-
Notifications
You must be signed in to change notification settings - Fork 330
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new module azure_rm_account_info
to get facts for current logged in user
#922
Merged
xuzhang3
merged 9 commits into
ansible-collections:dev
from
mandar242:new-module-azure-rm-account-info
Aug 1, 2022
Merged
Changes from 7 commits
Commits
Show all changes
9 commits
Select commit
Hold shift + click to select a range
45fce35
Add initial code to get result of 'az account show'
mandar242 fc6cc67
Add code for getting 'user' section of 'az account show' output
mandar242 bc831df
Add logic for adding 'environmentName' field of 'az account show' result
mandar242 48f466f
Add logic for adding 'user' field of 'az account show' result
mandar242 96c27cb
Add return block info
mandar242 cadeeef
Sanity fixes
mandar242 79a4a75
Add integration test
mandar242 50cc17b
Add more checks to assertion
mandar242 363e30d
Modified based on feedback
mandar242 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,224 @@ | ||
#!/usr/bin/python | ||
# | ||
# Copyright (c) 2022 Mandar Kulkarni, < @mandar242 > | ||
# | ||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) | ||
|
||
from __future__ import absolute_import, division, print_function | ||
__metaclass__ = type | ||
|
||
|
||
DOCUMENTATION = ''' | ||
--- | ||
module: azure_rm_account_info | ||
|
||
version_added: "1.14.0" | ||
|
||
short_description: Get Azure Account facts (output of az account show) | ||
|
||
description: | ||
- Get facts for current logged in user. | ||
- Output equivalent of `az account show` command. | ||
|
||
extends_documentation_fragment: | ||
- azure.azcollection.azure | ||
|
||
author: | ||
- Mandar Kulkarni (@mandar242) | ||
''' | ||
|
||
EXAMPLES = ''' | ||
- name: Get facts for current logged in user | ||
azure.azcollection.azure_rm_account_info: | ||
''' | ||
|
||
RETURN = ''' | ||
account_info: | ||
description: | ||
- Facts for current logged in user, equivalent to `az account show`. | ||
returned: always | ||
type: dict | ||
contains: | ||
environmentName: | ||
description: For cloud environments other than the US public cloud, the environment name. | ||
returned: always | ||
type: str | ||
sample: AzureCloud | ||
homeTenantId: | ||
description: Subscription tenant id. | ||
returned: always | ||
type: str | ||
sample: "00000000-0000-0000-0000-000000000000" | ||
id: | ||
description: Subscription id. | ||
returned: always | ||
type: str | ||
sample: "00000000-0000-0000-0000-000000000000" | ||
managedByTenants: | ||
description: An array containing the tenants managing the subscription. | ||
returned: always | ||
type: list | ||
elements: dict | ||
contains: | ||
tenantId: | ||
description: Subscription tenant id | ||
returned: always | ||
type: str | ||
sample: "00000000-0000-0000-0000-000000000000" | ||
name: | ||
description: The subscription display name. | ||
returned: always | ||
type: str | ||
sample: "Pay-As-You-Go" | ||
state: | ||
description: | ||
- The subscription state. | ||
- Possible values include "Enabled", "Warned", "PastDue", "Disabled", "Deleted". | ||
returned: always | ||
type: str | ||
sample: "Enabled" | ||
tenant_id: | ||
description: Subscription tenant id | ||
returned: always | ||
type: str | ||
sample: "00000000-0000-0000-0000-000000000000" | ||
user: | ||
description: An dict containing the current user name and type. | ||
returned: always | ||
type: dict | ||
elements: str | ||
contains: | ||
name: | ||
description: The principal name of the active directory user. | ||
returned: always | ||
type: str | ||
sample: "sample-user@sample-tenant.onmicrosoft.com" | ||
type: | ||
description: Active Directory user type. | ||
returned: always | ||
type: str | ||
sample: "User" | ||
''' | ||
|
||
|
||
try: | ||
from msrestazure.azure_exceptions import CloudError | ||
from azure.graphrbac import GraphRbacManagementClient | ||
from azure.graphrbac.models import GraphErrorException | ||
except ImportError: | ||
# This is handled in azure_rm_common | ||
pass | ||
|
||
from ansible_collections.azure.azcollection.plugins.module_utils.azure_rm_common import AzureRMModuleBase | ||
from ansible_collections.azure.azcollection.plugins.module_utils.azure_rm_common import AzureRMAuth | ||
|
||
|
||
class AzureRMAccountInfo(AzureRMModuleBase): | ||
|
||
def __init__(self): | ||
|
||
self.module_arg_spec = dict( | ||
) | ||
|
||
self.results = dict( | ||
changed=False, | ||
account_info=[] | ||
) | ||
|
||
# Different return info is gathered using 2 different clients | ||
# 1. All except "user" section of the return value uses azure.mgmt.subsctiption.operations.subscriptionoperations | ||
# 2. "user" section of the return value uses different client (graphrbac) | ||
|
