Tag: graph

Azure: Python SDK

This post is how to use the Azure Python SDK.

If you are using Databricks you can get the secret by using the following Databricks: Get Secret

If you are using Synapse you can get the secret by using the following Synapse: Get Secret

Package Installations

  1. pip install azure-identity
  2. pip install azure-storage-file
  3. pip install azure-storage-file-datalake

Setup Credentials

Service Principal

  1. from azure.common.credentials import ServicePrincipalCredentials
  2. secret = "<GET_SECRET_SECURELY>"
  3. credential = ServicePrincipalCredential("<SPN_CLIENT_ID>", secret, tenant="<TENANT_ID>")

Token Credential

  1. from azure.identity import ClientSecretCredential
  2. secret = "<GET_SECRET_SECURELY>"
  3. token_credential = ClientSecretCredential("<TENANT_ID>", "<SPN_CLIENT_ID>", secret)

Subscription Client

Client

  1. from azure.mgmt.resource import SubscriptionClient
  2. subscription_client = SubscriptionClient(credential)

Get List

  1. subscriptions = subscription_client.subscriptions.list()
  2. for subscription in subscriptions:
  3.     print(subscription.display_name)

Storage Account

Client

  1. from azure.mgmt.storage import StorageManagementClient
  2. storage_client = StorageManagementClient(credential, "<SUBSCRIPTION_ID>")

Get List by Resource Group

  1. storage_accounts = storage_client.storage_accounts.list_by_resource_group("<RESOURCE_GROUP_NAME>")
  2. for sa in storage_accounts:
  3.     print(sa.name)

List Containers in Storage Account

  1. containers = storage_client.blob_containers.list("<RESOURCE_GROUP_NAME>", sa.name)

Containers

Client

  1. from azure.storage.blob import ContainerClient
  2. account_url_blob = f"https://{sa.name}.blob.core.windows.net"
  3. container_client = ContainerClient.from_container_url(
  4.     container_url=account_url_blob + "/" + container.name,
  5.     credential=token_credential
  6. )

Get Container Properties

  1. container_client.get_container_properties()

List Blobs

  1. for b in container_client.list_blobs():
  2.     print(b)

Data Lake Service

Client

  1. from azure.storage.filedatalake import DataLakeServiceClient
  2. storage_account_url_dfs = f"https://{sa.name}.df.core.windows.net"
  3. data_lake_service_client = DataLakeServiceClient(storage_account_url_dfs, token_credential)

DataLake Directory

  1. from azure.storage.filedatalake import DataLakeDirectoryClient
  2. data_lake_directory_client = DataLakeDirectoryClient(account_url=account_url_dfs, credential=credential)

FileSystem

Client

  1. file_system_client = data_lake_service_client.get_file_system_client(file_system="<CONTAINER_NAME>")

Get Directory Client

  1. directory_client = file_system_client.get_directory_client("<CONTAINER_SUB_FOLDER>")

Get Directory Access Control

  1. acl_props = directory_client.get_access_control()

Microsoft Graph Client

Package Installations

  1. pip install msgraph-sdk
  2. pip install msrestazure
  3. pip install azure-identity

Credential

  1. from azure.identity.aio import ClientSecretCredential
  2.  
  3. secret = "<GET_SECRET_SECURELY>"
  4. credential = ClientSecretCredential('<TENANT_ID>', '<CLIENT_ID>', secret)

Client

  1. from msgraph import GraphServiceClient
  2.  
  3. def create_session(credential):
  4.   scopes = ['https://graph.microsoft.com/.default']
  5.   graph_client = GraphServiceClient(credential, scopes)
  6.   return graph_client
  7.  
  8. graph_client = create_session(credential)

Get Groups

  1. #This will only get you the first 100 groups. If you have more then you need to check again
  2. groups = await graph_client.groups.get()
  3. print(len(groups))
  4.  
  5. while groups is not None and groups.odata_next_link is not None:
  6.   groups = await graph_client.groups.with_url(groups.odata_next_link).get()
  7.   print(len(groups))

Get Group Members

  1. id = '<GROUP_ID>'
  2. group_members = await graph_client.groups.by_group_id(id).members.get()

 

Azure: Install/Configure CLI

This post will show you how to install the Azure CLI.

First you need to install the CLI.

Once it is installed you can set your config directory. This is useful for having multiple logins going at the same time.

  1. set AZURE_CONFIG_DIR=<YOUR_DIRECTORY>

You can then login. There are different ways to do that

Way 1: This will popup a login where you enter your login credentials

  1. az login

Way 2: This will ask you for password via the command line

  1. az login -u <YOUR_LOGIN>

Way 3:

  1. az login -u <YOUR_LOGIN> -p <YOUR_PASSWORD>

Way 4: logs in as a service principal

  1. az login --service-principal --user-name <SPN_ID> --password <SPN_KEY> --tenant <TENANTID>

Show your Account

  1. az account show

Set Account Subscription

  1. az account set -s <SUBSCRIPTION_ID>

List Tags For A Resource

  1. az tag list --subscription <SUBSCRIPTION_NAME>

Install Graph

  1. az extension add --name resource-graph

Query for Anything that Has a Tag

  1. az graph query -q "resourceGraoup, type, tags" | where tags.<TAG_NAME>=~'<VALUE>'

Query for More than One Tag

  1. az graph query -q "resourceGraoup, type, tags" | where tags.<TAG_NAME>=~'<VALUE>' | tags.<TAG_NAME>=='<VALUE>'

Query Type

  1. az graph query -q "resourceGroup, type, tags" | where type =~ 'microsoft.sql/servers/databases'