSVM note If you are using a Linux Data Science Virtual Machine in Azure, you may have problems running create_azure_login(). In this case, try create_azure_login(auth_type="device_code").

Sample workflow

library(AzureRMR)

# authenticate with Azure AD:
# - on first login to this client, call create_azure_login()
# - on subsequent logins, call get_azure_login()
az <- create_azure_login()

# get a subscription and resource group
sub <- az$get_subscription("{subscription_id}")
rg <- sub$get_resource_group("rgname")

# get a resource (storage account)
stor <- rg$get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage")

# method chaining works too
stor <- az$
    get_subscription("{subscription_id}")$
    get_resource_group("rgname")$
    get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage")


# create a new resource group and resource
rg2 <- sub$create_resource_group("newrgname", location="westus")

stor2 <- rg2$create_resource(type="Microsoft.Storage/storageAccounts", name="mystorage2",
    kind="Storage", sku=list(name="Standard_LRS"))

# tagging
stor2$set_tags(comment="hello world!", created_by="AzureRMR")

# role-based access control (RBAC)
# this uses the AzureGraph package to retrieve the user ID
gr <- AzureGraph::get_graph_login()
usr <- gr$get_user("username@aadtenant.com")
stor2$add_role_assignment(usr, "Storage blob data contributor")

# pass the GUID of the principal if you don't have AzureGraph installed
stor2$add_role_assignment("041ff2be-4eb0-11e9-8f38-394fbcd0b29d", "Storage blob data contributor")

Extending

AzureRMR is meant to be a generic mechanism for working with Resource Manager. You can extend it to provide support for service-specific features; examples of packages that do this include AzureVM for virtual machines, and AzureStor for storage accounts. For more information, see the "Extending AzureRMR" vignette.

Acknowledgements

AzureRMR is inspired by the package AzureSMR, originally written by Alan Weaver and Andrie de Vries, and would not have been possible without their pioneering work. Thanks, guys!