/// <summary> /// Ensures that a resource group with the specified name exists. If it does not, will attempt to create one. /// </summary> /// <param name="resourceManagementClient">The resource manager client.</param> /// <param name="resourceGroupName">The name of the resource group.</param> /// <param name="resourceGroupLocation">The resource group location. Required when creating a new resource group.</param> public async Task <ResourceGroup> EnsureResourceGroupExists(string resourceGroupName, string resourceGroupLocation, Tags tags) { ServiceClientCredentials serviceClientCredentials = await _authenticationHelper.GetServiceClientCredentials(ApplicationConstants.RESOURCE_URI.MANAGEMENT); Microsoft.Azure.Management.ResourceManager.ResourceManagementClient resourceManagementClient = new Microsoft.Azure.Management.ResourceManager.ResourceManagementClient(serviceClientCredentials); resourceManagementClient.SubscriptionId = _appSettings.Subscriptionid; if (!resourceManagementClient.ResourceGroups.CheckExistence(resourceGroupName)) { var resourceGroup = new ResourceGroup(); var keyValueTags = tags.GetTags(); resourceGroup.Tags = new Dictionary <string, string>(); if (tags != null && keyValueTags.Count > 0) { foreach (KeyValuePair <string, string> tag in keyValueTags) { resourceGroup.Tags.Add(tag); } } resourceGroup.Location = resourceGroupLocation; return(await resourceManagementClient.ResourceGroups.CreateOrUpdateAsync(resourceGroupName, resourceGroup)); } else { return(await resourceManagementClient.ResourceGroups.GetAsync(resourceGroupName)); } }
/// <summary> /// EnsureUserExistsInGroup /// </summary> /// <param name="groupName"></param> /// <param name="userId"></param> /// <returns></returns> private async Task EnsureUserExistsInGroup(string groupId, string userId) { ServiceClientCredentials credentails = await _authenticationHelper.GetServiceClientCredentials(ApplicationConstants.RESOURCE_URI.AD_GRAPH); GraphRbacManagementClient rbacClient = new GraphRbacManagementClient(credentails); rbacClient.TenantID = _appSettings.TenantId; CheckGroupMembershipParameters parameters = new CheckGroupMembershipParameters() { MemberId = userId, GroupId = groupId }; var isMemberExists = await rbacClient.Groups.IsMemberOfAsync(parameters); if (isMemberExists.Value.HasValue && isMemberExists.Value.Value) { } else { string url = $"{ApplicationConstants.BASE_URL.AD_GRAPH}{_appSettings.TenantId}/directoryObjects/{userId}"; GroupAddMemberParameters grouParameters = new GroupAddMemberParameters() { Url = url }; await rbacClient.Groups.AddMemberAsync(groupId, grouParameters); } }
/// <summary> /// Assigns the initiative /// </summary> /// <param name="initiativeName"></param> /// <param name="scope"></param> /// <param name="assignmentName"></param> /// <returns></returns> public async Task <PolicyAssignment> AssignInitiative(string initiativeName, string projectCode, string scope, string assignmentName, Tags tags) { var serviceCredentials = await _authenticationHelper.GetServiceClientCredentials(ApplicationConstants.RESOURCE_URI.MANAGEMENT); PolicyClient client = new PolicyClient(serviceCredentials); string subscriptionid = _appSettings.Subscriptionid; client.SubscriptionId = subscriptionid; PolicyAssignment existingAssignment = null; try { existingAssignment = await client.PolicyAssignments.GetAsync(scope, assignmentName); } catch (ErrorResponseException) { } if (existingAssignment != null) { await client.PolicyAssignments.DeleteAsync(scope, assignmentName); } var initiativeParameters = GetInitiativeParameters(tags, projectCode); var json = JsonConvert.SerializeObject(initiativeParameters); var parameters = JObject.Parse(json); PolicySetDefinition initiative = await client.PolicySetDefinitions.GetAsync(initiativeName); PolicyAssignment assignment = new PolicyAssignment(); assignment.PolicyDefinitionId = initiative.Id; assignment.Parameters = parameters; return(await client.PolicyAssignments.CreateAsync(scope, assignmentName, assignment)); }