A lightweight but powerful R interface to the 'Azure Resource Manager' REST API. The package exposes a comprehensive class framework and related tools for creating, updating and deleting 'Azure' resource groups, resources and templates. While 'AzureRMR' can be used to manage any 'Azure' service, it can also be extended by other packages to provide extra functionality for specific services. Part of the 'AzureR' family of packages.
AzureRMR is a package for interacting with Azure Resource Manager: list subscriptions, manage resource groups, deploy and delete templates and resources. It calls the Resource Manager REST API directly, so you don't need to have PowerShell or Python installed. Azure Active Directory OAuth tokens are obtained using the AzureAuth package.
You can install the development version from GitHub, via devtools::install_github("cloudyr/AzureRMR")
.
Under the hood, AzureRMR uses a similar authentication process to the Azure CLI. The first time you authenticate with a given Azure Active Directory tenant, you call create_azure_login()
and supply your credentials. AzureRMR will prompt you for permission to create a special data directory in which to cache the obtained authentication token and Resource Manager login. Once this information is saved on your machine, it can be retrieved in subsequent R sessions with get_azure_login()
. Your credentials will be automatically refreshed so you don't have to reauthenticate.
Unless you have a specific reason otherwise, it's recommended that you allow AzureRMR to create this caching directory. Note that many other cloud engineering tools save credentials in this way, including the Azure CLI itself.
In most cases, AzureRMR can authenticate without requiring you to create your own service principal. However, AzureRMR can also use a custom service principal, and in general it's a good idea to supply your own to authenticate with (if possible). See the "Introduction to AzureRMR" vignette for more details.
Linux DSVM note If you are using a Linux Data Science Virtual Machine in Azure, you may have problems running create_azure_login()
. In this case, try create_azure_login(auth_type="device_code")
.
library(AzureRMR) # authenticate with Azure AD:# - on first login to this client, call create_azure_login()# - on subsequent logins, call get_azure_login()az <- create_azure_login() # get a subscription and resource groupsub <- az$get_subscription("{subscription_id}")rg <- sub$get_resource_group("rgname") # get a resource (storage account)stor <- rg$get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage") # method chaining works toostor <- az$ get_subscription("{subscription_id}")$ get_resource_group("rgname")$ get_resource(type="Microsoft.Storage/storageAccounts", name="mystorage") # create a new resource group and resourcerg2 <- sub$create_resource_group("newrgname", location="westus") stor2 <- rg2$create_resource(type="Microsoft.Storage/storageAccounts", name="mystorage2", kind="Storage", sku=list(name="Standard_LRS")) # taggingstor2$set_tags(comment="hello world!", created_by="AzureRMR") # role-based access control (RBAC)# this uses the AzureGraph package to retrieve the user IDgr <- AzureGraph::get_graph_login()usr <- gr$get_user("[email protected]")stor2$add_role_assignment(usr, "Storage blob data contributor") # pass the GUID of the principal if you don't have AzureGraph installedstor2$add_role_assignment("041ff2be-4eb0-11e9-8f38-394fbcd0b29d", "Storage blob data contributor")
AzureRMR is meant to be a generic mechanism for working with Resource Manager. You can extend it to provide support for service-specific features; examples of packages that do this include AzureVM for virtual machines, and AzureStor for storage accounts. For more information, see the "Extending AzureRMR" vignette.
AzureRMR is inspired by the package AzureSMR, originally written by Alan Weaver and Andrie de Vries, and would not have been possible without their pioneering work. Thanks, guys!
config_file
argument for az_rm$new
has been removed; to use a configuration file, call the (recommended) create_azure_login
function.az_subscription$get_provider_api_version
now returns only stable APIs by default. Set the argument stable_only=FALSE
to allow returning preview APIs.?rbac
for more information.create_azure_login
, get_azure_login
and delete_azure_login
functions to handle ARM authentication. By default, these will authenticate using your AAD user credentials without requiring you to create a service principal. Directly calling az_rm$new()
will still work, but it's recommended to use create_azure_login
and get_azure_login
going forward. Login credentials will be saved and reused for subsequent sessions (see below).get_azure_token
now supports four authentication methods for obtaining tokens (client_credentials
, authorization_code
, device_code
and resource_owner
). Tokens are also automatically cached and retrieved for use in subsequent sessions, without needing the user to reauthenticate. See the AzureAuth documentation for more details.etag
field to resource object definition.location
argument to az_resource_group$create_resource
method, rather than hardcoding it to the resgroup location.wait
argument when creating a new resource, similar to deploying a template, since some resources will return before provisioning is complete. Defaults to FALSE
for backward compatibility.is_azure_token
.az_resource_group$deploy_template()
to work without parameters
arg (parameters folded into template itself).az_resource_group$delete_resource
from deleting the resource.az_resource$get_api_version
to match set_api_version
.az_resource$set_api_version
gains a new argument stable_only
which defaults to TRUE
; set this to FALSE
if you want the latest preview version.az_resource$sync_fields()
will respect a non-default API version.create_lock
to create a lock, get_lock
to retrieve an existing lock object, and delete_lock
to delete a lock. Call list_locks
to list all the locks that apply to an object.set_tags
to set tags, and get_tags
to retrieve them.named_list
to accept empty inputs. The output will be a list of length 0 with a names
attribute.