We released 1.2 of the Azure Management Libraries for Java. This release adds support for additional security and deployment features, and more Azure services: Managed service identity Create users in Azure Active Directory, update service principals and assign permissions to apps Storage service encryption Deploy Web apps and functions using MS Deploy Network watcher service Search service https://github.com/Azure/azure-sdk-for-java Getting Started Add the following dependency fragment to your Maven POM file to use 1.2 version of the libraries:<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure</artifactId>
<version>1.2.1</version>
</dependency>
Create a Virtual Machine with Managed Service Identity (MSI)
You can create a virtual machine with MSI enabled using a define() … create() method chain:VirtualMachine virtualMachine = azure.virtualMachines().define(“myLinuxVM”)
.withRegion(Region.US_EAST)
.withNewResourceGroup(rgName)
.withNewPrimaryNetwork(“10.0.0.0/28″)
.withPrimaryPrivateIPAddressDynamic()
.withNewPrimaryPublicIPAddress(pipName)
.withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS)
.withRootUsername(“tirekicker”)
.withRootPassword(password)
.withSize(VirtualMachineSizeTypes.STANDARD_DS2_V2)
.withOSDiskCaching(CachingTypes.READ_WRITE)
.withManagedServiceIdentity()
.withRoleBasedAccessToCurrentResourceGroup(BuiltInRole.CONTRIBUTOR)
.create();
You can manage any MSI-enabled Azure resources from a virtual machine with MSI and add an MSI service principal to an Azure Active Directory security group.
Add New User to Azure Active Directory
You can add a new user to Azure Active Directory using a define() … create() method chain:ActiveDirectoryUser user = authenticated.activeDirectoryUsers()
.define(“tirekicker”)
.withEmailAlias(“tirekicker”)
.withPassword(“StrongPass!12″)
.create();
Similarly, you can create and update users and groups in Active Directory.
Enable Storage Service Encryption for a Storage Account
You can enable storage service encryption at a storage account level when you create a storage account using a define() … create() method chain:StorageAccount storageAccount = azure.storageAccounts().define(storageAccountName)
.withRegion(Region.US_EAST)
.withNewResourceGroup(rgName)
.withEncryption()
.create();
Deploy Web apps and Functions using MS Deploy
You can use MS Deploy to deploy Web apps and functions by using the deploy() method:// Create a Web app
WebApp webApp = azure.webApps().define(webAppName)
.withExistingWindowsPlan(plan)
.withExistingResourceGroup(rgName)
.withJavaVersion(JavaVersion.JAVA_8_NEWEST)
.withWebContainer(WebContainer.TOMCAT_8_0_NEWEST)
.create();
// Deploy a Web app using MS Deploy
webApp.deploy()
.withPackageUri(“link-to-bin-artifacts-in-storage-or-somewhere-else”)
.withExistingDeploymentsDeleted(true)
.execute();
And..// Create a function app
FunctionApp functionApp = azure.appServices().functionApps()
.define(functionAppName)
.withExistingAppServicePlan(plan)
.withExistingResourceGroup(rgName)
.withExistingStorageAccount(app3.storageAccount())
.create();
// Deploy a function using MS Deploy
functionApp.deploy()
.withPackageUri(“link-to-bin-artifacts-in-storage-or-somewhere-else”)
.withExistingDeploymentsDeleted(true)
.execute();
Create Network Watcher and start Packet Capture
You can visualize network traffic patterns to and from virtual machines by creating and starting a packet capture using a define() … create() method chain, downloading the packet capture and visualizing network traffic patterns using open source tools:// Create a Network Watcher
Network Watcher networkWatcher = azure.networkWatchers().define(nwName)
.withRegion(Region.US_EAST)
.withNewResourceGroup(rgName)
.create();
// Start a Packet Capture
PacketCapture packetCapture = networkWatcher.packetCaptures()
.define(packetCaptureName)
.withTarget(virtualMachine.id())
.withStorageAccountId(storageAccount.id())
.withTimeLimitInSeconds(1500)
.definePacketCaptureFilter()
.withProtocol(PcProtocol.TCP)
.attach()
.create();
Similarly, you can programmatically:
Verify if traffic is allowed to and from a virtual machine
Get the next hop type and IP address for a virtual machine
Retrieve network topology for a resource group
Analyze virtual machine security by examining effective network security rules applied to a virtual machine
Configure network security group flow logs.
Create a Managed Cloud Search Service
You can create a managed cloud search service (Azure Search) with replicas and partitions using a define() … create() method chain:SearchService searchService = azure.searchServices().define(searchServiceName)
.withRegion(Region.US_EAST)
.withNewResourceGroup(rgName)
.withStandardSku()
.withPartitionCount(1)
.withReplicaCount(1)
.create();
Similarly, you can programmatically:
Manage query keys
Update search service with replicas and partitions
Regenerate primary and secondary admin keys.
Try it
You can get more samples from our GitHub repo. Give it a try and let us know what you think (via e-mail or comments below). You can find plenty of additional info about Java on Azure at http://azure.com/java.
Quelle: Azure
Published by