Azure Management Libraries for Java - v1.2

8월 30, 2017에 게시됨

Principal Program Manager, Azure Developer Experience

We released 1.2 of the Azure Management Libraries for Java. This release adds support for additional security and deployment features, and more Azure services:

  • Managed service identity
  • Create users in Azure Active Directory, update service principals and assign permissions to apps
  • Storage service encryption
  • Deploy Web apps and functions using MS Deploy
  • Network watcher service
  • Search service

https://github.com/Azure/azure-sdk-for-java

Getting Started

Add the following dependency fragment to your Maven POM file to use 1.2 version of the libraries:

<dependency>
    <groupId>com.microsoft.azure</groupId>
    <artifactId>azure</artifactId>
    <version>1.2.1</version>
</dependency>

Create a Virtual Machine with Managed Service Identity (MSI)

You can create a virtual machine with MSI enabled using a define() … create() method chain:

VirtualMachine virtualMachine = azure.virtualMachines().define("myLinuxVM")
    .withRegion(Region.US_EAST)
    .withNewResourceGroup(rgName)
    .withNewPrimaryNetwork("10.0.0.0/28")
    .withPrimaryPrivateIPAddressDynamic()
    .withNewPrimaryPublicIPAddress(pipName)
    .withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS)
    .withRootUsername("tirekicker")
    .withRootPassword(password)
    .withSize(VirtualMachineSizeTypes.STANDARD_DS2_V2)
    .withOSDiskCaching(CachingTypes.READ_WRITE)
    .withManagedServiceIdentity()
    .withRoleBasedAccessToCurrentResourceGroup(BuiltInRole.CONTRIBUTOR)
    .create();

You can manage any MSI-enabled Azure resources from a virtual machine with MSI and add an MSI service principal to an Azure Active Directory security group.

Add New User to Azure Active Directory

You can add a new user to Azure Active Directory using a define() … create() method chain:

ActiveDirectoryUser user = authenticated.activeDirectoryUsers()
    .define("tirekicker")
    .withEmailAlias("tirekicker")
    .withPassword("StrongPass!12")
    .create();

Similarly, you can create and update users and groups in Active Directory.

Enable Storage Service Encryption for a Storage Account

You can enable storage service encryption at a storage account level when you create a storage account using a define() … create() method chain:

StorageAccount storageAccount = azure.storageAccounts().define(storageAccountName)
    .withRegion(Region.US_EAST)
    .withNewResourceGroup(rgName)
    .withEncryption()
    .create();

Deploy Web apps and Functions using MS Deploy

You can use MS Deploy to deploy Web apps and functions by using the deploy() method:

// Create a Web app
WebApp webApp = azure.webApps().define(webAppName)
    .withExistingWindowsPlan(plan)
    .withExistingResourceGroup(rgName)
    .withJavaVersion(JavaVersion.JAVA_8_NEWEST)
    .withWebContainer(WebContainer.TOMCAT_8_0_NEWEST)
    .create();
// Deploy a Web app using MS Deploy
webApp.deploy()
    .withPackageUri("link-to-bin-artifacts-in-storage-or-somewhere-else")
    .withExistingDeploymentsDeleted(true)
    .execute();

And..

// Create a function app 
FunctionApp functionApp = azure.appServices().functionApps()
    .define(functionAppName)
    .withExistingAppServicePlan(plan)
    .withExistingResourceGroup(rgName)
    .withExistingStorageAccount(app3.storageAccount())
    .create();
// Deploy a function using MS Deploy
functionApp.deploy()
    .withPackageUri("link-to-bin-artifacts-in-storage-or-somewhere-else")
    .withExistingDeploymentsDeleted(true)
    .execute();

Create Network Watcher and start Packet Capture

You can visualize network traffic patterns to and from virtual machines by creating and starting a packet capture using a define() … create() method chain, downloading the packet capture and visualizing network traffic patterns using open source tools:

// Create a Network Watcher
Network Watcher networkWatcher = azure.networkWatchers().define(nwName)
         .withRegion(Region.US_EAST)
         .withNewResourceGroup(rgName)
         .create();
// Start a Packet Capture
PacketCapture packetCapture = networkWatcher.packetCaptures()
    .define(packetCaptureName)
    .withTarget(virtualMachine.id())
    .withStorageAccountId(storageAccount.id())
    .withTimeLimitInSeconds(1500)
    .definePacketCaptureFilter()
         .withProtocol(PcProtocol.TCP)
         .attach()
    .create();

Similarly, you can programmatically:

  • Verify if traffic is allowed to and from a virtual machine
  • Get the next hop type and IP address for a virtual machine
  • Retrieve network topology for a resource group
  • Analyze virtual machine security by examining effective network security rules applied to a virtual machine
  • Configure network security group flow logs.

Create a Managed Cloud Search Service

You can create a managed cloud search service (Azure Search) with replicas and partitions using a define() … create() method chain:

SearchService searchService = azure.searchServices().define(searchServiceName)
    .withRegion(Region.US_EAST)
    .withNewResourceGroup(rgName)
    .withStandardSku()
    .withPartitionCount(1)
    .withReplicaCount(1)
    .create();

Similarly, you can programmatically:

  • Manage query keys
  • Update search service with replicas and partitions
  • Regenerate primary and secondary admin keys.

Try it

You can get more samples from our GitHub repo. Give it a try and let us know what you think (via e-mail or comments below).
 
You can find plenty of additional info about Java on Azure at http://azure.com/java.