【问题标题】:How to set contributor role after creating a new azure subscription?创建新的 Azure 订阅后如何设置贡献者角色?
【发布时间】:2016-11-14 07:28:40
【问题描述】:

我使用 microsoft CREST API 和以下代码创建了一个新订阅:

WebClient client = new WebClient();
SATokenFormatReseller SA_Token = GetSAResellerToken();
client.Headers[HttpRequestHeader.Accept] = "application/json";
client.Headers[HttpRequestHeader.Authorization] = "Bearer " + SA_Token.access_token;
client.Headers[HttpRequestHeader.ContentType] = "application/json";
client.Headers.Add("api-version", ApiVersion);
client.Headers.Add("x-ms-correlation-id", Guid.NewGuid().ToString());
client.Headers.Add("x-ms-tracking-id", Guid.NewGuid().ToString());
var reqOrderObj = CreateReqOrderObject(service, mpn);
var reqOrderJson = JsonConvert.SerializeObject(reqOrderObj, Newtonsoft.Json.Formatting.None, new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
string res = client.UploadString("https://api.cp.microsoft.com/" + TenantId + "/orders", "POST", reqOrderJson);

成功创建订阅后,我尝试使用管理 azure core api 为新订阅设置贡献者角色,方式如下:

public bool CreateRoleAssignment(string subscriptionId, string tenantId, string principalId)
{
    bool roleGranted = false;
    var azureToken = GetAzureAuthTokenForCustomerTenant(NativeClientId, PartnerCenterUser, PartnerCenterPassword, tenantId);
    string responseContent = String.Empty;
    var roleAssignmentId = Guid.NewGuid().ToString(); 
    var correlationId = Guid.NewGuid().ToString();
    var request = (HttpWebRequest)HttpWebRequest.Create(string.Format("https://management.azure.com/subscriptions/{0}/providers/Microsoft.Authorization/roleAssignments/{1}?api-version=2015-07-01", subscriptionId, roleAssignmentId));

    request.Method = "PUT";
    request.Accept = "application/json";
    request.ContentType = "application/json";

    request.Headers.Add("x-ms-correlation-id", correlationId);
    request.Headers.Add("x-ms-tracking-id", Guid.NewGuid().ToString());
    request.Headers.Add("Authorization", "Bearer " + azureToken.AccessToken);

    string content = Json.Encode(CreateRoleAssignmentRequestData(subscriptionId, principalId));

    using (var writer = new StreamWriter(request.GetRequestStream()))
    {
        writer.Write(content);
    }

    try
    {
        var response = request.GetResponse();
        using (var reader = new StreamReader(response.GetResponseStream()))
        {
            responseContent = reader.ReadToEnd();
            roleGranted = true;
        }
    }
    catch (WebException webException)
    {
        using (var reader = new StreamReader(webException.Response.GetResponseStream()))
        {
            responseContent = reader.ReadToEnd();
            roleGranted = false;
        }
    }

    return roleGranted;
}

但响应是订阅不存在。

一段时间后,如果我运行同一段代码 (CreateRoleAssignment),则角色会成功分配给订阅。

创建订阅后如何实现此过程?

【问题讨论】:

  • 可能是因为订阅需要一些时间才能激活?当我注册新订阅时,我被告知订阅可能需要 30 分钟才能生效。
  • 没错,我想知道这是问题所在,但我该如何管理这种情况,我应该有一个解决方案吗?可能是某种异步轮询或并行任务?
  • 我会说继续异步轮询。
  • 你能给我一些例子吗?我从未使用过异步轮询。提前致谢。
  • 所以基本上你继续调用这个函数并检查网络异常状态。如果您收到 404(或其他错误),只需让您的应用程序休眠一段时间(例如一分钟),然后重试。

标签: c# rest azure


【解决方案1】:

正如@GauravMantri 所说,使用异步轮询作为下面的示例代码。

var azureToken = GetAzureAuthTokenForCustomerTenant(NativeClientId, PartnerCenterUser, PartnerCenterPassword, tenantId);
string responseContent = String.Empty;
var roleAssignmentId = Guid.NewGuid().ToString(); 
var correlationId = Guid.NewGuid().ToString();
string url = string.Format("https://management.azure.com/subscriptions/{0}/providers/Microsoft.Authorization/roleAssignments/{1}?api-version=2015-07-01", subscriptionId, roleAssignmentId);
string content = Json.Encode(CreateRoleAssignmentRequestData(subscriptionId, principalId));

using (var client = new HttpClient())
{
    client.DefaultRequestHeaders.Clear();
    client.DefaultRequestHeaders.Add("Accept", "application/json");
    client.DefaultRequestHeaders.Add("Content-Type", "application/json");
    client.DefaultRequestHeaders.Add("x-ms-correlation-id", correlationId);
    client.DefaultRequestHeaders.Add("x-ms-tracking-id", Guid.NewGuid().ToString());
    client.DefaultRequestHeaders.Add("Authorization", "Bearer " + azureToken.AccessToken);
    var response = await client.PutAsync(url, content);
    while(!response.IsSuccessStatusCode) 
    {
        response = await client.PutAsync(url, content);
    }
    Console.WriteLine(response.Content.ReadAsStringAsync().Result);
}

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 2021-07-23
    • 1970-01-01
    • 2016-07-19
    • 1970-01-01
    • 2014-12-18
    • 2019-07-27
    • 2020-05-12
    相关资源
    最近更新 更多