Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Supporting subscriptionTenantId and managementGroupId in SubscriptionClient.Alias.CreateAsync() Request #25723

Closed
jujinfu opened this issue Dec 6, 2021 · 8 comments
Closed

Supporting subscriptionTenantId and managementGroupId in SubscriptionClient.Alias.CreateAsync() Request #25723

jujinfu opened this issue Dec 6, 2021 · 8 comments
Assignees
@HarveyLink
Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. Mgmt This issue is related to a management-plane library. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team. Subscription

Comments

@jujinfu
Copy link

jujinfu commented Dec 6, 2021

Library name

Microsoft.Azure.Management.Subscription

Please describe the feature.

In the Azure UI, we already can request subscriptions to be created under a different tenant
we see API calls being made to https://management.azure.com/providers/Microsoft.Subscription/aliases/{subId}?api-version=2021-01-01-privatepreview

with payload of
{additionalProperties: {managementGroupId: "", subscriptionTenantId: "{tenantId}",…} billingScope: "{billingScope}" displayName: "subscription-5" resellerId: null workLoad: "Production"}

We would like to use this in our production API
@ghost ghost added needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Dec 6, 2021
@jsquire jsquire added Mgmt This issue is related to a management-plane library. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team Subscription labels Dec 6, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Dec 6, 2021
@jsquire
Copy link
Member

jsquire commented Dec 6, 2021

Thank you for your feedback. Tagging and routing to the team member best able to assist.

@dvbb
Copy link
Contributor

dvbb commented Mar 2, 2022

Microsoft.Azure.Management.Subscription is able to create new subscriptions, you can refer to the following example.

string clientId = "";
string clientSecret = "";
string tenantId = "";

// get token
ClientCredential cc = new ClientCredential(clientId, clientSecret);
var context = new AuthenticationContext("https://login.microsoftonline.com/" + tenantId);
var result = context.AcquireTokenAsync("https://management.azure.com/", cc);
string AccessToken = result.Result.AccessToken;
var bauthCredentials = new TokenCredentials(AccessToken);
ServiceClientCredentials credentials = bauthCredentials;
DelegatingHandler[] handlers = new DelegatingHandler[] { };

// create SubscriptionClient
SubscriptionClient client = new SubscriptionClient(bauthCredentials, handlers);
client.SetRetryPolicy(new RetryPolicy<HttpStatusCodeErrorDetectionStrategy>(1));

// create new Subscription
const string aliasName = "navyprod1";
var putAliasRequest = new PutAliasRequest()
{
    Properties = new PutAliasRequestProperties()
    {
        DisplayName = "TestSub",
        Workload = Workload.Production,
        BillingScope = "/providers/Microsoft.Billing/billingAccounts/4756419/enrollmentAccounts/224190"
    }
};
var subscriptionResult = client.Alias.CreateWithHttpMessagesAsync(aliasName, putAliasRequest).ConfigureAwait(false).GetAwaiter().GetResult();

Console.WriteLine(subscriptionResult.Response.StatusCode);
Console.WriteLine(subscriptionResult);
Console.WriteLine(subscriptionResult.Body.Properties.SubscriptionId);

More information: source code test sample

@jujinfu
Copy link
Author

jujinfu commented Mar 2, 2022
edited
Loading

Hi @dvbb

thanks for the comment, however, I need to create them into a specific and different tenant.

that is only available via that private preview API.

@dvbb
Copy link
Contributor

dvbb commented Mar 3, 2022

Hi @jujinfu

The API api-version=2021-01-01-privatepreview is not available in the current and historical versions of the SDK Microsoft.Azure.Management.Subscription.

This issue will route to the service team.

@dvbb dvbb added the Service Attention Workflow: This issue is responsible by Azure service team. label Mar 3, 2022
@ghost
Copy link

ghost commented Mar 3, 2022

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @anuragdalmia, @ShilpiGautam, @ramaganesan-rg.

Issue Details

Library name

Microsoft.Azure.Management.Subscription

Please describe the feature.

In the Azure UI, we already can request subscriptions to be created under a different tenant
we see API calls being made to https://management.azure.com/providers/Microsoft.Subscription/aliases/{subId}?api-version=2021-01-01-privatepreview

with payload of
{additionalProperties: {managementGroupId: "", subscriptionTenantId: "{tenantId}",…} billingScope: "{billingScope}" displayName: "subscription-5" resellerId: null workLoad: "Production"}

We would like to use this in our production API

Author: jujinfu
Assignees: HarveyLink
Labels:

Service Attention, Mgmt, customer-reported, question, Subscription, needs-team-attention
Milestone: -

@veathipa
Copy link

Hey @jujinfu

We have officially released the GA version (2021-10-01) of API which supports tenant id & management group Id, yes this is good to use for production scenarios.

https://docs.microsoft.com/en-us/rest/api/subscription/2021-10-01/alias/create

@jujinfu
Copy link
Author

jujinfu commented Mar 30, 2022

@veathipa thank you so much for the exciting news. We will try it out soon!

@jujinfu jujinfu closed this as completed Mar 30, 2022
@jujinfu
Copy link
Author

jujinfu commented Jul 14, 2022
edited
Loading

@veathipa
adding more details here:

If I provision a subscription in a different tenant and set a user as owner, it will send an email to ask user to accept.

If I provision a subscription in a different tenant, and set a service principal as owner, it still tries to send an email to accept.
However, since this is a service principal, it wont get any email.
Digging more into this, found that accpetOwnershipUrl in the initial response.
Then we need to call that Url using Service Principal
related doc: https://docs.microsoft.com/en-us/rest/api/subscription/2021-10-01/subscription/accept-ownership?tabs=HTTP

I think we are good now and this working at lease.
Would be nice to have this workflow documented somewhere. And have it unified for home tenant and non-home-tenant.

Thank you again!

@github-actions github-actions bot locked and limited conversation to collaborators Mar 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@HarveyLink HarveyLink

Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. Mgmt This issue is related to a management-plane library. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team. Subscription
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@jsquire @veathipa @jujinfu @ArthurMa1978 @HarveyLink @dvbb