Skip to content

[Event Hubs] [Service Bus] Update documentation for AAD setup #4393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ramya0820 merged 11 commits into from
Jul 23, 2019
Merged

[Event Hubs] [Service Bus] Update documentation for AAD setup #4393

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
260b0e6
[Event Hubs] Introduce timeoutInMs on RetryOptions (#4239)
ramya0820 Jul 11, 2019
c74f5e4
Merge branch 'master' of https://github.com/ramya0820/azure-sdk-for-js
Jul 13, 2019
00016cb
Merge branch 'master' of https://github.com/Azure/azure-sdk-for-js
ramya0820 Jul 15, 2019
5c12c13
Merge branch 'master' of https://github.com/Azure/azure-sdk-for-js
ramya0820 Jul 16, 2019
2081256
Merge branch 'master' of https://github.com/Azure/azure-sdk-for-js
Jul 17, 2019
f3511e0
Merge branch 'master' of https://github.com/Azure/azure-sdk-for-js
ramya0820 Jul 19, 2019
7f00436
Merge branch 'master' of https://github.com/Azure/azure-sdk-for-js
ramya0820 Jul 20, 2019
304e0e5
Merge branch 'master' of https://github.com/Azure/azure-sdk-for-js
ramya0820 Jul 23, 2019
f3ccbb7
Update documentation to point to new Data Owner role setup
ramya0820 Jul 23, 2019
61892df
Undo formatting
ramya0820 Jul 23, 2019
97f42fd
Add links
ramya0820 Jul 23, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions sdk/eventhub/event-hubs/samples/usingAadAuth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,15 @@
Please ensure that your Azure Event Hubs resource is in US East, US East 2, or West Europe
region. AAD Role Based Access Control is not supported in other regions yet.

Register a new application in AAD and assign the "owner" role to it
Register a new application in AAD and assign the "Azure Event Hubs Data Owner (Preview)" role to it
Copy link
Copy Markdown
Contributor

@HarshaNalluru HarshaNalluru Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't looked at the portal recently, maybe verify if the option still says "(Preview)" in the portal

Copy link
Copy Markdown
Member

@ShivangiReja ShivangiReja Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it says preview.

- See https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
to register a new application in the Azure Active Directory.
- Note down the CLIENT_ID and TENANT_ID from the above step.
- In the "Certificates & Secrets" tab, create a secret and note that down.
- In the Azure portal, go to your Even Hubs resource and click on the Access control (IAM)
tab. Here, assign "owner" role to the registered application.
tab. Here, assign the "Azure Event Hubs Data Owner (Preview)" role to the registered application.
- For more information on Event Hubs RBAC setup, learn more at
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-role-based-access-control)

Note: If you are using version 2.1.0 or lower of @azure/event-hubs library, then please use the samples at
https://github.com/Azure/azure-sdk-for-js/tree/%40azure/event-hubs_2.1.0/sdk/eventhub/event-hubs/samples instead.
Expand All @@ -39,6 +41,6 @@ async function main(): Promise<void> {
await client.close();
}

main().catch(err => {
main().catch((err) => {
console.log("error: ", err);
});
2 changes: 1 addition & 1 deletion sdk/servicebus/service-bus/samples/javascript/gettingStarted/loginWithAzureAccount.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
region. AAD Role Based Access Control is not supported in other regions yet.

In the Azure portal, go to your Service Bus resource and click on the Access control (IAM) tab.
Here, assign "owner" role to your account.
Here, assign "Azure Service Bus Data Owner (Preview)" role to your account.
*/

const { ServiceBusClient } = require("@azure/service-bus");
Expand Down
4 changes: 2 additions & 2 deletions sdk/servicebus/service-bus/samples/javascript/gettingStarted/servicePrincipalLogin.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@
Please ensure that your Azure Service Bus resource is in US East, US East 2, or West Europe
region. AAD Role Based Access Control is not supported in other regions yet.

Register a new application in AAD and assign the "owner" role to it
Register a new application in AAD and assign the "Azure Service Bus Data Owner (Preview)" role to it
- See https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
to register a new application in the Azure Active Directory.
- Note down the CLIENT_ID and TENANT_ID from the above step.
- In the "Certificates & Secrets" tab, create a secret and note that down.
- In the Azure portal, go to your Service Bus resource and click on the Access control (IAM)
tab. Here, assign "owner" role to the registered application.
tab. Here, assign "Azure Service Bus Data Owner (Preview)" role to the registered application.
*/

const { ServiceBusClient } = require("@azure/service-bus");
Expand Down
2 changes: 1 addition & 1 deletion sdk/servicebus/service-bus/samples/typescript/gettingStarted/loginWithAzureAccount.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
region. AAD Role Based Access Control is not supported in other regions yet.

In the Azure portal, go to your Service Bus resource and click on the Access control (IAM) tab.
Here, assign "owner" role to your account.
Here, assign "Azure Service Bus Data Owner (Preview)" role to your account.
*/

import { ServiceBusClient } from "@azure/service-bus";
Expand Down
4 changes: 2 additions & 2 deletions sdk/servicebus/service-bus/samples/typescript/gettingStarted/servicePrincipalLogin.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@
Please ensure that your Azure Service Bus resource is in US East, US East 2, or West Europe
region. AAD Role Based Access Control is not supported in other regions yet.

Register a new application in AAD and assign the "owner" role to it
Register a new application in AAD and assign the "Azure Service Bus Data Owner (Preview)" role to it
- See https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
to register a new application in the Azure Active Directory.
- Note down the CLIENT_ID and TENANT_ID from the above step.
- In the "Certificates & Secrets" tab, create a secret and note that down.
- In the Azure portal, go to your Service Bus resource and click on the Access control (IAM)
tab. Here, assign "owner" role to the registered application.
tab. Here, assign "Azure Service Bus Data Owner (Preview)" role to the registered application.
*/

import { ServiceBusClient } from "@azure/service-bus";
Expand Down
10 changes: 5 additions & 5 deletions sdk/servicebus/service-bus/test/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,11 +105,11 @@ Go through the following setup in order to delete and create the required servic

**Assign owner role to the registered application**

- In the azure-portal, go to your servicebus-namespace and assign **owner** role to the registered application.
- This can be done from `Access control (IAM)` tab(in the left-side-navbar of your servicebus-namespace in the azure-portal)<br>
_Doing this would allow the registered application manage the namespace, i.e., entity creation, deletion, etc.,_<br>
_**Note:** AAD RBAC is enabled only on the new namespaces in this region for the preview. Please ensure that your servicebus-namespace is present in one of these regions: **US East, US East 2, or West Europe**. If not, create the namespace in one of those regions._

- In the azure-portal, go to your servicebus-namespace and assign **Azure Service Bus Data Owner (Preview)** role to the registered application.
- This can be done from `Role assignment` section of `Access control (IAM)` tab (in the left-side-navbar of your servicebus-namespace in the azure-portal)<br>
_Doing this would allow the registered application manage the namespace, i.e., entity creation, deletion, etc.,_<br>
_**Note:** AAD RBAC is enabled only on the new namespaces in this region for the preview. Please ensure that your servicebus-namespace is present in one of these regions: **US East, US East 2, or West Europe**. If not, create the namespace in one of those regions._
- For more information on Service Bus RBAC setup - [Learn more](https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-role-based-access-control)

**Update your environment variables**

Expand Down