Login to Azure Resource Manager
create_azure_login(tenant = "common", app = .az_cli_app_id,
password = NULL, username = NULL, certificate = NULL,
auth_type = NULL, host = "https://management.azure.com/",
aad_host = "https://login.microsoftonline.com/", config_file = NULL,
token = NULL, ...)get_azure_login(tenant = "common", selection = NULL, refresh = TRUE)
delete_azure_login(tenant = "common", confirm = TRUE)
list_azure_logins()
The Azure Active Directory tenant for which to obtain a login client. Can be a name ("myaadtenant"), a fully qualified domain name ("myaadtenant.onmicrosoft.com" or "mycompanyname.com"), or a GUID. The default is to login via the "common" tenant, which will infer your actual tenant from your credentials.
The client/app ID to use to authenticate with Azure Active Directory. The default is to login interactively using the Azure CLI cross-platform app, but you can supply your own app credentials as well.
If auth_type == "client_credentials"
, the app secret; if auth_type == "resource_owner"
, your account password.
If auth_type == "resource_owner"
, your username.
If `auth_type == "client_credentials", a certificate to authenticate with. This is a more secure alternative to using an app secret.
The OAuth authentication method to use, one of "client_credentials", "authorization_code", "device_code" or "resource_owner". If NULL
, this is chosen based on the presence of the username
and password
arguments.
Your ARM host. Defaults to https://management.azure.com/
. Change this if you are using a government or private cloud.
Azure Active Directory host for authentication. Defaults to https://login.microsoftonline.com/
. Change this if you are using a government or private cloud.
Optionally, a JSON file containing any of the arguments listed above. Arguments supplied in this file take priority over those supplied on the command line. You can also use the output from the Azure CLI az ad sp create-for-rbac
command.
Optionally, an OAuth 2.0 token, of class AzureToken. This allows you to reuse the authentication details for an existing session. If supplied, all other arguments to create_azure_login
will be ignored.
For create_azure_login, other arguments passed to
get_azure_token`.
For get_azure_login
, if you have multiple logins for a given tenant, which one to use. This can be a number, or the input MD5 hash of the token used for the login. If not supplied, get_azure_login
will print a menu and ask you to choose a login.
For get_azure_login
, whether to refresh the authentication token on loading the client.
For delete_azure_login
, whether to ask for confirmation before deleting.
For get_azure_login
and create_azure_login
, an object of class az_rm
, representing the ARM login client. For list_azure_logins
, a (possibly nested) list of such objects.
If the AzureRMR data directory for saving credentials does not exist, get_azure_login
will throw an error.
If you are using a Linux Data Science Virtual Machine in Azure, you may have problems running create_azure_login()
(ie, without any arguments). In this case, try create_azure_login(auth_type="device_code")
.
create_azure_login
creates a login client to authenticate with Azure Resource Manager (ARM), using the supplied arguments. The Azure Active Directory (AAD) authentication token is obtained using get_azure_token, which automatically caches and reuses tokens for subsequent sessions. Note that credentials are only cached if you allowed AzureRMR to create a data directory at package startup.
create_azure_login()
without any arguments is roughly equivalent to the Azure CLI command az login
.
get_azure_login
returns a login client by retrieving previously saved credentials. It searches for saved credentials according to the supplied tenant; if multiple logins are found, it will prompt for you to choose one.
One difference between create_azure_login
and get_azure_login
is the former will delete any previously saved credentials that match the arguments it was given. You can use this to force AzureRMR to remove obsolete tokens that may be lying around.
az_rm, AzureAuth::get_azure_token for more details on authentication methods
Azure Resource Manager overview, REST API reference
# NOT RUN {
# without any arguments, this will create a client using your AAD credentials
az <- create_azure_login()
# retrieve the login in subsequent sessions
az <- get_azure_login()
# this will create a Resource Manager client for the AAD tenant 'myaadtenant.onmicrosoft.com',
# using the client_credentials method
az <- create_azure_login("myaadtenant", app="app_id", password="password")
# you can also login using credentials in a json file
az <- create_azure_login(config_file="~/creds.json")
# }
Run the code above in your browser using DataCamp Workspace