示例#1
0
        static void CallRoleAssignmentStorageAccountContainer(ConfigBody config, string token)
        {
            var raManager = new RoleAssignmentManager(config);

            Console.Write("PrincipalId (leave empty for '1f1f96f9 -cd7d-468e-8cfb-d241fbff99a2': ");
            string principalId = Console.ReadLine();

            if (string.IsNullOrEmpty(principalId))
            {
                principalId = "1f1f96f9-cd7d-468e-8cfb-d241fbff99a2";
            }

            Console.Write("Resource Group Name (leave empty for 'test-rg': ");
            string rgName = Console.ReadLine();

            if (string.IsNullOrEmpty(rgName))
            {
                rgName = "test-rg";
            }

            Console.Write("Storage Account Name (leave empty for 'sa36574457': ");
            string saName = Console.ReadLine();

            if (string.IsNullOrEmpty(saName))
            {
                saName = "sa36574457";
            }

            Console.Write("Container Name (leave empty for 'container1': ");
            string containerName = Console.ReadLine();

            if (string.IsNullOrEmpty(containerName))
            {
                containerName = "container1";
            }

            var raParams = new RoleAssignmentParams()
            {
                PrincipalId        = principalId,
                ResourceGroupName  = rgName,
                StorageAccountName = saName,
                ContainerName      = containerName
            };

            var result = raManager.SetAssignmentAsync(token, raParams).Result;

            Console.WriteLine();
            Console.WriteLine(result.Message);
            Console.WriteLine();
            Console.WriteLine(result.ResponseBody);
        }
        public async Task <RoleAssignmentResponse> SetAssignmentAsync(string authToken, RoleAssignmentParams raParams)
        {
            //Visual Studio Enterprise
            string subscriptionId   = _config.subscriptionId;
            string roleAssignmentId = Guid.NewGuid().ToString();

            //Mary Smith
            string principalId   = raParams.PrincipalId;
            string rgName        = raParams.ResourceGroupName;
            string saName        = raParams.StorageAccountName;
            string containerName = raParams.ContainerName;

            string scope = $"subscriptions/{subscriptionId}/resourceGroups/{rgName}/providers/Microsoft.Storage/storageAccounts/{saName}/blobServices/default/containers/{containerName}";

            //Built-in-Role Storage Blob Data Reader
            //https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#storage-blob-data-reader
            string roleId           = "2a2b9908-6ea1-4ae2-8e65-a410df84e7d1";
            string roleDefinitionId = $"{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleId}";

            //PUT
            string assignmentUrl = $"https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentId}?api-version=2018-01-01-preview";

            var ra = new RoleAssigmentRequestBody()
            {
                properties = new RoleAssignmentProperty()
                {
                    roleDefinitionId = roleDefinitionId,
                    principalId      = principalId
                }
            };

            var client = new HttpClient();
            var authorizationHeader = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", authToken);

            client.DefaultRequestHeaders.Authorization = authorizationHeader;
            client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

            string raString = JsonSerializer.Serialize <RoleAssigmentRequestBody>(ra);
            var    content  = new StringContent(raString, Encoding.UTF8, "application/json");

            var response = await client.PutAsync(assignmentUrl, content);

            var responseBody = response.Content.ReadAsStringAsync().Result;

            var raResponse = new RoleAssignmentResponse();

            raResponse.Message = "Error: See response body";

            if (response.IsSuccessStatusCode)
            {
                raResponse         = JsonSerializer.Deserialize <RoleAssignmentResponse>(responseBody);
                raResponse.Message = "Successful Role assignment!!";
            }

            raResponse.ResponseBody = responseBody;

            return(raResponse);
        }