如何通过Azure Python SDK添加Azure Digital Twins数据所有者角色

u3r8eeie  于 2023-04-04  发布在  Python
关注(0)|答案(1)|浏览(77)

使用Azure Python SDK,我已经能够使用以下代码示例化资源组和数字孪生:

from azure.identity import AzureCliCredential, DefaultAzureCredential
from azure.mgmt.resource import ResourceManagementClient

from azure.mgmt.digitaltwins import AzureDigitalTwinsManagementClient

credential = DefaultAzureCredential()
subscription_id="some UUID" # not sure if safe to reveal, so removed it

resource_client = ResourceManagementClient(
    credential, subscription_id=subscription_id)

resource_group_name = "Tutorial-RG"
rg_result = resource_client.resource_groups.create_or_update(
    resource_group_name, {"location": "westeurope"}
)

client = AzureDigitalTwinsManagementClient(
    credential=DefaultAzureCredential(),
    subscription_id=subscription_id,
)

dt_resource_name = "myDigitalTwinsService"
response = client.digital_twins.begin_create_or_update(
    resource_group_name=rg_result.name,
    resource_name = dt_resource_name,
    digital_twins_create={"location": "westeurope"},
).result()
print(response)

# ...
# 'provisioning_state': 'Succeeded',
# ...

我知道我需要添加“Azure Digital Twins Data Owner”角色,然后才能使用Azure Digital Twins Python SDK对其进行操作。我可以使用Azure CLI执行此操作,如下所示:

>>> az dt role-assignment create --dt-name myDigitalTwinsService --assignee "my UUID" --role "Azure Digital Twins Data Owner" --debug

但是我无法使用Azure授权管理客户端添加相同的角色。到目前为止,我已经尝试了以下代码:

from azure.mgmt.authorization.models import RoleAssignmentCreateParameters
from azure.mgmt.authorization import AuthorizationManagementClient

authorization_client = AuthorizationManagementClient(
    credential=DefaultAzureCredential(),
    subscription_id=subscription_id,
)

adt_data_owner_role_id ='bcd981a7-7f74-457b-83e1-cceb9e632ffe'
role_def_id = f'/subscriptions/{subscription_id}/providers/Microsoft.Authorization/roleDefinitions/{adt_data_owner_role_id}'
authorization_client.role_assignments.create(
    scope=SCOPE,
    role_assignment_name=f"/subscriptions/{subscription_id}/resourceGroups/Tutorial-RG/providers/Microsoft.DigitalTwins/digitalTwinsInstances/myDigitalTwinsService/providers/Microsoft.Authorization/roleAssignments/60252f13-5e5a-4686-8265-3ac2db6443f1",
    parameters=RoleAssignmentCreateParameters(
        role_definition_id= role_def_id,
        principal_id= 'my UUID',
        principal_type="User",
    )
)

我已经通过传递--debug标志从上面提到的az调用中获取了参数。但是我得到了以下错误:

HttpResponseError: (NoRegisteredProviderFound) No registered resource provider found for location 'westeurope' and API version '2022-04-01' for type 'digitalTwinsInstances'. The supported api-versions are '2023-01-31, 2022-10-31, 2022-05-31, 2021-06-30-preview, 2020-12-01, 2020-10-31, 2020-03-01-preview'. The supported locations are 'westcentralus, westus2, northeurope, australiaeast, westeurope, eastus, southcentralus, southeastasia, uksouth, eastus2, westus3, japaneast, koreacentral, qatarcentral'.
Code: NoRegisteredProviderFound
Message: No registered resource provider found for location 'westeurope' and API version '2022-04-01' for type 'digitalTwinsInstances'. The supported api-versions are '2023-01-31, 2022-10-31, 2022-05-31, 2021-06-30-preview, 2020-12-01, 2020-10-31, 2020-03-01-preview'. The supported locations are 'westcentralus, westus2, northeurope, australiaeast, westeurope, eastus, southcentralus, southeastasia, uksouth, eastus2, westus3, japaneast, koreacentral, qatarcentral'.

即使将位置更改为受支持的区域也无济于事,尽管错误消息是这样说的。当我更改API版本时,它不起作用。我只是得到一个不同的错误:

authorization_client = AuthorizationManagementClient(
    credential=DefaultAzureCredential(),
    subscription_id=subscription_id,
    api_version = '2022-05-31'
)
# same everything else

# ValueError: API version 2022-05-31 does not have operation group 'role_assignments'

如何修复此错误?或者Azure Python SDK目前不支持我想要执行的操作?
我使用的Azure SDK版本如下:使用pip list --format=freeze | grep azure生成:

azure-common==1.1.28
azure-core==1.26.2
azure-digitaltwins-core==1.2.0
azure-identity==1.12.0
azure-mgmt-authorization==3.0.0
azure-mgmt-core==1.3.2
azure-mgmt-digitaltwins==6.4.0
azure-mgmt-resource==22.0.0
python

1条答案

按热度按时间
ee7vknir

ee7vknir1#

下面是Python SDK代码,它帮助我将Azure Digital Twins Data Owner角色分配给用户。

from azure.identity import DefaultAzureCredential
from azure.mgmt.authorization import AuthorizationManagementClient
from azure.mgmt.authorization.models import RoleAssignmentCreateParameters
import uuid

credential = DefaultAzureCredential()
subscription_id="<Azure-Subscription-id>"

# Create a DigitalTwinsManagementClient instance
client = AuthorizationManagementClient(credential, subscription_id)

# Define the parameters for the role assignment
role_assignment_params = RoleAssignmentCreateParameters(
    role_definition_id="/subscriptions/<your-subscription-id>/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe",
    principal_id="<Azure-user-object-id>"
)

# Create the role assignment
response = client.role_assignments.create(
    scope="/subscriptions/<your-subscription-id>/resourceGroups/IoTHubResources/providers/Microsoft.DigitalTwins/digitalTwinsInstances/<your-Azure-Digital-Twins-instance>",
    role_assignment_name=str(uuid.uuid4()),
    parameters=role_assignment_params
)
print(response)

请确保替换变量subscription_id、role_definition_id和scope中的Azure订阅ID。将Azure用户ID提供给变量principal_id。将scope变量末尾的your-Azure-Digital-Twins-instance替换为Azure Digital Twin示例名称。
我正在使用的azureSDK的版本如下

azure-common==1.1.28
azure-core==1.26.3
azure-digitaltwins-core==1.2.0
azure-identity==1.12.0
azure-mgmt-authorization==3.0.0
azure-mgmt-core==1.3.2
azure-mgmt-digitaltwins==6.3.0
azure-mgmt-resource==22.0.0
赞(0)分享  回复(0)举报  2023-04-04
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com