user2781163 user2781163 - 8 days ago 6
C# Question

Azure Function role like permissions to Stop Azure Virtual Machines

I'm hoping to manage some Azure resources using a scheduled C# Azure Function.

Currently in a command line application I've made, I've been using libraries 'Microsoft.IdentityModel.Clients.ActiveDirectory' for token authorization and 'Microsoft.Azure.Management.Compute' for client calls for resource management like so.

//... var credential generated my AD authentication and extending Microsoft.Rest.ServiceClientCredentials
using (var client = new ComputeManagementClient(credential)) {
client.SubscriptionId = "[SOME_SUBSCRIPTION_ID]";
client.VirtualMachines.BeginPowerOff("[RESOURCE_GROUP]", "[VM_NAME]");
}


Can my management client interact with Azure resources without providing a User Credential or Key-Secret like credential establishment?

My previous experience is related to AWS and admittedly it has confused my view of Azure Resource Management.

Older posts I've looked at are: Start and Stop Azure Virtual Machine

and

Is it possible to stop/start an Azure ARM Virtual from an Azure Function?

-EDIT 1-

I was hoping for something similar to run-time credentials in AWS resource clients for Lambda based on an assigned role with a variety of permissions. I will have a look at certificates though.

Answer

Well, I don't really understand how do you expect to authenticate without authenticating, I guess your only option would be certificates?
https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-daemon-certificate-credential/