Azure使用Java SDK将角色分配给VM
我正在编写一个Java程序,它创建一个VM并从存储器访问文件。但是,我很难将该VM分配为“存储参与者/所有者”角色,以便它可以 我目前有这段代码,但我不确定它是否是我需要的,而且我也不知道在某些地方写什么:Azure使用Java SDK将角色分配给VM,java,azure,azure-java-sdk,Java,Azure,Azure Java Sdk,我正在编写一个Java程序,它创建一个VM并从存储器访问文件。但是,我很难将该VM分配为“存储参与者/所有者”角色,以便它可以 我目前有这段代码,但我不确定它是否是我需要的,而且我也不知道在某些地方写什么: rbacManager = GraphRbacManager.authenticate( credentials ); rbacManager.roleAssignments() .define("roletest") // w
rbacManager = GraphRbacManager.authenticate( credentials );
rbacManager.roleAssignments()
.define("roletest")
// which object? and where to find the ID?
.forObjectId("/subscription/" + subscription + "?")
.withBuiltInRole(com.microsoft.azure.management.graphrbac.BuiltInRole.STORAGE_ACCOUNT_CONTRIBUTOR)
// what should go as resource scope?
.withResourceScope(?)
.createAsync();
本质上,我想用Java代码执行此步骤:
提前谢谢你 关于此问题,请参考以下步骤
所有者
角色分配给sp<dependency>
<groupId>com.azure.resourcemanager</groupId>
<artifactId>azure-resourcemanager</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity</artifactId>
<version>1.2.0</version>
</dependency>
com.azure.resourcemanager
。使用SystemAssignedEntityBasedAccess()
正是我所需要的,非常感谢您提供的详细答案!
<dependency>
<groupId>com.azure.resourcemanager</groupId>
<artifactId>azure-resourcemanager</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity</artifactId>
<version>1.2.0</version>
</dependency>
AzureProfile profile = new AzureProfile(AzureEnvironment.AZURE);
String clientId="<sp appid>";
String clientSecret="<sp password>";
String tenant="";
String subscriptionId=""
TokenCredential credential = new ClientSecretCredentialBuilder()
.clientId(clientId)
.clientSecret(clientSecret)
.authorityHost(profile.getEnvironment().getActiveDirectoryEndpoint())
.tenantId(tenant)
.build();
AzureResourceManager azureResourceManager = AzureResourceManager
.configure()
.withLogLevel(HttpLogDetailLevel.BASIC)
.authenticate(credential, profile)
.withSubscription(subscriptionId);
// get storage account
String accountGroup="";
String accountName="";
StorageAccount account = azureResourceManager.storageAccounts().getByResourceGroup(accountGroup,accountName);
// get vm
String vmGroup="";
String vmName="test";
VirtualMachine virtualMachine = azureResourceManager.virtualMachines().getByResourceGroup(vmGroup,vmName);
virtualMachine.update()
.withSystemAssignedManagedServiceIdentity()
.withSystemAssignedIdentityBasedAccessTo(account.id(), BuiltInRole.fromString("Storage Blob Data Owner"))
.apply();
}