【Azure Service Bus】使用Python SDK创建Service Bus Namespace资源(中国区) - LuBu0505/My-Code GitHub Wiki
问题描述
使用Azure云服务,可以通过多种方式来创建资源,如Azure门户, az cli指令, ARM模板,REST API或这各类语言的SDK。
本文将介绍使用Python SDK来创建Service Bus Namespace资源。
注意,Service Bus有两种SDK,一种是面向业务使用,消费/生产消息,使用 azure.servicebus 包;另一种就是对资源本身进行管理,使用 azure.mgmt.servicebus包。
问题解答
下面分享Python代码,从使用 Microsoft Entra ID的注册应用开始,获取Client ID, Client Secret及Teanant ID。然后完成中国区Azure的认证,创建 ServiceBusManagementClient 对象。最后,调用 client.namespaces.begin_create_or_update 方法,创建Service Bus Namespace资源。
from azure.identity import DefaultAzureCredential,AzureAuthorityHosts ,ClientSecretCredential
from azure.mgmt.servicebus import ServiceBusManagementClient
tenant_id = 'xxxxxxxxxxx'
client_id = 'xxxxxx'
client_secret = 'xxxxxxxx'
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-servicebus
# USAGE
python sb_name_space_create.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
[https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal)
"""
def main():
credential = ClientSecretCredential(
tenant_id=tenant_id,
client_id=client_id,
client_secret=client_secret,
authority=AzureAuthorityHosts.AZURE_CHINA
)
client = ServiceBusManagementClient(
credential=credential,
base_url="[https://management.chinacloudapi.cn](https://management.chinacloudapi.cn)",
subscription_id="a9dc7515-7692-4316-9ad4-762f383eec10",
credential_scopes=["[https://management.chinacloudapi.cn/.default](https://management.chinacloudapi.cn/.default)"]
)
response = client.namespaces.begin_create_or_update(
resource_group_name="armtest-rg",
namespace_name="sdk-Namespace2925",
api_version ="2022-10-01-preview",
parameters={
"location": "chinanorth3",
"sku": {"name": "Standard", "tier": "Standard"},
"tags": {"tag1": "value1", "tag2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/servicebus/resource-manager/Microsoft.ServiceBus/stable/2021-11-01/examples/NameSpaces/SBNameSpaceCreate.json
if __name__ == "__main__":
main()
以上代码中,特别需要注意有:
1)ClientSecretCredential 在初始化时,指定 authority=AzureAuthorityHosts.AZURE_CHINA
2)ServiceBusManagementClient 在初始化时,必须指定 base_url="https://management.chinacloudapi.cn" 和 credential_scopes=["https://management.chinacloudapi.cn/.default"]
3)指定 api_version ="2022-10-01-preview"。 需要根据 azure.mgmt.servicebus 中支持的Version来选择,此处指定2022-10-01-preview版本后,创建的Namespace资源默认使用TLS version为1.2。
如果在创建的过程中,也遇见的如下的错误,解决办法为:
错误一:azure.core.exceptions.ResourceNotFoundError: (SubscriptionNotFound) The subscription 'xx-x-x-x-xxx' could not be found.
解决办法是:在初始化 Service Bus Management Client对象时,在构造函数中传递 base_url="https://management.chinacloudapi.cn"
错误二:azure.core.exceptions.ClientAuthenticationError: Authentication failed: AADSTS500011
错误的完整信息是:azure.core.exceptions.ClientAuthenticationError: Authentication failed: AADSTS500011: The resource principal named https://management.azure.com was not found in the tenant named xxxxxxxx. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.
解决办法是:在初始化 Service Bus Management Client对象时,在构造函数中传递 credential_scopes=["https://management.chinacloudapi.cn/.default"]
错误三:创建的Service Bus Namespace的默认TLS Version为1.0
需要在 client.namespaces.begin_create_or_update()方法中指定api_version 参数,指定值为 2022-10-01-preview
以上错误会发生在下图画线处:
参考资料
无
当在复杂的环境中面临问题,格物之道需:浊而静之徐清,安以动之徐生。 云中,恰是如此!