public DeploymentManagerClientHelper(TestBase testBase, MockContext context, RecordedDelegatingHandler handler)
        {
            _testBase = testBase;
            _context  = context;

            resourceManagementClient     = DeploymentManagerTestUtilities.GetResourceManagementClient(context, handler);
            storageManagementClient      = DeploymentManagerTestUtilities.GetStorageManagementClient(context, handler);
            managedServiceIdentityClient = DeploymentManagerTestUtilities.GetManagedServiceIdentityClient(context, handler);
            authorizationClient          = DeploymentManagerTestUtilities.GetAuthorizationManagementClient(context, handler);
        }
        public string CreateManagedIdentity(
            string subscriptionId,
            string identityName)
        {
            if (HttpMockServer.Mode == HttpRecorderMode.Record)
            {
                var parameters = new Microsoft.Azure.Management.ManagedServiceIdentity.Models.Identity()
                {
                    Location = this.GetProviderLocation("Microsoft.ManagedIdentity", "userAssignedIdentities")
                };

                var identity = this.managedServiceIdentityClient.UserAssignedIdentities.CreateOrUpdate(
                    this.ResourceGroupName,
                    identityName,
                    parameters);

                Assert.NotNull(identity);

                // Give a couple minutes for the MSI to propagate. Observed failures of principalId not being found in the tenant
                // when there is no wait time between MSI creation and role assignment.
                DeploymentManagerTestUtilities.Sleep(TimeSpan.FromMinutes(2));

                var scope = "/subscriptions/" + subscriptionId;
                var roleDefinitionList = this.authorizationClient.RoleDefinitions.List(
                    scope,
                    new Microsoft.Rest.Azure.OData.ODataQuery <Microsoft.Azure.Management.Authorization.Models.RoleDefinitionFilter>("roleName eq 'Contributor'"));

                var roleAssignmentName       = Guid.NewGuid().ToString();
                var roleAssignmentParameters = new Microsoft.Azure.Management.Authorization.Models.RoleAssignmentCreateParameters()
                {
                    PrincipalId      = identity.PrincipalId.ToString(),
                    RoleDefinitionId = roleDefinitionList.First().Id,
                    CanDelegate      = false
                };

                var roleAssignment = this.authorizationClient.RoleAssignments.Create(
                    scope,
                    roleAssignmentName,
                    roleAssignmentParameters);
                Assert.NotNull(roleAssignment);

                // Add additional wait time after role assignment to propagate permissions. Observed
                // no permissions to modify resource group errors without wait time.
                DeploymentManagerTestUtilities.Sleep(TimeSpan.FromMinutes(1));

                roleAssignment = this.authorizationClient.RoleAssignments.Get(
                    scope,
                    roleAssignmentName);
                Assert.NotNull(roleAssignment);

                return(identity.Id);
            }

            return("dummyIdentity");
        }