Doing stuff in Azure via REST



So the journey into Azure continues - today I've been looking into how we can call the REST api that Microsoft provide in Azure so we can understand how it works and see what it can be used for.

There is a possibility we want to programaticaly do things in azure from code so i want to see how the mechanics of that could work.

In this simple example I'm just going to use a rest client (in this case postman ) - this seems a quite nice featured client for working with Rest interfaces.

So all i plan on doing is being able to call the rest interface to give me the list of virtual machines in a subscription - something thats equally possible via the portal, powershell or azure command line. However if i can use REST it means i can easily incorporate that into other programming.

Now i did find this a little tricky to find a good example of how to do this, what i did find was a little out of date and didn't reflect changes in the portal and others didnt explain it very well.

So here I'll talk you through what i did to get this working.

Now the first thing you need to do to enable this is create an app registration in Azure AD and then grant that 'thing' permissions on your subscription so it can access what you need it to. This will then be used later on.

The first stage to that is shown in the picture below - i called mine richresttest - make sure to choose the web-app/API option, the URL part seems irrelevant for the testing i was doing so i just put in a dummy value of localhost.



Once thats created you then need to create a key to be used by the rest client to access it - so click in to that give it any name you like and choose the validity



Then click the save button - note that this is only viewable once - make sure to save the value away or you'll have to create another app again. This value will be used later in the rest client.



Now you have the app 'thing' created you need to grant it some rights, in my case below i just gave it reader rights on a single subscription just do prove i can get the thing working.



After that we are done with the Azure portal - and we now move to the postman application.

The first thing we need to do here is create a new 'POST' request - this needs to point at the following url (which is what caused me loads of problems until i figured out the right one)



don't fall in to the trap of trying to use the authorise version of this url.

The tenant id you can find in the portal from the properties of your azure AD.

We end up with something looking like this then

The next step is then to define some parameters that we will pass when we make the post call - the 4 we need to make this work are:

client_id (this is the  'application id' shown in the azure portal)
client_secret (this is the secret string that only appears once as mentioned earlier on)
resource is https://management.azure.com/ - with the trailing slash
grant_type is client_credentials

You can see this populated below - it needs to be in the form-data option within the request body



Now we can make the REST call - so we click the send button shown below - and then we get the magical 'access token' as one of the returned parameters - take a note of this as we need it in the next rest call.


The next step is to actually call the REST API for the function we actually want to perform - in my case i want to call this one


There are a multitude of these api's all documented on the microsoft website but this one shown just lists all the VM's in the subscription id i pass in.

In this second REST call I'm now doing a GET type of request and the only value I'm passing is of type bearer token which contains the secret access_token retrieved from the previous step (make sure no double quotes are present!)

Now when i click send the following happens:




You can't really see that well in the screenshot but i get a huge json document returned showing all the machines in my subscription.

Great you say - but what use is that?

Well it has lots of use cases - having a REST interface in this way means i can call any azure API from code - everything from provisioning a server, restarting a server to just listing out content. I can then build a whole set of application functions that do stuff in Azure.

For example i could increase server size before a job runs, or shut down a load of servers after the nightly batch completes.

Or i could just come up with a pointless test case to blog about.....





1 comments: