Exemplo n.º 1
0
        public override void ExecuteCmdlet()
        {
            try
            {
                var subscriptionsList = SubscriptionId ?? new[] { DefaultContext.Subscription.Id };

                // TO-DO: Update should process string here.
                if (ShouldProcess(string.Join(",", subscriptionsList), string.Format(Resources.CreateAssignmentShouldProcessString, Name)))
                {
                    var assignment = CreateAssignmentObject(
                        this.IsParameterBound(c => c.UserAssignedIdentity)
                            ? ManagedServiceIdentityType.UserAssigned
                            : ManagedServiceIdentityType.SystemAssigned,
                        this.IsParameterBound(c => c.UserAssignedIdentity)
                            ? UserAssignedIdentity
                            : null,
                        Location,
                        Blueprint.Id,
                        Lock,
                        Parameter,
                        ResourceGroupParameter,
                        SecureStringParameter);

                    foreach (var subscription in subscriptionsList)
                    {
                        var scope = Utils.GetScopeForSubscription(subscription);
                        ThrowIfAssignmentExits(scope, Name);
                        // Register Blueprint RP
                        RegisterBlueprintRp(subscription);

                        if (!this.IsParameterBound(c => c.UserAssignedIdentity))
                        {
                            var spnObjectId = GetBlueprintSpn(scope, Name);
                            AssignOwnerPermission(subscription, spnObjectId);
                        }

                        WriteObject(BlueprintClient.CreateOrUpdateBlueprintAssignment(scope, Name, assignment));
                    }
                }
            }
            catch (Exception ex)
            {
                WriteExceptionError(ex);
            }
        }
        public override void ExecuteCmdlet()
        {
            try
            {
                var subscriptionsList = SubscriptionId ?? new[] { DefaultContext.Subscription.Id };

                switch (ParameterSetName)
                {
                case ParameterSetNames.UpdateBlueprintAssignment:

                    if (ShouldProcess(string.Join(",", subscriptionsList),
                                      string.Format(Resources.UpdateAssignmentShouldProcessString, Name)))
                    {
                        var assignment = CreateAssignmentObject(
                            this.IsParameterBound(c => c.UserAssignedIdentity)
                                    ? ManagedServiceIdentityType.UserAssigned
                                    : ManagedServiceIdentityType.SystemAssigned,
                            this.IsParameterBound(c => c.UserAssignedIdentity)
                                    ? UserAssignedIdentity
                                    : null,
                            Location,
                            Blueprint.Id,
                            Lock,
                            Parameter,
                            ResourceGroupParameter,
                            SecureStringParameter);

                        foreach (var subscription in subscriptionsList)
                        {
                            var scope = Utils.GetScopeForSubscription(subscription);
                            ThrowIfAssignmentNotExist(scope, Name);
                            // Register Blueprint RP
                            RegisterBlueprintRp(subscription);

                            if (!this.IsParameterBound(c => c.UserAssignedIdentity))
                            {
                                var spnObjectId = GetBlueprintSpn(scope, Name);
                                AssignOwnerPermission(subscription, spnObjectId);
                            }

                            WriteObject(BlueprintClient.CreateOrUpdateBlueprintAssignment(scope, Name, assignment));
                        }
                    }

                    break;

                case ParameterSetNames.UpdateBlueprintAssignmentByFile:
                    if (ShouldProcess(string.Join(",", subscriptionsList),
                                      string.Format(Resources.UpdateAssignmentShouldProcessString, Name)))
                    {
                        var parametersFilePath = GetValidatedFilePath(AssignmentFile);

                        foreach (var subscription in subscriptionsList)
                        {
                            Assignment assignmentObject;
                            try
                            {
                                assignmentObject = JsonConvert.DeserializeObject <Assignment>(
                                    AzureSession.Instance.DataStore.ReadFileAsText(parametersFilePath),
                                    DefaultJsonSettings.DeserializerSettings);
                            }
                            catch (Exception ex)
                            {
                                throw new Exception("Can't deserialize the JSON file: " + parametersFilePath + ". " + ex.Message);
                            }

                            var scope = Utils.GetScopeForSubscription(subscription);
                            ThrowIfAssignmentNotExist(scope, Name);
                            // Register Blueprint RP
                            RegisterBlueprintRp(subscription);

                            if (!this.IsParameterBound(c => c.UserAssignedIdentity))
                            {
                                var spnObjectId = GetBlueprintSpn(scope, Name);
                                AssignOwnerPermission(subscription, spnObjectId);
                            }

                            WriteObject(BlueprintClient.CreateOrUpdateBlueprintAssignment(scope, Name, assignmentObject));
                        }
                    }
                    break;

                default:
                    throw new PSInvalidOperationException();
                }
            }
            catch (Exception ex)
            {
                WriteExceptionError(ex);
            }
        }
Exemplo n.º 3
0
        public override void ExecuteCmdlet()
        {
            try
            {
                Utils.ValidateName(Name);

                var subscriptionsList = SubscriptionId ?? new[] { DefaultContext.Subscription.Id };

                switch (ParameterSetName)
                {
                case ParameterSetNames.CreateBlueprintAssignment:
                    if (ShouldProcess(string.Join(",", subscriptionsList), string.Format(Resources.CreateAssignmentShouldProcessString, Name)))
                    {
                        var assignment = CreateAssignmentObject(
                            this.IsParameterBound(c => c.UserAssignedIdentity)
                                    ? ManagedServiceIdentityType.UserAssigned
                                    : ManagedServiceIdentityType.SystemAssigned,
                            this.IsParameterBound(c => c.UserAssignedIdentity)
                                    ? UserAssignedIdentity
                                    : null,
                            Location,
                            Blueprint.Id,
                            Lock,
                            Parameter,
                            ResourceGroupParameter,
                            SecureStringParameter);

