Saltar al contenido principal

 Subscribe

We released 1.2 of the Azure Management Libraries for Java. This release adds support for additional security and deployment features, and more Azure services:

  • Managed service identity
  • Create users in Azure Active Directory, update service principals and assign permissions to apps
  • Storage service encryption
  • Deploy Web apps and functions using MS Deploy
  • Network watcher service
  • Search service

https://github.com/Azure/azure-sdk-for-java

Getting Started

Add the following dependency fragment to your Maven POM file to use 1.2 version of the libraries:


    com.microsoft.azure
    azure
    1.2.1

Create a Virtual Machine with Managed Service Identity (MSI)

You can create a virtual machine with MSI enabled using a define() … create() method chain:

VirtualMachine virtualMachine = azure.virtualMachines().define("myLinuxVM")
    .withRegion(Region.US_EAST)
    .withNewResourceGroup(rgName)
    .withNewPrimaryNetwork("10.0.0.0/28")
    .withPrimaryPrivateIPAddressDynamic()
    .withNewPrimaryPublicIPAddress(pipName)
    .withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS)
    .withRootUsername("tirekicker")
    .withRootPassword(password)
    .withSize(VirtualMachineSizeTypes.STANDARD_DS2_V2)
    .withOSDiskCaching(CachingTypes.READ_WRITE)
    .withManagedServiceIdentity()
    .withRoleBasedAccessToCurrentResourceGroup(BuiltInRole.CONTRIBUTOR)
    .create();

You can manage any MSI-enabled Azure resources from a virtual machine with MSI and add an MSI service principal to an Azure Active Directory security group.

Add New User to Azure Active Directory

You can add a new user to Azure Active Directory using a define() … create() method chain:

ActiveDirectoryUser user = authenticated.activeDirectoryUsers()
    .define("tirekicker")
    .withEmailAlias("tirekicker")
    .withPassword("StrongPass!12")
    .create();

Similarly, you can create and update users and groups in Active Directory.

Enable Storage Service Encryption for a Storage Account

You can enable storage service encryption at a storage account level when you create a storage account using a define() … create() method chain:

StorageAccount storageAccount = azure.storageAccounts().define(storageAccountName)
    .withRegion(Region.US_EAST)
    .withNewResourceGroup(rgName)
    .withEncryption()
    .create();

Deploy Web apps and Functions using MS Deploy

You can use MS Deploy to deploy Web apps and functions by using the deploy() method:

// Create a Web app
WebApp webApp = azure.webApps().define(webAppName)
    .withExistingWindowsPlan(plan)
    .withExistingResourceGroup(rgName)
    .withJavaVersion(JavaVersion.JAVA_8_NEWEST)
    .withWebContainer(WebContainer.TOMCAT_8_0_NEWEST)
    .create();
// Deploy a Web app using MS Deploy
webApp.deploy()
    .withPackageUri("link-to-bin-artifacts-in-storage-or-somewhere-else")
    .withExistingDeploymentsDeleted(true)
    .execute();

And..

// Create a function app 
FunctionApp functionApp = azure.appServices().functionApps()
    .define(functionAppName)
    .withExistingAppServicePlan(plan)
    .withExistingResourceGroup(rgName)
    .withExistingStorageAccount(app3.storageAccount())
    .create();
// Deploy a function using MS Deploy
functionApp.deploy()
    .withPackageUri("link-to-bin-artifacts-in-storage-or-somewhere-else")
    .withExistingDeploymentsDeleted(true)
    .execute();

Create Network Watcher and start Packet Capture

You can visualize network traffic patterns to and from virtual machines by creating and starting a packet capture using a define() … create() method chain, downloading the packet capture and visualizing network traffic patterns using open source tools:

// Create a Network Watcher
Network Watcher networkWatcher = azure.networkWatchers().define(nwName)
         .withRegion(Region.US_EAST)
         .withNewResourceGroup(rgName)
         .create();
// Start a Packet Capture
PacketCapture packetCapture = networkWatcher.packetCaptures()
    .define(packetCaptureName)
    .withTarget(virtualMachine.id())
    .withStorageAccountId(storageAccount.id())
    .withTimeLimitInSeconds(1500)
    .definePacketCaptureFilter()
         .withProtocol(PcProtocol.TCP)
         .attach()
    .create();

Similarly, you can programmatically:

  • Verify if traffic is allowed to and from a virtual machine
  • Get the next hop type and IP address for a virtual machine
  • Retrieve network topology for a resource group
  • Analyze virtual machine security by examining effective network security rules applied to a virtual machine
  • Configure network security group flow logs.

Create a Managed Cloud Search Service

You can create a managed cloud search service (Azure Search) with replicas and partitions using a define() … create() method chain:

SearchService searchService = azure.searchServices().define(searchServiceName)
    .withRegion(Region.US_EAST)
    .withNewResourceGroup(rgName)
    .withStandardSku()
    .withPartitionCount(1)
    .withReplicaCount(1)
    .create();

Similarly, you can programmatically:

  • Manage query keys
  • Update search service with replicas and partitions
  • Regenerate primary and secondary admin keys.

Try it

You can get more samples from our GitHub repo. Give it a try and let us know what you think (via e-mail or comments below).
 
You can find plenty of additional info about Java on Azure at https://azure.com/java.

  • Explore

     

    Let us know what you think of Azure and what you would like to see in the future.

     

    Provide feedback

  • Build your cloud computing and Azure skills with free courses by Microsoft Learn.

     

    Explore Azure learning


Join the conversation

Leave a Reply

Your email address will not be published. Required fields are marked *