使用Azure Python SDK,我已经能够使用以下代码实例化资源组和数字孪生:
from azure.identity import AzureCliCredential, DefaultAzureCredential
from azure.mgmt.resource import ResourceManagementClient
from azure.mgmt.digitaltwins import AzureDigitalTwinsManagementClient
credential = DefaultAzureCredential()
subscription_id="some UUID" # not sure if safe to reveal, so removed it
resource_client = ResourceManagementClient(
credential, subscription_id=subscription_id)
resource_group_name = "Tutorial-RG"
rg_result = resource_client.resource_groups.create_or_update(
resource_group_name, {"location": "westeurope"}
)
client = AzureDigitalTwinsManagementClient(
credential=DefaultAzureCredential(),
subscription_id=subscription_id,
)
dt_resource_name = "myDigitalTwinsService"
response = client.digital_twins.begin_create_or_update(
resource_group_name=rg_result.name,
resource_name = dt_resource_name,
digital_twins_create={"location": "westeurope"},
).result()
print(response)
# ...
# 'provisioning_state': 'Succeeded',
# ...
我知道我需要添加"Azure数字双胞胎数据所有者"角色,然后才能使用Azure数字双胞胎Python SDK操纵它。我可以使用Azure CLI这样做:
>>> az dt role-assignment create --dt-name myDigitalTwinsService --assignee "my UUID" --role "Azure Digital Twins Data Owner" --debug
但是我无法使用Azure授权管理客户端添加相同的角色。到目前为止,我已经尝试了以下代码:
from azure.mgmt.authorization.models import RoleAssignmentCreateParameters
from azure.mgmt.authorization import AuthorizationManagementClient
authorization_client = AuthorizationManagementClient(
credential=DefaultAzureCredential(),
subscription_id=subscription_id,
)
adt_data_owner_role_id ='bcd981a7-7f74-457b-83e1-cceb9e632ffe'
role_def_id = f'/subscriptions/{subscription_id}/providers/Microsoft.Authorization/roleDefinitions/{adt_data_owner_role_id}'
authorization_client.role_assignments.create(
scope=SCOPE,
role_assignment_name=f"/subscriptions/{subscription_id}/resourceGroups/Tutorial-RG/providers/Microsoft.DigitalTwins/digitalTwinsInstances/myDigitalTwinsService/providers/Microsoft.Authorization/roleAssignments/60252f13-5e5a-4686-8265-3ac2db6443f1",
parameters=RoleAssignmentCreateParameters(
role_definition_id= role_def_id,
principal_id= 'my UUID',
principal_type="User",
)
)
我已经通过传递--debug标志从上面提到的az调用中获取了参数。但是我得到以下错误:
HttpResponseError: (NoRegisteredProviderFound) No registered resource provider found for location 'westeurope' and API version '2022-04-01' for type 'digitalTwinsInstances'. The supported api-versions are '2023-01-31, 2022-10-31, 2022-05-31, 2021-06-30-preview, 2020-12-01, 2020-10-31, 2020-03-01-preview'. The supported locations are 'westcentralus, westus2, northeurope, australiaeast, westeurope, eastus, southcentralus, southeastasia, uksouth, eastus2, westus3, japaneast, koreacentral, qatarcentral'.
Code: NoRegisteredProviderFound
Message: No registered resource provider found for location 'westeurope' and API version '2022-04-01' for type 'digitalTwinsInstances'. The supported api-versions are '2023-01-31, 2022-10-31, 2022-05-31, 2021-06-30-preview, 2020-12-01, 2020-10-31, 2020-03-01-preview'. The supported locations are 'westcentralus, westus2, northeurope, australiaeast, westeurope, eastus, southcentralus, southeastasia, uksouth, eastus2, westus3, japaneast, koreacentral, qatarcentral'.
即使将位置更改为支持的区域也没有帮助,尽管错误信息是这样说的。当我更改api版本时,它不起作用。我只是得到一个不同的错误:
authorization_client = AuthorizationManagementClient(
credential=DefaultAzureCredential(),
subscription_id=subscription_id,
api_version = '2022-05-31'
)
# same everything else
# ValueError: API version 2022-05-31 does not have operation group 'role_assignments'
如何修复此错误?或者我想做的操作目前不支持Azure Python SDK ?
我使用的azure SDK版本如下:使用pip list --format=freeze | grep azure生成:
azure-common==1.1.28
azure-core==1.26.2
azure-digitaltwins-core==1.2.0
azure-identity==1.12.0
azure-mgmt-authorization==3.0.0
azure-mgmt-core==1.3.2
azure-mgmt-digitaltwins==6.4.0
azure-mgmt-resource==22.0.0
这是Python SDK代码,为我分配Azure Digital Twins数据所有者角色给用户。
from azure.identity import DefaultAzureCredential
from azure.mgmt.authorization import AuthorizationManagementClient
from azure.mgmt.authorization.models import RoleAssignmentCreateParameters
import uuid
credential = DefaultAzureCredential()
subscription_id="<Azure-Subscription-id>"
# Create a DigitalTwinsManagementClient instance
client = AuthorizationManagementClient(credential, subscription_id)
# Define the parameters for the role assignment
role_assignment_params = RoleAssignmentCreateParameters(
role_definition_id="/subscriptions/<your-subscription-id>/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe",
principal_id="<Azure-user-object-id>"
)
# Create the role assignment
response = client.role_assignments.create(
scope="/subscriptions/<your-subscription-id>/resourceGroups/IoTHubResources/providers/Microsoft.DigitalTwins/digitalTwinsInstances/<your-Azure-Digital-Twins-instance>",
role_assignment_name=str(uuid.uuid4()),
parameters=role_assignment_params
)
print(response)
请确保替换变量subscription_id, role_definition_id和scope中的Azure订阅id。将Azure用户id提供给变量principal_id。将作用域变量末尾的-Azure-Digital- twins -instance替换为Azure Digital Twin实例名。
我正在使用的azure SDK的版本如下
azure-common==1.1.28
azure-core==1.26.3
azure-digitaltwins-core==1.2.0
azure-identity==1.12.0
azure-mgmt-authorization==3.0.0
azure-mgmt-core==1.3.2
azure-mgmt-digitaltwins==6.3.0
azure-mgmt-resource==22.0.0