                        foreach (var subscription in subscriptionsList)
                        {
                            var scope = Utils.GetScopeForSubscription(subscription);
                            ThrowIfAssignmentExists(scope, Name);
                            // Register Blueprint RP
                            RegisterBlueprintRp(subscription);

                            if (!this.IsParameterBound(c => c.UserAssignedIdentity))
                            {
                                var spnObjectId = GetBlueprintSpn(scope, Name);
                                AssignOwnerPermission(subscription, spnObjectId);
                            }

                            WriteObject(BlueprintClient.CreateOrUpdateBlueprintAssignment(scope, Name, assignment));
                        }
                    }
                    break;

                case ParameterSetNames.CreateBlueprintAssignmentByFile:

                    if (ShouldProcess(string.Join(",", subscriptionsList), string.Format(Resources.CreateAssignmentShouldProcessString, Name)))
                    {
                        var parametersFilePath = GetValidatedFilePath(AssignmentFile);

                        foreach (var subscription in subscriptionsList)
                        {
                            Assignment assignmentObject;
                            try
                            {
                                assignmentObject = JsonConvert.DeserializeObject <Assignment>(
                                    AzureSession.Instance.DataStore.ReadFileAsText(parametersFilePath),
                                    DefaultJsonSettings.DeserializerSettings);
                            }
                            catch (Exception ex)
                            {
                                throw new Exception(string.Format(Resources.CantDeserializeJson, parametersFilePath,
                                                                  ex.Message));
                            }

                            var scope = Utils.GetScopeForSubscription(subscription);
                            ThrowIfAssignmentExists(scope, Name);
                            // Register Blueprint RP
                            RegisterBlueprintRp(subscription);

                            if (!IsUserAssignedIdentity(assignmentObject.Identity))
                            {
                                // If user assigned identity is defined as the identity in the assignment
                                // we consider the user assigned MSI, otherwise system assigned MSI.
                                //
                                // Assign owner permission to Blueprint SPN only if assignment is being done using
                                // System assigned identity.
                                // This is a no-op for user assigned identity.

                                var spnObjectId = GetBlueprintSpn(scope, Name);
                                AssignOwnerPermission(subscription, spnObjectId);
                            }

                            WriteObject(BlueprintClient.CreateOrUpdateBlueprintAssignment(scope, Name, assignmentObject));
                        }
                    }

                    break;
                }
            }
            catch (Exception ex)
            {
                WriteExceptionError(ex);
            }
        }
        public override void ExecuteCmdlet()
        {
            try
            {
                var subscriptionsList = SubscriptionId ?? new[] { DefaultContext.Subscription.Id };

                if (ShouldProcess(string.Join(",", subscriptionsList), string.Format(Resources.UpdateAssignmentShouldProcessString, Name)))
                {
                    // If explicitly requested to use user assigned identity let's do that, otherwise let's default to system assigned
                    if (this.IsParameterBound(c => c.UserAssignedIdentity))
                    {
                        var userAssignedIdentity = new Dictionary <string, UserAssignedIdentity>()
                        {
                            { UserAssignedIdentity, new UserAssignedIdentity() }
                        };

                        var assignment = CreateAssignmentObject(ManagedServiceIdentityType.UserAssigned,
                                                                userAssignedIdentity,
                                                                Location,
                                                                Blueprint.Id,
                                                                Lock,
                                                                Parameter,
                                                                ResourceGroupParameter);

                        foreach (var subscription in subscriptionsList)
                        {
                            var scope = Utils.GetScopeForSubscription(subscription);
                            ThrowIfAssignmentNotExist(scope, Name);
                            // Register Blueprint RP
                            RegisterBlueprintRp(subscription);

                            WriteObject(BlueprintClient.CreateOrUpdateBlueprintAssignment(scope, Name, assignment));
                        }
                    }
                    else
                    {
                        var assignment = CreateAssignmentObject(ManagedServiceIdentityType.SystemAssigned,
                                                                null,
                                                                Location,
                                                                Blueprint.Id,
                                                                Lock,
                                                                Parameter,
                                                                ResourceGroupParameter);

                        foreach (var subscription in subscriptionsList)
                        {
                            var scope = Utils.GetScopeForSubscription(subscription);
                            ThrowIfAssignmentNotExist(scope, Name);
                            // First Register Blueprint RP and grant owner permission to BP service principal
                            RegisterBlueprintRp(subscription);
                            var servicePrincipal = GetBlueprintSpn();
                            AssignOwnerPermission(subscription, servicePrincipal);

                            WriteObject(BlueprintClient.CreateOrUpdateBlueprintAssignment(scope, Name, assignment));
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                WriteExceptionError(ex);
            }
        }