If you want to programmatically update Azure Resource configurations you have a number of options.
- Use the PowerShell or Python command line tools
- Use the .NET Fluent libraries
- Use the .NET Management SDK
- Call the REST API directly
Each of those options have pros and cons depending on how you are using them. Overall I would suggest using the PowerShell module if possible.
However, you may need to integrate the Azure SDK directly into you application or tool with the Management SDK.
Getting Started with the .NET Management SDK
Like other SDK libraries, the Azure Management SDK is meant to be at the "core" of the tool or system you are building. As such, the libraries are highly configurable and not very prescriptive. Also, there is very little documentation on how to use this library. Most articles I have seen assume you have created an application in Azure AD and generated an access token somehow.
Rather than one large library or package for all of the Azure services, the Management SDK has a package per resource type.
Here is a full list of the NuGet Packages
Along with the specific resource package, you should also install the following common packages.
Each library will contain one or many "Client" classes. Instantiating the client class will require an implementation of the
ServiceClientCredentials abstract class.
Rather than implement that class yourself, you can find a few implementations in the
Microsoft.Rest.Azure.Authentication namespace. Let's go over a few of the Providers in that namespace.
You can use the
ApplicationTokenProvider class when your application interacts with the Azure API directly as an application, without user context.
For this token provider you need to go to Azure AD and create an application. After creating that application you can either generate a Secret Key or upload a certificate.
There are two different sets of Static methods on the
ServiceClientCredentials creds = ApplicationTokenProvider.LoginSilentAsync("mydomain.onmicrosoft.com", "<appId/clientId guid>", "<secret>");
X509Certificate2 localCert = ... ClientAssertionCertificate certAssertion = new ClientAssertionCertificate("<appId/clientId guid>", localCert); ServiceClientCredentials creds = ApplicationTokenProvider.LoginSilentWithCertificateAsync("mydomain.onmicrosoft.com", certAssertion);
If you are building a .NET Full Framework application (using .NET 452 or above) you can use the
UserTokenProvider.LoginWithPromptAsync static method.
Again this requires that you have registered an Azure AD Application
var settings = ActiveDirectoryClientSettings.UsePromptOnly("<clientId>", new Uri("http://myRedirectUri")); var cred = UserTokenProvider.LoginWithPromptAsync(settings);
That is the simplest signature, which uses the
common tenant. If know which Tenant the user is logging into and want to reduce the redirects you can use a method with the