Azure Classroomnotes 05/Mar/2022

Deploying Azure Functions with Managed Identity to access other Azure Services

  • Now deploy the Azure Function with the code 
import logging

import azure.functions as func
from azure.mgmt.compute import ComputeManagementClient
from azure.identity import DefaultAzureCredential

subscription_id = "<your-subscription-id>"

def deallocate_vm(credential, resource_group_name, vm_name):
    compute_client = ComputeManagementClient(credential, subscription_id)
    poller = compute_client.virtual_machines.begin_deallocate(resource_group_name, vm_name)
    print(poller.status())
    #poller.wait()
    #print(poller.status())

def start_vm(credential, resource_group_name, vm_name):
    compute_client = ComputeManagementClient(credential, subscription_id)
    poller = compute_client.virtual_machines.begin_start(resource_group_name, vm_name)
    print(poller.status())
    #poller.wait()
    #print(poller.status())

def main(req: func.HttpRequest) -> func.HttpResponse:
    logging.info('Python HTTP trigger function processed a request.')

    rg_name = req.params.get('rg')
    vm_name = req.params.get('vm')
    action = req.params.get("action")
    if not rg_name:
        try:
            req_body = req.get_json()
        except ValueError:
            rg_name = 'elastic'
            vm_name = 'qtapche'
            action = "deallocate"
        else:
            rg_name = req_body.get('rg')
            vm_name = req_body.get('vm')
            action = req_body.get("action")
    credential = DefaultAzureCredential()
    if action == "deallocate":
        deallocate_vm(credential,rg_name,vm_name)
    else:
        start_vm(credential, rg_name, vm_name)
    return func.HttpResponse(f"This HTTP triggered function executed successfully.")






    # if name:
    #     return func.HttpResponse(f"Hello, {name}. This HTTP triggered function executed successfully.")
    # else:
    #     return func.HttpResponse(
    #          "This HTTP triggered function executed successfully. Pass a name in the query string or in the request body for a personalized response.",
    #          status_code=200
    #     )
  • We we would get 5xx errors when we execute this code after deploying on azure as credential object might not get the credentials, so we need to add azure managed identity.
  • Note: As discussed in class Looking into various log areas would help to get more info about failures
  • Now after we have added the managed identity from http we are able to do vm operations as discussed in the class
  • Exercise:
    • Try to find an approach to fetch the subcription id programatically in your Azure function.
Published
Categorized as Uncategorized Tagged

By continuous learner

devops & cloud enthusiastic learner

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Animated Social Media Icons by Acurax Responsive Web Designing Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Exit mobile version
%%footer%%