private static AzureMonitorClient CreateNewAzureMonitorClient(AzureEnvironment cloud, string tenantId, string subscriptionId, MetricSinkWriter metricSinkWriter, IAzureScrapingPrometheusMetricsCollector azureScrapingPrometheusMetricsCollector, IMemoryCache resourceMetricDefinitionMemoryCache, IConfiguration configuration, IOptions <AzureMonitorIntegrationConfiguration> azureMonitorIntegrationConfiguration, IOptions <AzureMonitorLoggingConfiguration> azureMonitorLoggingConfiguration, ILoggerFactory loggerFactory)
{
var azureCredentials = AzureAuthenticationFactory.GetConfiguredAzureAuthentication(configuration);
var azureMonitorClient = new AzureMonitorClient(cloud, tenantId, subscriptionId, azureCredentials, metricSinkWriter, azureScrapingPrometheusMetricsCollector, resourceMetricDefinitionMemoryCache, loggerFactory, azureMonitorIntegrationConfiguration, azureMonitorLoggingConfiguration);
return(azureMonitorClient);
}
private static AzureMonitorClient CreateNewAzureMonitorClient(AzureEnvironment cloud, string tenantId, string subscriptionId, MetricSinkWriter metricSinkWriter, IRuntimeMetricsCollector metricsCollector, IConfiguration configuration, IOptions <AzureMonitorLoggingConfiguration> azureMonitorLoggingConfiguration, ILoggerFactory loggerFactory)
{
var azureCredentials = AzureAuthenticationFactory.GetConfiguredAzureAuthentication(configuration);
var azureMonitorClient = new AzureMonitorClient(cloud, tenantId, subscriptionId, azureCredentials, azureMonitorLoggingConfiguration, metricSinkWriter, metricsCollector, loggerFactory);
return(azureMonitorClient);
}
public AzureResourceGraph(IOptionsMonitor <ResourceDeclaration> resourceDeclarationMonitor, IConfiguration configuration, ILogger <AzureResourceGraph> logger)
{
Guard.NotNull(resourceDeclarationMonitor, nameof(resourceDeclarationMonitor));
Guard.NotNull(resourceDeclarationMonitor.CurrentValue, nameof(resourceDeclarationMonitor.CurrentValue));
Guard.NotNull(resourceDeclarationMonitor.CurrentValue.AzureLandscape, nameof(resourceDeclarationMonitor.CurrentValue.AzureLandscape));
Guard.NotNull(configuration, nameof(configuration));
Guard.NotNull(logger, nameof(logger));
_logger = logger;
_resourceDeclarationMonitor = resourceDeclarationMonitor;
_azureAuthenticationInfo = AzureAuthenticationFactory.GetConfiguredAzureAuthentication(configuration);
}
public ValidationResult Run()
{
try
{
AzureAuthenticationFactory.GetConfiguredAzureAuthentication(_configuration);
return(ValidationResult.Successful(ComponentName));
}
catch (AuthenticationException authenticationException)
{
return(ValidationResult.Failure(ComponentName, $"Azure authentication is not configured correctly - {authenticationException.Message}"));
}
}
public void GetConfiguredAzureAuthentication_UserAssignedManagedIdentityWithInvalidIdentity_Fails(string identityId)
{
// Arrange
var expectedAuthenticationMode = AuthenticationMode.UserAssignedManagedIdentity;
var inMemoryConfiguration = new Dictionary <string, string>
{
{ ConfigurationKeys.Authentication.Mode, expectedAuthenticationMode.ToString() },
{ ConfigurationKeys.Authentication.IdentityId, identityId },
};
var config = CreateConfiguration(inMemoryConfiguration);
// Act & Assert
Assert.Throws <AuthenticationException>(() => AzureAuthenticationFactory.GetConfiguredAzureAuthentication(config));
}
