In this Azure REST API post, I will show you how to create an App Registration for Microsoft Azure SDK for .NET.
Azure SDK for .NET allows us to manage Azure programmatically using .NET libraries. Using the SDK, we can create and manage any Azure resource.
The Azure SDK for .NET has more than 200 libraries for almost any Azure service, which allows us to create programs with a small footprint.
To connect to Azure using .NET, we can use the following methods:
- Azure CLI or Azure PowerShell
- App Registration
- Managed identity
In this post, we will show you how to connect using an App Registration because this is how most applications will be used when not in the development stage.
Create an App Registration for Microsoft Azure REST API
To create an App Registration that can access Azure resources, we must use the following Azure CLI command to create a service principal with RBAC permissions.
Start with login into Azure CLI using:
az login
And run the command below to create the service principal account.
az ad sp create-for-rbac -n AzureAPIAccess --role Contributor --scopes /subscriptions/YOURSUBSCRIPTIONID
Note: In the above example, I’m giving the service account contributor access at my subscription level.
The command output will return an App ID, Display name, Password and the tenant ID. Note down the values, as we will need them soon.
{
"appId": "appid",
"displayName": "AzureAPIAccess",
"password": "password",
"tenant": "tenantID"
}
Use App Registration with Azure SDK for .NET
To connect successfully to Azure using the newly created App Registration, we need to use environment variables that the SDK will use to authenticate.
On your server, VS Code or the environment your app will run, add the following environment variables (use the values for the output from the previous section). In the code below, I’m using PowerShell.
$env:AZURE_CLIENT_ID="CLIENTID"
$env:AZURE_TENANT_ID="TENATID"
$env:AZURE_CLIENT_SECRET="PASSWORD"
List Azure Resource Groups
The following C# Console application will list all the resource groups in the default subscription.
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure;
class Program
{
static async Task Main(string[] args)
{
// Create an instance of ArmClient using DefaultAzureCredential
ArmClient armClient = new ArmClient(new DefaultAzureCredential());
// Get the default Azure subscription
var subdetails = armClient.GetDefaultSubscription();
Console.WriteLine($"The default Azure subscription is: {subdetails.Id}");
// Get all resource groups in the subscription
ResourceGroupCollection resourceGroupCollection = subdetails.GetResourceGroups();
// Iterate over the resource group collection
await foreach (var resourceGroup in resourceGroupCollection.GetAllAsync())
{
Console.WriteLine($"Resource Group ID: {resourceGroup.Id}");
Console.WriteLine($"Resource Group Name: {resourceGroup.Data.Name}");
Console.WriteLine($"Resource Group Location: {resourceGroup.Data.Location}");
Console.WriteLine("-------------------------------------------");
}
}
}
Before you run the code, make sure you add the following libraries to your .csproj file.
<PackageReference Include="Azure.Identity" Version="1.10.4" />
<PackageReference Include="Azure.ResourceManager.Storage" Version="1.2.1" />
<PackageReference Include="Azure.Storage.Blobs" Version="12.19.1" />
<PackageReference Include="Microsoft.Extensions.Azure" Version="1.7.2" />
<PackageReference Include="Azure.Core" Version="1.38.0" />