private async Task AssignRolesToUser(Guid objectId, RenderingEnvironment environment, EnvironmentRoleAssignments roleAssignments) { var identity = new Identity.Identity { ObjectId = objectId }; // Assign RG permissions // We want to give the correct permissions to the environment RG, // but we also need to give Reader permissions to the other RGs so // we can query cost information. // ResourceId => RoleName var resourceIdsToRoles = environment.ExtractResourceGroupNames().ToDictionary( rgName => $"/subscriptions/{environment.SubscriptionId}/resourceGroups/{rgName}", rgName => rgName == environment.ResourceGroupName ? roleAssignments.EnvironmentResourceGroupRole : "Reader"); // Add the explicit resource roles resourceIdsToRoles[environment.BatchAccount.ResourceId] = roleAssignments.BatchRole; resourceIdsToRoles[environment.StorageAccount.ResourceId] = roleAssignments.StorageRole; resourceIdsToRoles[environment.KeyVault.ResourceId] = roleAssignments.KeyVaultRole; resourceIdsToRoles[environment.ApplicationInsightsAccount.ResourceId] = roleAssignments.ApplicationInsightsRole; resourceIdsToRoles[environment.Subnet.VnetResourceId] = roleAssignments.VNetRole; await Task.WhenAll(resourceIdsToRoles.Select( kvp => _azureResourceProvider.AssignRoleToIdentityAsync( environment.SubscriptionId, kvp.Key, // ResourceId/scope kvp.Value, // Role identity))); }
public async Task <EnvironmentCost> GetCost(RenderingEnvironment env, QueryTimePeriod period) { var client = await _clientAccessor.GetClient(); var usageRequest = CreateUsageRequest(env, period); IReadOnlyList <Cost> costs = await Task.WhenAll(env.ExtractResourceGroupNames().Select( async rgName => { var result = await client.GetUsageForResourceGroup(env.SubscriptionId, rgName, usageRequest); if (result.Properties == null) { return(null); } else { return(new Cost(usageRequest.TimePeriod, result)); } })); costs = costs.Where(x => x != null).ToList(); if (!costs.Any()) { return(new EnvironmentCost(env.Name, null)); } return(new EnvironmentCost(env.Name, costs.Aggregate(Cost.Aggregate))); }