Programming Azure – Credentials and Getting the Storage Account Details

Written by: Mark Wireman, July 2, 2020

In the first post in the “Programming Azure” series, we set up the foundational elements that we used to manage the user flow and wired up the Locations from the Azure SDK to the ComboBox on the Windows form. In this post we are going to add in the capability to login to the Azure platform subscription and then retrieve the details of a selected Storage Accounts in the subscription. The code for the solution is located here.

Step 1 – Credentials

The first step in using the credentials to connect to the Azure subscription is to get an authorization file that we will use within the ‘Azure Playground’ solution.

Using the Azure CLI through the command prompt, run the following:

az login (login to the Azure subscription)

az ad sp create-for-rbac –sdk-auth > my.azureauth

The command az ad ap is used to remotely manage the Azure Active Directory service. We are telling the AD service to create a service principal and grant the service principal access to all of the Azure resources available in the subscription. The service principal’s connection details will then be output to the my.azureauth (you can use whatever name you of your choosing) file that we will use in the ‘Azure Playground’ solution. It is important to note that that your account must have the privilege to create service principals. The command will take a few minutes to run and may show several tries before it is successful.

Step 2 – UI enhancements, Credential file, and Resource Groups

NOTE: Talk about how the Microsoft Azure SDK and other examples are out-of-date with the implementation.

Now that we have the credentials file, let’s make a few adjustments to the UI that include adding an MDIForm, trimming down the number of Container objects, and tacking advantage of a Control object’s attribute to introduce a cool trick that will use Reflection to take the values from the custom class we will create and display the values to the User.

Figure 1 is an MDIForm that is added to the project with a slimmed-down set of menu options and only one icon that will be used to open the authentication file generated from Step 1. Notice the Menu bar is disabled until the user clicks the Open icon and imports the authentication file (Figure 2).

Programming Azure – Credentials and Getting the Storage Account Details
Figure 1: MDIForm with the Open icon, Menu bar, and the OpenDialogue window displayed after clicking the Open icon. The use is then expected to click the azureauth file which will then enable the Menu items.
Figure 2: Menu bar is enabled after the azureauth file is loaded. The azureauth file is referenced in the Status bar on the bottom of the MDIForm.

Step 3 – Storage Account List

In the previous blog we discussed how to use Reflection to get key and value information from the Azure SDK objects to populate the Comboboxes that will be used to show the details of a selected Storage account. Figure 3 is an updated view of the Storage Account details Windows form. Listing 1 is the Reflection code that is used to pull the Combobox values based on the type of the data in the Azure SDK object.

Figure 3: Storage Account details Windows form.
private static Hashtable GetListContentForFieldsInObject(Type obj)
{
// Get the fields of the specified class.
FieldInfo[] myField = obj.GetFields();
Hashtable returnVal = new Hashtable(myField.Length);        
returnVal.Add("zzz", null);

        for (int i = 0; i < myField.Length; i++)
        {
            returnVal.Add(myField[i].Name, myField[i].GetValue(null));
        }

        return returnVal;
    }

    private static Hashtable GetListContentForEnumsInObject(Type obj)
    {
        Hashtable returnVal = new Hashtable(obj.GetEnumNames().Length);
        Array enumValues = obj.GetEnumValues();

        returnVal.Add("zzz", null);

        for (int i = 0; i < enumValues.Length; i++)
        {
            returnVal.Add(i, enumValues.GetValue(i));
        }

        return returnVal;
    }

Listing 1: Reflection code used to pull key and value information from the objects based on content that is either a Field or an Enum. The "zzz" is a placeholder key with an empty string value.

