Azure roles, users, and assignments
Project description
llamazure.rbac : Azure roles, users, and assignments
The llamazure.rbac package provides a helpful interface to Azure RBAC.
Benefits:
- a coherent view of roles and assignments
- automatically handles internals of the Azure RBAC model. For example, deleting a role will first delete all role assignments
- automatic retries and waits for the cloud to work
rbac
Usage
For roles definitions and role assignments, create RoleOps with an AzRest created by its from_credential method:
from azure.identity import DefaultAzureCredential
from llamazure.azrest.azrest import AzRest
from llamazure.rbac.roles import RoleOps
role_ops = RoleOps(AzRest.from_credential(DefaultAzureCredential()))
For users and groups, create a Users or a Groups with a MSGraph created by their from_credentials method:
from azure.identity import DefaultAzureCredential
from llamazure.msgraph.msgraph import Graph
from llamazure.rbac.resources import Groups, Users
users = Users(Graph.from_credential(DefaultAzureCredential()))
groups = Groups(Graph.from_credential(DefaultAzureCredential()))
Create a role
from llamazure.rbac.roles import *
role = role_ops.rds.put(
RoleDefinition.Properties(
roleName="llamazure-rbac-asn",
description="test finding assignments",
permissions=[Permission(actions=["Microsoft.Authorization/*/read"])],
),
scope="/subscriptions/00000000-0000-0000-0000-000000000000",
)
Assign a role
This will also automatically add the scope of assignment to the role's assignable scopes if necessary:
me = users.current()
role_ops.ras.assign(principalId=me["id"], principalType="User", role_name=role.properties.name,scope="/subscriptions/00000000-0000-0000-0000-000000000000")
Delete a role
This will also delete all role assignments before deleting a role:
role_ops.delete_role(role)
You can also delete a role by name:
role_ops.delete_by_name("llamazure-rbac-asn")
Get users with their groups
users.list_with_memberOf()
Get groups with their members
groups.list_with_memberships()
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file llamazure.rbac-0.2.0.tar.gz.
File metadata
- Download URL: llamazure.rbac-0.2.0.tar.gz
- Upload date:
- Size: 11.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 61f754939a0cc77434a28806691740df6b16188b8aca3d396a5a23d012f3b397 |
|
| MD5 | 1624cab8f5e6f5f1cfa695822d40034e |
|
| BLAKE2b-256 | 357151567880cf36b5db55fe39a0126b87af05b6e2bdede0362493a2511ee839 |
File details
Details for the file llamazure.rbac-0.2.0-py3-none-any.whl.
File metadata
- Download URL: llamazure.rbac-0.2.0-py3-none-any.whl
- Upload date:
- Size: 13.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c4a2f6dbf2527dc12a203d29229188632c51e9871111ecea70ed3b138e886fb5 |
|
| MD5 | ea073a68c4bf536b0f9a8c345401a381 |
|
| BLAKE2b-256 | a3b1499751140a517ee385d30ccdfa7192c46f6931347a1aa84602d76ab2ddab |
