如何在Azure管理SDK中通过一次登录访问所有租户和订阅 | 如何在Azure管理SDK中通过一次登录访问所有租户和订阅

本文介绍了如何在Azure管理SDK中通过一次登录访问所有租户和订阅的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在尝试使用

代码

  var cred = SdkContext.AzureCredentialsFactory.FromDevice("731373ea-9249-45aa-a7da-79c083a9d8b0"，"common"，AzureEnvironment.AzureGlobalCloud，代码=>{Console.WriteLine(code.Message);返回true；});var azure = Azure.Authenticate(cred);var subs = azure.Subscriptions.List();foreach(子中的var子){Console.WriteLine(sub.DisplayName);}

更新

I'm trying to use https://github.com/Azure/azure-libraries-for-net for authentication to Azure from a command-line application. My goal is to list all storage accounts in all tenants and all subscriptions using fluent libraries with no success.

FromDevice method is actually working well, if I use common as tenant ID:

AzureCredentials credentials = SdkContext.AzureCredentialsFactory.FromDevice(
    AzureCliClientId,
    "common",
    AzureEnvironment.AzureGlobalCloud,
    code =>
    {
        Console.WriteLine(code.Message);
        return true;
    });

IAuthenticated authenticatedAzure = Azure.Authenticate(azureNativeCreds);

however any call to auth.Subscriptions.ListAsync returns empty list of subscriptions for any account that has access to more than one tenant or more than one subscription.

I can list the tenants user belongs to with auth.Tenants.ListAsync() and that returns valid list of tenants, however I can't find a way to now use a particular tenant and subscription to make a subsequent call.

One way to achieve what I want is to create another instance of IAzure but that pops up authentication dialog again, i.e.:

foreach(var tenant in await authenticatedAzure.Tenants.ListAsync())
{
    //create creds for tenant?
    //throws authentication dialog for every tenant

    var tenantCredentials = SdkContext.AzureCredentialsFactory.FromDevice(
        AzureCliClientId,
        tenant.TenantId,
        AzureEnvironment.AzureGlobalCloud,
        code =>
        {
            Console.WriteLine(code.Message);
            return true;
        });

  IAzure tenantAzure = await Azure.Authenticate(tcreds).WithDefaultSubscriptionAsync();

  var storageAccounts = await tenantAzure.StorageAccounts.ListAsync();
}

so the user gets constantly annoyed with popups. Another issue that FromDevice won't remember that the user has already logged in previously, regardless whether I save token cache to disk or not (TokenCache.DefaultShared.BeforeWrite etc).

解决方案

According to my test, the method Subscriptions.ListAsync just can return the subscriptions in the user's default tenant. For example, if you use the account [email protected] to login, it will just return to the subscriptions in the tenant xxx.onmicrosoft.com. For more details, please refer to the document.

The details are as below.1. Register the Azure AD public client application2. Configure permissions for the Azure AD applications you use.

Code

var cred= SdkContext.AzureCredentialsFactory.FromDevice("731373ea-9249-45aa-a7da-79c083a9d8b0", "common",AzureEnvironment.AzureGlobalCloud, code =>
            {
                Console.WriteLine(code.Message);
                return true;
            });

            var azure = Azure.Authenticate(cred);
            var subs = azure.Subscriptions.List();
            foreach (var sub in subs) {

                Console.WriteLine(sub.DisplayName);
            }

Update

这篇关于如何在Azure管理SDK中通过一次登录访问所有租户和订阅的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！