With the details ComboBoxes complete, it is now time to pull the list of Storage Accounts to populate the respective ComboBox. There are two methods that will be used to obtain the list of Storage Accounts – GetListOfStorageAccounts and LoginToStorageAccount. The GetListOfStorageAccount handles the creation and population of the Hashtable that will store the list of Storage Accounts and the LoginToStorageAccount handles the access to the Azure subscription using the provided authentication file and will set the StorageManagementClient object of the Azure SDK that will be used to iterate through the Storage Accounts that are available to the authorized user. Listing 2 is the code for the two methods and Figure 4 is the Windows form showing the list of storage accounts.

public Hashtable GetListOfStorageAccounts()
{
Hashtable returnValue = new Hashtable();
this.LoginToStorageAccount(); returnValue.Add("Select", null); foreach (StorageAccount storageaccount in this.storageManagementClient.StorageAccounts.List()) 
{ 
returnValue.Add(storageaccount.Id, storageaccount.Name); 
} 
return returnValue; 
} 
...
private void LoginToStorageAccount() 
{ IResourceManager credentials = Utilities.GetAzureCredentialsManager(this.authenticationfile); this.storageManagementClient = new StorageManagementClient(credentials.Inner.Credentials) { SubscriptionId = credentials.SubscriptionId }; 
}

Listing 2: GetListOfStorageAccounts and LoginToStorageAccount methods in the StorageAccounts class.
Figure 4: Populate Combobox of the current storage accounts accessible to the authorized user.

Step 4 – Storage Account details

Whew! Now that we have the work completed for populating the Comboboxes, it is now time to transition to showing the details of a selected Storage account from the Storage Account list. Since we want the application to be both functional and secure, you’ll notice that the LoginToStorageAccount is always called prior to pulling any details from the Azure subscription because the authentication file content itself is not stored or saved in the application – only the reference path to the authentication file is saved. Therefore, for security reasons the validation of the and details for the selected Storage Account is executed upon each call. There is a downside to this – the application becomes a bit more “chatty” because of the additional calls to the Azure platform: A sacrifice worth the additional layer of protection this provides.

Now, on to the details. So, when a user selects a Storage Account from the list, the StorageAccounts class is used to both execute the call to retrieve the details and to store the details through the inheritance of the SecurityDetails object. The SecurityDetails object is a list of properties of the values we are interested in displaying that we will use to select the text in the respective Comboboxes on the Windows form. Listing 3 is the code to retrieve the storage account details and Figure 5 is the Windows form with the details of the selected Storage Account.

public void GetStorageAccountDetails()
{
this.LoginToStorageAccount();
this.GetResourceGroupName(this.storageManagementClient);
StorageAccount storageAccount = this.storageManagementClient.StorageAccounts.GetProperties(this.ResourceGroup, this.Name);

        this.AccessTier = storageAccount.AccessTier.Value.ToString();
        this.AccountKind = storageAccount.Kind;
        this.Location = storageAccount.Location;
        this.Performance = storageAccount.Sku.Tier.Value.ToString();
        this.Replication = storageAccount.Sku.Name;
        this.Service = storageAccount.Sku.Name;
 }

Listing 3: Grabbing the selected Storage Account details after validating the user has the correct permissions to access the Storage Account.
Figure 5: Displaying the selected Storage Account details including the Storage Account keys and connection string. The keys and connection string information is placed in a TreeView control with the values shown when the + is selected.

Summary

We now have our Storage Account details populated without the need to maintain or manage Storge Account details lists by continuing to harness the power of Reflection and leveraging the robust functionality provided by the Azure SDK!

Our journey continues in leveraging Visual Studio 2019, C#, and the Azure SDK in establishing a robust pattern and initial design for the implementation of the approach for working with not only Storage Accounts we also now can easily begin working with other resources in Azure. The next blog will continue to build on this foundation by adding in functionality to add, modify, and delete Storage Accounts which will have use journey into interacting with Azure Resource Groups (HINT: We already have a ResourceGroups class skeleton to work from – see Figure 6). And, as an added bonus, we did provide the source code to the Azure source code repository that you can use to follow along and to go and explore the power, beauty, and grace of controlling Azure through Visual Studio and the Azure SDK!.

Figure 6: Class diagram view of the Storage Account functionality that we have developed up to this point.

By admin