This sample explains how to manage your resources and resource groups in Azure Stack using the Azure Ruby SDK.

On this page

• Run this sample
• What is example.rb doing?
  • List resource groups
  • Create a resource group
  • Update a resource group
  • Create a key vault in the resource group
  • List resources within the group
  • Export the resource group template
  • Delete a resource group

1. If you don't already have it, install Ruby and the Ruby DevKit.

2. If you don't have bundler, install it.

   gem install bundler
   

3. Clone the repository.

   git clone https://github.com/Azure-Samples/Hybrid-Resource-Manager-Ruby-Resources-And-Groups.git
   

4. Install the dependencies using bundle.

   cd Hybrid-Resource-Manager-Ruby-Resources-And-Groups
   bundle install
   

5. If not available, create a subscription and save the subscription ID to be used later.

6. Create a service principal to work against AzureStack. Make sure your service principal has contributor/owner role on your subscription.

7. Set the following environment variables using the information from the service principal that you created.

   export AZURE_TENANT_ID={your tenant id}
   export AZURE_CLIENT_ID={your client id}
   export AZURE_CLIENT_SECRET={your client secret}
   export AZURE_SUBSCRIPTION_ID={your subscription id}
   export ARM_ENDPOINT={your AzureStack Resource manager url}
   

   [AZURE.NOTE] On Windows, use set instead of export.

8. To target Azure Stack environment, API-Version Profile V2017_03_09 or V2018_03_01 should be used to create the resource client.

   Example:

   client = Azure::Resources::Profiles::V2018_03_01::Mgmt::Client.new(options)

9. To authenticate the Service Principal against Azure Stack environment, the endpoints should be defined using get_active_directory_settings(). This method uses the ARM_Endpoint environment variable that was set using step 7.

   # Get Authentication endpoints using Arm Metadata Endpoints
   def get_active_directory_settings(armEndpoint)
       settings = MsRestAzure::ActiveDirectoryServiceSettings.new
       response = Net::HTTP.get_response(URI("#{armEndpoint}/metadata/endpoints?api-version=1.0"))
       status_code = response.code
       response_content = response.body
       unless status_code == "200"
           error_model = JSON.load(response_content)
           fail MsRestAzure::AzureOperationError.new("Getting Azure Stack Metadata Endpoints", response, error_model)
       end
   
       result = JSON.load(response_content)
       settings.authentication_endpoint = result['authentication']['loginEndpoint'] unless result['authentication']['loginEndpoint'].nil?
       settings.token_audience = result['authentication']['audiences'][0] unless result['authentication']['audiences'][0].nil?
       settings
   end

10. Run the sample.

    bundle exec ruby example.rb
    

The sample walks you through several resource and resource group management operations. It starts by setting up a ResourceManagementClient object using your subscription and credentials.

subscription_id = ENV['AZURE_SUBSCRIPTION_ID'] || '11111111-1111-1111-1111-111111111111'

# This parameter is only required for AzureStack or other soverign clouds. Pulic Azure already has these settings by default.
active_directory_settings = get_active_directory_settings(ENV['ARM_ENDPOINT'])

provider = MsRestAzure::ApplicationTokenProvider.new(
	ENV['AZURE_TENANT_ID'],
	ENV['AZURE_CLIENT_ID'],
	ENV['AZURE_CLIENT_SECRET'],
	active_directory_settings
)

credentials = MsRest::TokenCredentials.new(provider)
options = {
	credentials: credentials,
	subscription_id: subscription_id,
	active_directory_settings: active_directory_settings,
	base_url: ENV['ARM_ENDPOINT']
}

client = Azure::Resources::Profiles::V2018_03_01::Mgmt::Client.new(options)

It also sets up a ResourceGroup object (resource_group_params) to be used as a parameter in some of the API calls.

resource_group_params = Azure::ARM::Resources::Models::ResourceGroup.new.tap do |rg|
    rg.location = `local`
end

There are a couple of supporting functions (print_item and print_properties) that print a resource group and it's properties. With that set up, the sample lists all resource groups for your subscription, it performs these operations.

List the resource groups in your subscription.

 client.resource_groups.list.value.each{ |group| print_item(group) }

client.resource_groups.create_or_update('azure-sample-group', resource_group_params)

The sample adds a tag to the resource group.

resource_group_params.tags = { hello: 'world' }
client.resource_groups.create_or_update('azure-sample-group', resource_group_params)

key_vault_params = Azure::ARM::Resources::Models::GenericResource.new.tap do |rg|
    rg.location = WEST_US
    rg.properties = {
        sku: { family: 'A', name: 'standard' },
        tenantId: ENV['AZURE_TENANT_ID'],
        accessPolicies: [],
        enabledForDeployment: true,
        enabledForTemplateDeployment: true,
        enabledForDiskEncryption: true
    }
  end
  client.resources.create_or_update(GROUP_NAME,
                                    'Microsoft.KeyVault',
                                    '',
                                    'vaults',
                                    'azureSampleVault',
                                    '2015-06-01',
                                    key_vault_params)

client.resource_groups.list_resources(GROUP_NAME).value.each{ |resource| print_item(resource) }

You can export the resource group as a template and then use that to deploy your resources to Azure.

export_params = Azure::ARM::Resources::Models::ExportTemplateRequest.new.tap do |rg|
    rg.resources = ['*']
end
client.resource_groups.export_template(GROUP_NAME, export_params)

client.resource_groups.delete('azure-sample-group')