Documentation
¶
Index ¶
- func AddClientSecret(ctx context.Context, objID string) (autorest.Response, error)
- func CreateADApplication(ctx context.Context) (graphrbac.Application, error)
- func CreateADGroup(ctx context.Context) (graphrbac.ADGroup, error)
- func CreateServicePrincipal(ctx context.Context, appID string) (graphrbac.ServicePrincipal, error)
- func DeleteADApplication(ctx context.Context, appObjID string) (autorest.Response, error)
- func DeleteADGroup(ctx context.Context, groupObjID string) (autorest.Response, error)
- func GetCurrentUser(ctx context.Context) (graphrbac.User, error)
- func GetServicePrincipalObjectID(ctx context.Context, clientID string) (string, error)
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AddClientSecret ¶
AddClientSecret adds a secret to the specified AAD app
func CreateADApplication ¶
func CreateADApplication(ctx context.Context) (graphrbac.Application, error)
CreateADApplication creates an Azure Active Directory (AAD) application
func CreateADGroup ¶
CreateADGroup creates an Active Directory group
Example ¶
ctx := context.Background()
group, err := CreateADGroup(ctx)
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("ad group created")
if !config.KeepResources() {
_, err = DeleteADGroup(ctx, *group.ObjectID)
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("ad group deleted")
}
Output: ad group created ad group deleted if KeepResources=false
func CreateServicePrincipal ¶
CreateServicePrincipal creates a service principal associated with the specified application.
Example ¶
var groupName = config.GenerateGroupName("GraphRBAC")
config.SetGroupName(groupName)
ctx := context.Background()
app, err := CreateADApplication(ctx)
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("ad app created")
sp, err := CreateServicePrincipal(ctx, *app.AppID)
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("service principal created")
_, err = AddClientSecret(ctx, *app.ObjectID)
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("added client secret")
_, err = resources.CreateGroup(ctx, config.GroupName())
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("created resource group")
list, err := authorization.ListRoleDefinitions(ctx, "roleName eq 'Contributor'")
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("list contributor roledefs at group scope")
_, err = authorization.AssignRole(ctx, *sp.ObjectID, *list.Values()[0].ID)
if err != nil {
util.LogAndPanic(err)
}
util.PrintAndLog("assigned new principal to first contributor role")
if !config.KeepResources() {
_, err = resources.DeleteGroup(ctx, config.GroupName())
if err != nil {
util.LogAndPanic(err)
}
_, err = DeleteADApplication(ctx, *app.ObjectID)
if err != nil {
util.LogAndPanic(err)
}
}
Output: ad app created service principal created added client secret created resource group list contributor roledefs at group scope assigned new principal to first contributor role
func DeleteADApplication ¶
DeleteADApplication deletes the specified AAD application
func DeleteADGroup ¶
DeleteADGroup deletes the specified Active Directory group
func GetCurrentUser ¶
GetCurrentUser gets the Azure Active Directory object of the current signed in user
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.