Hybrid-Resource-Manager-Ruby-Resources-And-Groups

Dernière mise à jour : 16/01/2019
Modifier sur GitHub

This sample explains how to manage your resources and resource groups in Azure Stack using the Azure Ruby SDK.

On this page

Run this sample

  1. If you don't already have it, install Ruby and the Ruby DevKit.

  2. If you don't have bundler, install it.

    gem install bundler
    
  3. Clone the repository.

    git clone https://github.com/Azure-Samples/Hybrid-Resource-Manager-Ruby-Resources-And-Groups.git
    
  4. Install the dependencies using bundle.

    cd Hybrid-Resource-Manager-Ruby-Resources-And-Groups
    bundle install
    
  5. If not available, create a subscription and save the subscription ID to be used later.

  6. Create a service principal to work against AzureStack. Make sure your service principal has contributor/owner role on your subscription.

  7. Set the following environment variables using the information from the service principal that you created.

    export AZURE_TENANT_ID={your tenant id}
    export AZURE_CLIENT_ID={your client id}
    export AZURE_CLIENT_SECRET={your client secret}
    export AZURE_SUBSCRIPTION_ID={your subscription id}
    export ARM_ENDPOINT={your AzureStack Resource manager url}
    

    [AZURE.NOTE] On Windows, use set instead of export.

  8. To target Azure Stack environment, API-Version Profile V2017_03_09 or V2018_03_01 should be used to create the resource client.

    Example: ruby client = Azure::Resources::Profiles::V2018_03_01::Mgmt::Client.new(options)

  9. To authenticate the Service Principal against Azure Stack environment, the endpoints should be defined using get_active_directory_settings(). This method uses the ARM_Endpoint environment variable that was set using step 7.

    # Get Authentication endpoints using Arm Metadata Endpoints
    def get_active_directory_settings(armEndpoint)
        settings = MsRestAzure::ActiveDirectoryServiceSettings.new
        response = Net::HTTP.get_response(URI("#{armEndpoint}/metadata/endpoints?api-version=1.0"))
        status_code = response.code
        response_content = response.body
        unless status_code == "200"
            error_model = JSON.load(response_content)
            fail MsRestAzure::AzureOperationError.new("Getting Azure Stack Metadata Endpoints", response, error_model)
        end
    
        result = JSON.load(response_content)
        settings.authentication_endpoint = result['authentication']['loginEndpoint'] unless result['authentication']['loginEndpoint'].nil?
        settings.token_audience = result['authentication']['audiences'][0] unless result['authentication']['audiences'][0].nil?
        settings
    end
    
  10. Run the sample.

    bundle exec ruby example.rb
    

What is example.rb doing?

The sample walks you through several resource and resource group management operations. It starts by setting up a ResourceManagementClient object using your subscription and credentials.

subscription_id = ENV['AZURE_SUBSCRIPTION_ID'] || '11111111-1111-1111-1111-111111111111'

# This parameter is only required for AzureStack or other soverign clouds. Pulic Azure already has these settings by default.
active_directory_settings = get_active_directory_settings(ENV['ARM_ENDPOINT'])

provider = MsRestAzure::ApplicationTokenProvider.new(
    ENV['AZURE_TENANT_ID'],
    ENV['AZURE_CLIENT_ID'],
    ENV['AZURE_CLIENT_SECRET'],
    active_directory_settings
)

credentials = MsRest::TokenCredentials.new(provider)
options = {
    credentials: credentials,
    subscription_id: subscription_id,
    active_directory_settings: active_directory_settings,
    base_url: ENV['ARM_ENDPOINT']
}

client = Azure::Resources::Profiles::V2018_03_01::Mgmt::Client.new(options)

It also sets up a ResourceGroup object (resource_group_params) to be used as a parameter in some of the API calls.

resource_group_params = Azure::ARM::Resources::Models::ResourceGroup.new.tap do |rg|
    rg.location = `local`
end

There are a couple of supporting functions (print_item and print_properties) that print a resource group and it's properties. With that set up, the sample lists all resource groups for your subscription, it performs these operations.

List resource groups

List the resource groups in your subscription.

 client.resource_groups.list.value.each{ |group| print_item(group) }

Create a resource group

client.resource_groups.create_or_update('azure-sample-group', resource_group_params)

Update a resource group

The sample adds a tag to the resource group.

resource_group_params.tags = { hello: 'world' }
client.resource_groups.create_or_update('azure-sample-group', resource_group_params)

Create a key vault in the resource group

key_vault_params = Azure::ARM::Resources::Models::GenericResource.new.tap do |rg|
    rg.location = WEST_US
    rg.properties = {
        sku: { family: 'A', name: 'standard' },
        tenantId: ENV['AZURE_TENANT_ID'],
        accessPolicies: [],
        enabledForDeployment: true,
        enabledForTemplateDeployment: true,
        enabledForDiskEncryption: true
    }
  end
  client.resources.create_or_update(GROUP_NAME,
                                    'Microsoft.KeyVault',
                                    '',
                                    'vaults',
                                    'azureSampleVault',
                                    '2015-06-01',
                                    key_vault_params)

List resources within the group

client.resource_groups.list_resources(GROUP_NAME).value.each{ |resource| print_item(resource) }

Export the resource group template

You can export the resource group as a template and then use that to deploy your resources to Azure.

export_params = Azure::ARM::Resources::Models::ExportTemplateRequest.new.tap do |rg|
    rg.resources = ['*']
end
client.resource_groups.export_template(GROUP_NAME, export_params)

Delete a resource group

client.resource_groups.delete('azure-sample-group')