az_rm: Azure Resource Manager

az_rmR Documentation

Azure Resource Manager


Base class for interacting with Azure Resource Manager.


An R6 object of class az_rm.


  • new(tenant, app, ...): Initialize a new ARM connection with the given credentials. See 'Authentication' for more details.

  • list_subscriptions(): Returns a list of objects, one for each subscription associated with this app ID.

  • get_subscription(id): Returns an object representing a subscription.

  • get_subscription_by_name(name): Returns the subscription with the given name (as opposed to a GUID).

  • do_operation(...): Carry out an operation. See 'Operations' for more details.


The recommended way to authenticate with ARM is via the get_azure_login function, which creates a new instance of this class.

To authenticate with the az_rm class directly, provide the following arguments to the new method:

  • tenant: Your tenant ID. This can be a name ("myaadtenant"), a fully qualified domain name ("" or ""), or a GUID.

  • app: The client/app ID to use to authenticate with Azure Active Directory. The default is to login interactively using the Azure CLI cross-platform app, but it's recommended to supply your own app credentials if possible.

  • password: if auth_type == "client_credentials", the app secret; if auth_type == "resource_owner", your account password.

  • username: if auth_type == "resource_owner", your username.

  • certificate: If 'auth_type == "client_credentials", a certificate to authenticate with. This is a more secure alternative to using an app secret.

  • auth_type: The OAuth authentication method to use, one of "client_credentials", "authorization_code", "device_code" or "resource_owner". See get_azure_token for how the default method is chosen, along with some caveats.

  • version: The Azure Active Directory version to use for authenticating.

  • host: your ARM host. Defaults to ⁠⁠. Change this if you are using a government or private cloud.

  • aad_host: Azure Active Directory host for authentication. Defaults to ⁠⁠. Change this if you are using a government or private cloud.

  • ...: Further arguments to pass to get_azure_token.

  • scopes: The Azure Service Management scopes (permissions) to obtain for this login. Only for version=2.

  • token: Optionally, an OAuth 2.0 token, of class AzureToken. This allows you to reuse the authentication details for an existing session. If supplied, all other arguments will be ignored.


The do_operation() method allows you to carry out arbitrary operations on the Resource Manager endpoint. It takes the following arguments:

  • op: The operation in question, which will be appended to the URL path of the request.

  • options: A named list giving the URL query parameters.

  • ...: Other named arguments passed to call_azure_rm, and then to the appropriate call in httr. In particular, use body to supply the body of a PUT, POST or PATCH request, and api_version to set the API version.

  • http_verb: The HTTP verb as a string, one of GET, PUT, POST, DELETE, HEAD or PATCH.

Consult the Azure documentation for what operations are supported.

See Also

create_azure_login, get_azure_login

Azure Resource Manager overview, REST API reference


## Not run: 

# start a new Resource Manager session
az <- az_rm$new(tenant="", app="app_id", password="password")

# authenticate with credentials in a file
az <- az_rm$new(config_file="creds.json")

# authenticate with device code
az <- az_rm$new(tenant="", app="app_id", auth_type="device_code")

# retrieve a list of subscription objects

# a specific subscription

## End(Not run)

AzureRMR documentation built on Sept. 21, 2023, 9:07 a.m.