使用 C# 向 Azure 数据资源管理器添加群集主体Add cluster principals for Azure Data Explorer by using C#

Azure 数据资源管理器是一项快速且高度可缩放的数据探索服务,适用于日志和遥测数据。Azure Data Explorer is a fast and highly scalable data exploration service for log and telemetry data. 在本文中,将使用 C# 向 Azure 数据资源管理器添加群集主体。In this article, you add cluster principals for Azure Data Explorer by using C#.

必备条件Prerequisites

安装 C# NuGetInstall C# NuGet

AuthenticationAuthentication

若要运行以下示例,需要可以访问资源的 Azure Active Directory (Azure AD) 应用程序和服务主体。To run the following example, you need an Azure Active Directory (Azure AD) application and service principal that can access resources. 若要创建免费的 Azure AD 应用程序并在订阅级别添加角色分配,请参阅创建 Azure AD 应用程序To create a free Azure AD application and add role assignment at the subscription level, see Create an Azure AD application. 还需要目录(租户)ID、应用程序 ID 和客户端密码。You also need the directory (tenant) ID, application ID, and client secret.

添加群集主体Add a cluster principal

以下示例演示如何以编程方式添加群集主体。The following example shows you how to add a cluster principal programmatically.

var tenantId = "xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx";//Directory (tenant) ID
var clientId = "xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx";//Application ID
var clientSecret = "xxxxxxxxxxxxxx";//Client Secret
var subscriptionId = "xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx";

var serviceCreds = await ApplicationTokenProvider.LoginSilentAsync(tenantId, clientId, clientSecret);
var kustoManagementClient = new KustoManagementClient(serviceCreds)
{
    SubscriptionId = subscriptionId
};

var resourceGroupName = "testrg";
//The cluster that is created as part of the Prerequisites
var clusterName = "mykustocluster";
string principalAssignmentName = "clusterPrincipalAssignment1";
string principalId = "xxxxxxxx";//User email, application ID, or security group name
string role = "AllDatabasesAdmin";//AllDatabasesAdmin or AllDatabasesViewer
string tenantIdForPrincipal = tenantId;
string principalType = "App";//User, App, or Group

var clusterPrincipalAssignment = new ClusterPrincipalAssignment(principalId, role, principalType, tenantId: tenantIdForPrincipal);
await kustoManagementClient.ClusterPrincipalAssignments.CreateOrUpdateAsync(resourceGroupName, clusterName, principalAssignmentName, clusterPrincipalAssignment);
设置Setting 建议的值Suggested value 字段说明Field description
tenantIdtenantId xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx 租户 ID。Your tenant ID. 也称为目录 ID。Also known as directory ID.
subscriptionIdsubscriptionId xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx 用于创建资源的订阅 ID。The subscription ID that you use for resource creation.
clientIdclientId xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx 可以访问租户中资源的应用程序的客户端 ID。The client ID of the application that can access resources in your tenant.
clientSecretclientSecret xxxxxxxxxxxxxxxxxxxxxxxxxxxx 可以访问租户中资源的应用程序的客户端密码。The client secret of the application that can access resources in your tenant.
resourceGroupNameresourceGroupName testrgtestrg 包含群集的资源组的名称。The name of the resource group containing your cluster.
clusterNameclusterName mykustocluster mykustocluster 群集的名称。The name of your cluster.
principalAssignmentNameprincipalAssignmentName clusterPrincipalAssignment1clusterPrincipalAssignment1 群集主体资源的名称。The name of your cluster principal resource.
principalIdprincipalId xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx 主体 ID,可以是用户电子邮件、应用程序 ID 或安全组名称。The principal ID, which can be user email, application ID, or security group name.
角色 (role)role AllDatabasesAdminAllDatabasesAdmin 群集主体的角色,可以是“AllDatabasesAdmin”或“AllDatabasesViewer”。The role of your cluster principal, which can be 'AllDatabasesAdmin' or 'AllDatabasesViewer'.
tenantIdForPrincipaltenantIdForPrincipal xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxx 主体的租户 ID。The tenant ID of the principal.
principalTypeprincipalType 应用App 主体的类型,可以是“User”、“App”或“Group”The type of the principal, which can be 'User', 'App', or 'Group'

后续步骤Next steps