From 820478f74c57b3a4a92ce821d3c973c75ada65c4 Mon Sep 17 00:00:00 2001 From: bragi92 Date: Thu, 22 Aug 2024 19:33:51 -0700 Subject: [PATCH] [AKS] `az aks create/update`: Support UserAssigned Managed Identity for grafana linking in managed prometheus (#7886) --- src/aks-preview/HISTORY.rst | 4 ++++ .../azuremonitormetrics/amg/link.py | 17 ++++++++++++++++- src/aks-preview/setup.py | 2 +- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/src/aks-preview/HISTORY.rst b/src/aks-preview/HISTORY.rst index b0ac858fc01..619b263cfa3 100644 --- a/src/aks-preview/HISTORY.rst +++ b/src/aks-preview/HISTORY.rst @@ -9,6 +9,10 @@ If there is no rush to release a new version, please just add a description of t To release a new version, please select a new version number (usually plus 1 to last patch version, X.Y.Z -> Major.Minor.Patch, more details in `\doc `_), and then add a new section named as the new version number in this file, the content should include the new modifications and everything from the *Pending* section. Finally, update the `VERSION` variable in `setup.py` with this new version number. +7.0.0b7 ++++++++ +* [AKS] `az aks create/update`: Support UserAssigned Managed Identity for grafana linking in managed prometheus + 7.0.0b6 +++++++ * Add `--advanced-networking-observability-tls-management` to `az aks create/update` command. diff --git a/src/aks-preview/azext_aks_preview/azuremonitormetrics/amg/link.py b/src/aks-preview/azext_aks_preview/azuremonitormetrics/amg/link.py index bc05c60d22c..6e504333164 100644 --- a/src/aks-preview/azext_aks_preview/azuremonitormetrics/amg/link.py +++ b/src/aks-preview/azext_aks_preview/azuremonitormetrics/amg/link.py @@ -24,7 +24,22 @@ def link_grafana_instance(cmd, raw_parameters, azure_monitor_workspace_resource_ grafanaURI = f"{cmd.cli_ctx.cloud.endpoints.resource_manager}{grafana_resource_id}?api-version={GRAFANA_API}" headers = ['User-Agent=azuremonitormetrics.link_grafana_instance'] grafanaArmResponse = send_raw_request(cmd.cli_ctx, "GET", grafanaURI, body={}, headers=headers) - servicePrincipalId = grafanaArmResponse.json()["identity"]["principalId"] + # Check if 'identity' and 'type' exist in the response + identity_info = grafanaArmResponse.json().get("identity", {}) + identity_type = identity_info.get("type", "").lower() + + if identity_type == "systemassigned": + servicePrincipalId = identity_info.get("principalId") + elif identity_type == "userassigned": + user_assigned_identities = identity_info.get("userAssignedIdentities", {}) + if not user_assigned_identities: + raise CLIError("No user-assigned identities found.") + servicePrincipalId = list(user_assigned_identities.values())[0]["principalId"] + else: + raise CLIError("Unsupported or missing identity type.") + + if not servicePrincipalId: + raise CLIError("No service principal ID found for the specified identity.") except CLIError as e: raise CLIError(e) # pylint: disable=raise-missing-from # Add Role Assignment diff --git a/src/aks-preview/setup.py b/src/aks-preview/setup.py index 7b7322d7f8f..3b9c754429e 100644 --- a/src/aks-preview/setup.py +++ b/src/aks-preview/setup.py @@ -9,7 +9,7 @@ from setuptools import setup, find_packages -VERSION = "7.0.0b6" +VERSION = "7.0.0b7" CLASSIFIERS = [ "Development Status :: 4 - Beta",