Stack Overflow Asked on December 13, 2021
I have two AAD(Azure Active Directory) in my account.
Entities in first AAD: ['Tenant Root Group', 'group A', 'subGroup B', 'Microsoft Partner Network', 'subscription 2']
Entities in second AAD: ['Tenant Root Group', 'subscription 3']
I’m trying to use python azure SDK to get management groups and subscriptions per directory.
The code below can list entities in first directory, but other entities in second directory does not listed as my expectation.
Does anyone know how to get all entities in both directories?
from azure.mgmt.managementgroups import ManagementGroupsAPI
from msrestazure.azure_active_directory import UserPassCredentials
def get_entities(credentials):
mgmt_groups_api = ManagementGroupsAPI(credentials)
entities = mgmt_groups_api.entities.list()
entity_infos = [entity for entity in entities]
entity_names = [entity.display_name for entity in entity_infos]
print(entity_names)
def main():
credentials = UserPassCredentials(
'account',
'password',
)
get_entities(credentials)
if __name__ == '__main__':
main()
['Group A', 'subGroup B', 'subGroup C', 'subscription 1', 'subscription 2']
Thanks @juunas for pointing out what this question really need and @Joy Wang provide an API solution to get tenant list by account.
Thanks @juunas again, by using Tenants - List API we can easily listing tenants. (For more detail please take a look at his answer.)
I think it is a great general way to solve this question.
Fortunately, I found Azure SDK for Python have provide SubscriptionClient which allow me to list tenants programmatic.
This is how I list tenants in Python:
def get_tenants() -> [TenantIdDescription]:
credentials = UserPassCredentials(
'account',
'password',
)
sub_client = SubscriptionClient(credentials)
tenants = sub_client.tenants.list()
return tenants
from azure.mgmt.managementgroups import ManagementGroupsAPI
from azure.mgmt.resource import SubscriptionClient
from msrestazure.azure_active_directory import UserPassCredentials
azure_account = ''
azure_pwd = ''
def get_credential(tenant_id: str = None):
if tenant_id:
return UserPassCredentials(
azure_account,
azure_pwd,
tenant=tenant_id
)
else:
return UserPassCredentials(
azure_account,
azure_pwd,
)
def get_entities(tenant_id=None):
credentials = get_credential(tenant_id)
mgmt_groups_api = ManagementGroupsAPI(credentials)
entities = mgmt_groups_api.entities.list()
entity_infos = [entity for entity in entities]
entity_names = [entity.display_name for entity in entity_infos]
print(f' entities: {entity_names}')
def get_tenants():
credentials = get_credential()
sub_client = SubscriptionClient(credentials)
tenants = sub_client.tenants.list()
return tenants
def main():
tenants = get_tenants()
i = 0
print('[tenant list]')
for tenant in tenants:
print(f'tenant {i}:')
print(f' name: {tenant.display_name}')
print(f' id: {tenant.tenant_id}')
get_entities(tenant.tenant_id)
print()
i = i + 1
if __name__ == '__main__':
main()
[tenant list]
tenant 0:
name: tenant1
id: 00000000-0000-0000-0000-000000000000
entities: ['Tenant Root Group', 'group A', 'subGroup B', 'Microsoft Partner Network', 'subscription 2']
tenant 1:
name: tenant2
id: 00000000-0000-0000-0000-000000000000
entities: ['Tenant Root Group', 'subscription 3']
Answered by someone on December 13, 2021
I think @juunas's comment is correct, you need to specify the tenant when you use the credential.
I think the problem becomes 'how to get a list of AAD tenant id'
You could use this REST API - Tenants - List to get the tenants for your account.
GET https://management.azure.com/tenants?api-version=2020-01-01
After getting the tenant id, specify the tenant in the user credential, make sure you used a work account without MFA(organization account, not personal account), the user credential uses the ROPC flow which will not work with personal account.
Answered by Joy Wang on December 13, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP