/// <summary>
/// Ensures that a resource group with the specified name exists. If it does not, will attempt to create one.
/// </summary>
/// <param name="resourceManagementClient">The resource manager client.</param>
/// <param name="resourceGroupName">The name of the resource group.</param>
/// <param name="resourceGroupLocation">The resource group location. Required when creating a new resource group.</param>
public async Task <ResourceGroup> EnsureResourceGroupExists(string resourceGroupName, string resourceGroupLocation, Tags tags)
{
ServiceClientCredentials serviceClientCredentials = await _authenticationHelper.GetServiceClientCredentials(ApplicationConstants.RESOURCE_URI.MANAGEMENT);
Microsoft.Azure.Management.ResourceManager.ResourceManagementClient resourceManagementClient = new Microsoft.Azure.Management.ResourceManager.ResourceManagementClient(serviceClientCredentials);
resourceManagementClient.SubscriptionId = _appSettings.Subscriptionid;
if (!resourceManagementClient.ResourceGroups.CheckExistence(resourceGroupName))
{
var resourceGroup = new ResourceGroup();
var keyValueTags = tags.GetTags();
resourceGroup.Tags = new Dictionary <string, string>();
if (tags != null && keyValueTags.Count > 0)
{
foreach (KeyValuePair <string, string> tag in keyValueTags)
{
resourceGroup.Tags.Add(tag);
}
}
resourceGroup.Location = resourceGroupLocation;
return(await resourceManagementClient.ResourceGroups.CreateOrUpdateAsync(resourceGroupName, resourceGroup));
}
else
{
return(await resourceManagementClient.ResourceGroups.GetAsync(resourceGroupName));
}
}
/// <summary>
/// EnsureUserExistsInGroup
/// </summary>
/// <param name="groupName"></param>
/// <param name="userId"></param>
/// <returns></returns>
private async Task EnsureUserExistsInGroup(string groupId, string userId)
{
ServiceClientCredentials credentails = await _authenticationHelper.GetServiceClientCredentials(ApplicationConstants.RESOURCE_URI.AD_GRAPH);
GraphRbacManagementClient rbacClient = new GraphRbacManagementClient(credentails);
rbacClient.TenantID = _appSettings.TenantId;
CheckGroupMembershipParameters parameters = new CheckGroupMembershipParameters()
{
MemberId = userId, GroupId = groupId
};
var isMemberExists = await rbacClient.Groups.IsMemberOfAsync(parameters);
if (isMemberExists.Value.HasValue && isMemberExists.Value.Value)
{
}
else
{
string url = $"{ApplicationConstants.BASE_URL.AD_GRAPH}{_appSettings.TenantId}/directoryObjects/{userId}";
GroupAddMemberParameters grouParameters = new GroupAddMemberParameters()
{
Url = url
};
await rbacClient.Groups.AddMemberAsync(groupId, grouParameters);
}
}
/// <summary>
/// Assigns the initiative
/// </summary>
/// <param name="initiativeName"></param>
/// <param name="scope"></param>
/// <param name="assignmentName"></param>
/// <returns></returns>
public async Task <PolicyAssignment> AssignInitiative(string initiativeName, string projectCode, string scope, string assignmentName, Tags tags)
{
var serviceCredentials = await _authenticationHelper.GetServiceClientCredentials(ApplicationConstants.RESOURCE_URI.MANAGEMENT);
PolicyClient client = new PolicyClient(serviceCredentials);
string subscriptionid = _appSettings.Subscriptionid;
client.SubscriptionId = subscriptionid;
PolicyAssignment existingAssignment = null;
try
{
existingAssignment = await client.PolicyAssignments.GetAsync(scope, assignmentName);
}
catch (ErrorResponseException) { }
if (existingAssignment != null)
{
await client.PolicyAssignments.DeleteAsync(scope, assignmentName);
}
var initiativeParameters = GetInitiativeParameters(tags, projectCode);
var json = JsonConvert.SerializeObject(initiativeParameters);
var parameters = JObject.Parse(json);
PolicySetDefinition initiative = await client.PolicySetDefinitions.GetAsync(initiativeName);
PolicyAssignment assignment = new PolicyAssignment();
assignment.PolicyDefinitionId = initiative.Id;
assignment.Parameters = parameters;
return(await client.PolicyAssignments.CreateAsync(scope, assignmentName, assignment));
}
