saltext.azurerm.clouds.azurerm#
Azure Resource Manager Cloud Module#
New in version 2016.11.0.
Changed in version 2019.2.0.
The Azure Resource Manager cloud module is used to control access to Microsoft Azure Resource Manager
- configuration:
Required provider parameters:
- if using username and password:
subscription_idusernamepassword
- if using a service principal:
subscription_idtenantclient_idsecret
- if using Managed Service Identity authentication:
subscription_id
Optional provider parameters:
- cloud_environment:
- Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:
AZURE_PUBLIC_CLOUD(default)AZURE_CHINA_CLOUDAZURE_US_GOV_CLOUDAZURE_GERMAN_CLOUDHTTP base URL for a custom endpoint, such as Azure Stack. The
/metadata/endpointspath will be added to the URL.
- userdata and userdata_file:
Azure Resource Manager uses a separate VirtualMachineExtension object to pass userdata scripts to the virtual machine. Arbitrary shell commands can be passed via the
userdataparameter, or via a file local to the Salt Cloud system using theuserdata_fileparameter. Note that the local file is not treated as a script by the extension, so “one-liners” probably work best. If greater functionality is desired, a web-hosted script file can be specified viauserdata_file: https://raw.githubusercontent.com/account/repo/master/azure-script.py, which will be executed on the system after VM creation. For Windows systems, script files ending in.ps1will be executed withpowershell.exe. Theuserdataparameter takes precedence over theuserdata_fileparameter when creating the custom script extension.- win_installer:
This parameter, which holds the local path to the Salt Minion installer package, is used to determine if the virtual machine type will be “Windows”. Only set this parameter on profiles which install Windows operating systems.
Example /etc/salt/cloud.providers or
/etc/salt/cloud.providers.d/azure.conf configuration:
my-azure-config with username and password:
driver: azurerm
subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
username: larry
password: 123pass
Or my-azure-config with service principal:
driver: azurerm
subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
tenant: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
client_id: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
secret: XXXXXXXXXXXXXXXXXXXXXXXX
cloud_environment: AZURE_US_GOV_CLOUD
The Service Principal can be created with the new Azure CLI with:
az ad sp create-for-rbac -n "http://<yourappname>" --role <role> --scopes <scope>
For example, this creates a service principal with ‘owner’ role for the whole subscription:
az ad sp create-for-rbac -n "http://mysaltapp" --role owner --scopes /subscriptions/3287abc8-f98a-c678-3bde-326766fd3617
Note: review the details of Service Principals. Owner role is more than you normally need, and you can restrict scope to a resource group or individual resources.
Functions
|
Return a dict of all available images on the provider |
|
Return a dict of all available regions. |
|
Return a list of sizes available from the provider |
|
Create a single VM from a data dict. |
|
Create a network interface. |
|
New in version 2019.2.0. |
|
Delete a blob from a container. |
|
Delete a network interface. |
|
Delete a managed disk from a resource group. |
|
Destroy a VM. |
|
Get a resource type api versions |
|
Return the first configured provider instance. |
|
Return a connection object for a client type. |
|
Return a connection auth dictionary. |
|
Warn if dependencies aren't met. |
|
Return the location that is configured for this provider |
|
Get an Azure Resource Manager resource by id |
|
List blobs. |
|
List VMs on this Azure account |
|
List all VMs on the subscription with full information |
|
List resource groups associated with the subscription |
|
List storage accounts within the subscription. |
|
List subnets in a virtual network. |
|
List virtual networks. |
|
Request a VM from Azure. |
|
Show the details from Azure Resource Manager concerning an instance |
|
New in version 2019.2.0. |
|
New in version 2019.2.0. |