-
Notifications
You must be signed in to change notification settings - Fork 9
/
graph.go
77 lines (64 loc) · 4.25 KB
/
graph.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT license.
package azurestack
import (
"context"
"github.com/Azure/aks-engine-azurestack/pkg/armhelpers"
"github.com/Azure/azure-sdk-for-go/services/authorization/mgmt/2015-07-01/authorization"
"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
"github.com/Azure/go-autorest/autorest"
"github.com/pkg/errors"
)
const (
// AADContributorRoleID is the role id that exists in every subscription for 'Contributor'
AADContributorRoleID = "b24988ac-6180-42a0-ab88-20f7382dd24c"
// AADRoleReferenceTemplate is a template for a roleDefinitionId
AADRoleReferenceTemplate = "/subscriptions/%s/providers/Microsoft.Authorization/roleDefinitions/%s"
// AADRoleResourceGroupScopeTemplate is a template for a roleDefinition scope
AADRoleResourceGroupScopeTemplate = "/subscriptions/%s/resourceGroups/%s"
)
// CreateGraphApplication creates an application via the graphrbac client
func (az *AzureClient) CreateGraphApplication(ctx context.Context, applicationCreateParameters graphrbac.ApplicationCreateParameters) (graphrbac.Application, error) {
errorMessage := "error azure stack does not support creating application"
return graphrbac.Application{}, errors.New(errorMessage)
}
// DeleteGraphApplication deletes an application via the graphrbac client
func (az *AzureClient) DeleteGraphApplication(ctx context.Context, applicationObjectID string) (result autorest.Response, err error) {
errorMessage := "error azure stack does not support deleting application"
return autorest.Response{}, errors.New(errorMessage)
}
// CreateGraphPrincipal creates a service principal via the graphrbac client
func (az *AzureClient) CreateGraphPrincipal(ctx context.Context, servicePrincipalCreateParameters graphrbac.ServicePrincipalCreateParameters) (graphrbac.ServicePrincipal, error) {
errorMessage := "error azure stack does not support creating service principal"
return graphrbac.ServicePrincipal{}, errors.New(errorMessage)
}
// CreateRoleAssignment creates a role assignment via the authorization client
func (az *AzureClient) CreateRoleAssignment(ctx context.Context, scope string, roleAssignmentName string, parameters authorization.RoleAssignmentCreateParameters) (authorization.RoleAssignment, error) {
errorMessage := "error azure stack does not support creating role assignement"
return authorization.RoleAssignment{}, errors.New(errorMessage)
}
// DeleteRoleAssignmentByID deletes a roleAssignment via its unique identifier
func (az *AzureClient) DeleteRoleAssignmentByID(ctx context.Context, roleAssignmentID string) (authorization.RoleAssignment, error) {
errorMessage := "error azure stack does not support deleting role assignement"
return authorization.RoleAssignment{}, errors.New(errorMessage)
}
// ListRoleAssignmentsForPrincipal (e.g. a VM) via the scope and the unique identifier of the principal
func (az *AzureClient) ListRoleAssignmentsForPrincipal(ctx context.Context, scope string, principalID string) (armhelpers.RoleAssignmentListResultPage, error) {
errorMessage := "error azure stack does not support listing role assignement"
return nil, errors.New(errorMessage)
}
// CreateApp is a simpler method for creating an application
func (az *AzureClient) CreateApp(ctx context.Context, appName, appURL string, replyURLs *[]string, requiredResourceAccess *[]graphrbac.RequiredResourceAccess) (applicationResp graphrbac.Application, servicePrincipalObjectID, servicePrincipalClientSecret string, err error) {
errorMessage := "error azure stack does not support creating application"
return graphrbac.Application{}, "", "", errors.New(errorMessage)
}
// DeleteApp is a simpler method for deleting an application and the associated spn
func (az *AzureClient) DeleteApp(ctx context.Context, applicationName, applicationObjectID string) (autorest.Response, error) {
errorMessage := "error azure stack does not support deleting application"
return autorest.Response{}, errors.New(errorMessage)
}
// CreateRoleAssignmentSimple is a wrapper around RoleAssignmentsClient.Create
func (az *AzureClient) CreateRoleAssignmentSimple(ctx context.Context, resourceGroup, servicePrincipalObjectID string) error {
errorMessage := "error azure stack does not support creating role assignment"
return errors.New(errorMessage)
}