[英]Azure assign role to VM with Java SDK
I am writing a Java program that creates a VM and accesses files from a storage.我正在编写一个 Java 程序,它创建一个 VM 并从存储访问文件。 However, I am having trouble to assign that VM the role "Storage contributor/owner", so that it can.但是,我无法为该 VM 分配“存储贡献者/所有者”角色,以便它可以。
I currently have this code, but I'm not sure if it's what I need and also I don't know what to write at some places:我目前有这个代码,但我不确定它是否是我需要的,而且我不知道在某些地方写什么:
rbacManager = GraphRbacManager.authenticate( credentials );
rbacManager.roleAssignments()
.define("roletest")
// which object? and where to find the ID?
.forObjectId("/subscription/" + subscription + "?")
.withBuiltInRole(com.microsoft.azure.management.graphrbac.BuiltInRole.STORAGE_ACCOUNT_CONTRIBUTOR)
// what should go as resource scope?
.withResourceScope(?)
.createAsync();
Esentially I want to do this step in Java code:基本上我想在 Java 代码中执行此步骤:
Thank you in advance!先感谢您!
Regarding the issue, please refer to the following steps关于该问题,请参考以下步骤
Owner
Role to the sp创建服务主体并将Owner
角色分配给 spaz login
az ad sp create-for-rbac -n "MyApp" --role "Owner"\
--scopes /subscriptions/{SubID} \
--sdk-auth
a.一种。 sdk软件开发工具包
<dependency>
<groupId>com.azure.resourcemanager</groupId>
<artifactId>azure-resourcemanager</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity</artifactId>
<version>1.2.0</version>
</dependency>
b.湾code代码
AzureProfile profile = new AzureProfile(AzureEnvironment.AZURE);
String clientId="<sp appid>";
String clientSecret="<sp password>";
String tenant="";
String subscriptionId=""
TokenCredential credential = new ClientSecretCredentialBuilder()
.clientId(clientId)
.clientSecret(clientSecret)
.authorityHost(profile.getEnvironment().getActiveDirectoryEndpoint())
.tenantId(tenant)
.build();
AzureResourceManager azureResourceManager = AzureResourceManager
.configure()
.withLogLevel(HttpLogDetailLevel.BASIC)
.authenticate(credential, profile)
.withSubscription(subscriptionId);
// get storage account
String accountGroup="";
String accountName="";
StorageAccount account = azureResourceManager.storageAccounts().getByResourceGroup(accountGroup,accountName);
// get vm
String vmGroup="";
String vmName="test";
VirtualMachine virtualMachine = azureResourceManager.virtualMachines().getByResourceGroup(vmGroup,vmName);
virtualMachine.update()
.withSystemAssignedManagedServiceIdentity()
.withSystemAssignedIdentityBasedAccessTo(account.id(), BuiltInRole.fromString("Storage Blob Data Owner"))
.apply();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.