static void CallRoleAssignmentStorageAccountContainer(ConfigBody config, string token) { var raManager = new RoleAssignmentManager(config); Console.Write("PrincipalId (leave empty for '1f1f96f9 -cd7d-468e-8cfb-d241fbff99a2': "); string principalId = Console.ReadLine(); if (string.IsNullOrEmpty(principalId)) { principalId = "1f1f96f9-cd7d-468e-8cfb-d241fbff99a2"; } Console.Write("Resource Group Name (leave empty for 'test-rg': "); string rgName = Console.ReadLine(); if (string.IsNullOrEmpty(rgName)) { rgName = "test-rg"; } Console.Write("Storage Account Name (leave empty for 'sa36574457': "); string saName = Console.ReadLine(); if (string.IsNullOrEmpty(saName)) { saName = "sa36574457"; } Console.Write("Container Name (leave empty for 'container1': "); string containerName = Console.ReadLine(); if (string.IsNullOrEmpty(containerName)) { containerName = "container1"; } var raParams = new RoleAssignmentParams() { PrincipalId = principalId, ResourceGroupName = rgName, StorageAccountName = saName, ContainerName = containerName }; var result = raManager.SetAssignmentAsync(token, raParams).Result; Console.WriteLine(); Console.WriteLine(result.Message); Console.WriteLine(); Console.WriteLine(result.ResponseBody); }
public async Task <RoleAssignmentResponse> SetAssignmentAsync(string authToken, RoleAssignmentParams raParams) { //Visual Studio Enterprise string subscriptionId = _config.subscriptionId; string roleAssignmentId = Guid.NewGuid().ToString(); //Mary Smith string principalId = raParams.PrincipalId; string rgName = raParams.ResourceGroupName; string saName = raParams.StorageAccountName; string containerName = raParams.ContainerName; string scope = $"subscriptions/{subscriptionId}/resourceGroups/{rgName}/providers/Microsoft.Storage/storageAccounts/{saName}/blobServices/default/containers/{containerName}"; //Built-in-Role Storage Blob Data Reader //https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#storage-blob-data-reader string roleId = "2a2b9908-6ea1-4ae2-8e65-a410df84e7d1"; string roleDefinitionId = $"{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleId}"; //PUT string assignmentUrl = $"https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentId}?api-version=2018-01-01-preview"; var ra = new RoleAssigmentRequestBody() { properties = new RoleAssignmentProperty() { roleDefinitionId = roleDefinitionId, principalId = principalId } }; var client = new HttpClient(); var authorizationHeader = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", authToken); client.DefaultRequestHeaders.Authorization = authorizationHeader; client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); string raString = JsonSerializer.Serialize <RoleAssigmentRequestBody>(ra); var content = new StringContent(raString, Encoding.UTF8, "application/json"); var response = await client.PutAsync(assignmentUrl, content); var responseBody = response.Content.ReadAsStringAsync().Result; var raResponse = new RoleAssignmentResponse(); raResponse.Message = "Error: See response body"; if (response.IsSuccessStatusCode) { raResponse = JsonSerializer.Deserialize <RoleAssignmentResponse>(responseBody); raResponse.Message = "Successful Role assignment!!"; } raResponse.ResponseBody = responseBody; return(raResponse); }