public void GetConfiguredAzureAuthentication_ServicePrincipleWithInvalidSecret_Fails(string identitySecret)
{
// Arrange
var expectedIdentityId = Guid.NewGuid().ToString();
var expectedAuthenticationMode = AuthenticationMode.ServicePrincipal;
var inMemoryConfiguration = new Dictionary <string, string>
{
{ ConfigurationKeys.Authentication.Mode, expectedAuthenticationMode.ToString() },
{ EnvironmentVariables.Authentication.ApplicationId, expectedIdentityId },
{ EnvironmentVariables.Authentication.ApplicationKey, identitySecret },
};
var config = CreateConfiguration(inMemoryConfiguration);
// Act & Assert
Assert.Throws <AuthenticationException>(() => AzureAuthenticationFactory.GetConfiguredAzureAuthentication(config));
}
public void GetConfiguredAzureAuthentication_SystemAssignedManagedIdentityIsValid_Succeeds()
{
// Arrange
var expectedAuthenticationMode = AuthenticationMode.SystemAssignedManagedIdentity;
var inMemoryConfiguration = new Dictionary <string, string>
{
{ ConfigurationKeys.Authentication.Mode, expectedAuthenticationMode.ToString() },
};
var config = CreateConfiguration(inMemoryConfiguration);
// Act
var authenticationInfo = AzureAuthenticationFactory.GetConfiguredAzureAuthentication(config);
// Assert
Assert.Equal(expectedAuthenticationMode, authenticationInfo.Mode);
Assert.Null(authenticationInfo.IdentityId);
Assert.Null(authenticationInfo.Secret);
}
public void GetConfiguredAzureAuthentication_NoAuthenticationModeIsConfigured_DefaultsToServicePrinciple()
{
// Arrange
var expectedIdentityId = Guid.NewGuid().ToString();
var expectedSecret = Guid.NewGuid().ToString();
var inMemoryConfiguration = new Dictionary <string, string>
{
{ ConfigurationKeys.Authentication.IdentityId, expectedIdentityId },
{ EnvironmentVariables.Authentication.ApplicationKey, expectedSecret },
};
var config = CreateConfiguration(inMemoryConfiguration);
// Act
var authenticationInfo = AzureAuthenticationFactory.GetConfiguredAzureAuthentication(config);
// Assert
Assert.Equal(AuthenticationMode.ServicePrincipal, authenticationInfo.Mode);
Assert.Equal(expectedIdentityId, authenticationInfo.IdentityId);
Assert.Equal(expectedSecret, authenticationInfo.Secret);
}
public void GetConfiguredAzureAuthentication_ServicePrincipleIsValidWithLegacyAndNewConfig_UsesNewConfig()
{
// Arrange
var configuredIdentityIdThroughNewApproach = Guid.NewGuid().ToString();
var configuredIdentityIdThroughLegacyApproach = Guid.NewGuid().ToString();
var expectedSecret = Guid.NewGuid().ToString();
var expectedAuthenticationMode = AuthenticationMode.ServicePrincipal;
var inMemoryConfiguration = new Dictionary <string, string>
{
{ ConfigurationKeys.Authentication.Mode, expectedAuthenticationMode.ToString() },
{ ConfigurationKeys.Authentication.IdentityId, configuredIdentityIdThroughNewApproach },
{ EnvironmentVariables.Authentication.ApplicationId, configuredIdentityIdThroughLegacyApproach },
{ EnvironmentVariables.Authentication.ApplicationKey, expectedSecret },
};
var config = CreateConfiguration(inMemoryConfiguration);
// Act
var authenticationInfo = AzureAuthenticationFactory.GetConfiguredAzureAuthentication(config);
// Assert
Assert.Equal(expectedAuthenticationMode, authenticationInfo.Mode);
Assert.Equal(configuredIdentityIdThroughNewApproach, authenticationInfo.IdentityId);
Assert.Equal(expectedSecret, authenticationInfo.Secret);
}