||
super(AzureRMAccountInfo, self).__init__(derived_arg_spec=self.module_arg_spec, | ||
supports_check_mode=True, | ||
supports_tags=False, | ||
is_ad_resource=False) | ||
|
||
def exec_module(self, **kwargs): | ||
|
||
result = [] | ||
result = self.list_items() | ||
|
||
self.results['account_info'] = result | ||
return self.results | ||
|
||
def list_items(self): | ||
|
||
results = {} | ||
|
||
# Get | ||
# "homeTenantId": "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx", | ||
# "id": "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx", | ||
# "isDefault": true, <- WIP on getting this param | ||
# "managedByTenants": [ | ||
# { | ||
# "tenantId": "64xxxxxx-xxxx-49fc-xxxx-ebxxxxxxxxxx" | ||
# }, | ||
# { | ||
# "tenantId": "2axxxxxx-xxxx-xxxx-a339-ebxxxxxxxxxx" | ||
# }, | ||
# { | ||
# "tenantId": "xxxxxxxx-xxxx-4e68-xxxx-ebxxxxxxxxxx" | ||
# } | ||
# ], | ||
# "name": "Pay-As-You-Go", | ||
# "state": "Enabled", | ||
# "tenantId": "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx", | ||
|
||
# Makes use of azure.mgmt.subsctiption.operations.subscriptionoperations | ||
# https://docs.microsoft.com/en-us/python/api/azure-mgmt-subscription/azure.mgmt.subscription.operations.subscriptionsoperations?view=azure-python#methods | ||
|
||
try: | ||
subscription_list_response = list(self.subscription_client.subscriptions.list()) | ||
except CloudError as exc: | ||
self.fail("Failed to list all subscriptions - {0}".format(str(exc))) | ||
|
||
results['id'] = subscription_list_response[0].subscription_id | ||
results['tenantId'] = subscription_list_response[0].tenant_id | ||
results['homeTenantId'] = subscription_list_response[0].tenant_id | ||
results['name'] = subscription_list_response[0].display_name | ||
results['state'] = subscription_list_response[0].state | ||
results['managedByTenants'] = self.get_managed_by_tenants_list(subscription_list_response[0].managed_by_tenants) | ||
results['environmentName'] = self.azure_auth._cloud_environment.name | ||
results['user'] = self.get_aduser_info(subscription_list_response[0].tenant_id) | ||
|
||
return results | ||
|
||
def get_managed_by_tenants_list(self, object_list): | ||
|
||
return [dict(tenantId=item.tenant_id) for item in object_list] | ||
|
||
def get_aduser_info(self, tenant_id): | ||
|
||
# Create GraphRbacManagementClient for getting | ||
# "user": { | ||
# "name": "mandar123456@abcdefg.onmicrosoft.com", | ||
# "type": "user"self. | ||
# } | ||
|
||
# Makes use of azure graphrbac | ||
# https://docs.microsoft.com/en-us/python/api/overview/azure/microsoft-graph?view=azure-python#client-library | ||
|
||
user = {} | ||
self.azure_auth_graphrbac = AzureRMAuth(is_ad_resource=True) | ||
cred = self.azure_auth_graphrbac.azure_credentials | ||
base_url = self.azure_auth_graphrbac._cloud_environment.endpoints.active_directory_graph_resource_id | ||
client = GraphRbacManagementClient(cred, tenant_id, base_url) | ||
|
||
try: | ||
user_info = client.signed_in_user.get() | ||
user['name'] = user_info.user_principal_name | ||
user['type'] = user_info.object_type | ||
|
||
except GraphErrorException as e: | ||
self.fail("failed to get ad user info {0}".format(str(e))) | ||
|
||
return user | ||
|
||
|
||
def main(): | ||
AzureRMAccountInfo() | ||
|
||
|
||
if __name__ == '__main__': | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
cloud/azure |
2 changes: 2 additions & 0 deletions
2
tests/integration/targets/azure_rm_account_info/meta/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
dependencies: | ||
- setup_azure |
10 changes: 10 additions & 0 deletions
10
tests/integration/targets/azure_rm_account_info/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
--- | ||
mandar242 marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
mandar242 marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- name: Get facts for current logged in user | ||
azure.azcollection.azure_rm_account_info: | ||
register: result | ||
|
||
- assert: | ||
that: | ||
- result is not changed | ||
- result is not failed | ||
mandar242 marked this conversation as resolved.
Show resolved
Hide resolved
|
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this a choice to return only the first subscription
[0]
for the account?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at the documentation and based on my trial-errors for
az account show
here: https://docs.microsoft.com/en-us/cli/azure/account?view=azure-cli-latest#az-account-showI felt that it returns a single subscription, so adding
[0]
th subscription.I could be wrong here though. Thoughts?