1 year ago

#17209

test-img

INNVTV

Unable to Create Pool using Azure Batch Management Library with ServiceClientCrenetials generated via AzureCredentialsFactory

I am using this documentation to assign a managed identity to my Batch Pool. For simplicity I do not include that assignment in the examples below as the issue is not tied to that but rather to accessing the management library with my credentials and just being able to generate a new pool on my existing batch account.

I'm using a Service Principal to generate ServiceClientCredntials via AzureCredentialsFactory to use with the Microsoft.Azure.Management.Batch library.

The Service Principal has Azure Service Management permissions enabled with user_impersonation set as Delegated. It is also assigned as a Contributor role on the subscription.

I am able to create the credentials with the following code

using Microsoft.Azure.Management.Batch.Models;
using Microsoft.Azure.Management.ResourceManager.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent.Authentication;

string subscriptionId = "<subscriptionId>"; 
string tenantId = "<tenantId>";
string servicePrincipalId = "<servicePrincipalId>"; 
string servicePrincipalKey = "<servicePrincipalKey>"; 

var creds = new AzureCredentialsFactory().FromServicePrincipal(servicePrincipalId, servicePrincipalKey, tenantId, AzureEnvironment.AzureGlobalCloud).WithDefaultSubscription(subscriptionId);

var managementClient = new Microsoft.Azure.Management.Batch.BatchManagementClient(creds);

However when I attempt to use the credentials to create a pool in my Azure Batch account I get the following exception:

Microsoft.Rest.ValidationException: ''this.Client.SubscriptionId' cannot be null.'

I'm using .WithDefaultSubscription(subscriptionId) and have verified that the default subscription is set on the credentials prior to creating the BatchManagementClient.

Here is the code I am using to create the pool

var poolId = "test-pool";
var batchResourceGroupName = "<resourceGroupName>";
var batchAccountName = "<batchAccountName>";

var poolParameters = new Pool(name: poolId)
{
    VmSize = "STANDARD_D8S_V3",
    DeploymentConfiguration = new DeploymentConfiguration
    {
        VirtualMachineConfiguration = new VirtualMachineConfiguration(
            new ImageReference(
                "Canonical",
                "UbuntuServer",
                "18.04-LTS",
                "latest"),
            "batch.node.ubuntu 18.04")
    }
};

var pool = await managementClient.Pool.CreateWithHttpMessagesAsync(
    poolName: poolId,
    resourceGroupName: batchResourceGroupName,
    accountName: batchAccountName,
    parameters: poolParameters,
    cancellationToken: default(CancellationToken)).ConfigureAwait(false);

I am able to list my subscriptions with the credentials using

IAzure azure = Azure.Authenticate(creds).WithDefaultSubscription();
var subscriptions = azure.Subscriptions.List().ToList();

And I see the subscriptions that this service principal has access to in that list. So I know the credentials are good.

The exception occurs on this line

var pool = await managementClient.Pool.CreateWithHttpMessagesAsync(...

And here is the FULL CODE

using Microsoft.Azure.Management.Batch.Models;
using Microsoft.Azure.Management.ResourceManager.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent.Authentication;

string subscriptionId = "<subscriptionId>"; 
string tenantId = "<tenantId>";
string servicePrincipalId = "<servicePrincipalId>"; 
string servicePrincipalKey = "<servicePrincipalKey>"; 

var poolId = "test-pool";
var batchResourceGroupName = "<resourceGroupName>";
var batchAccountName = "<batchAccountName>";

var poolParameters = new Pool(name: poolId)
{
    VmSize = "STANDARD_D8S_V3",
    DeploymentConfiguration = new DeploymentConfiguration
    {
        VirtualMachineConfiguration = new VirtualMachineConfiguration(
            new ImageReference(
                "Canonical",
                "UbuntuServer",
                "18.04-LTS",
                "latest"),
            "batch.node.ubuntu 18.04")
    }
};

var creds = new AzureCredentialsFactory().FromServicePrincipal(servicePrincipalId, servicePrincipalKey, tenantId, AzureEnvironment.AzureGlobalCloud).WithDefaultSubscription(subscriptionId);

var managementClient = new Microsoft.Azure.Management.Batch.BatchManagementClient(creds);

var pool = await managementClient.Pool.CreateWithHttpMessagesAsync(
    poolName: poolId,
    resourceGroupName: batchResourceGroupName,
    accountName: batchAccountName,
    parameters: poolParameters,
    cancellationToken: default(CancellationToken)).ConfigureAwait(false);

---- UPDATE ----

I added the following line before calling Pool.CreateWithHttpMessageAsync()

managementClient.SubscriptionId = subscriptionId;

And am no longer getting an error regarding null subscriptionId and can now use the management client as expected.

azure

azure-active-directory

azure-batch

azure-management-api

azure-management

0 Answers

Your Answer

Accepted video resources

Posts

Questions

Blogs

Jobs