0
# Certificate Management
1
2
Management of security certificates for secure communication and authentication in Batch environments, including certificate deployment and lifecycle management.
3
4
## Capabilities
5
6
### Certificate Creation
7
8
Creates and installs security certificates on Batch compute nodes.
9
10
```python { .api }
11
def create(
12
resource_group_name: str,
13
account_name: str,
14
certificate_name: str,
15
parameters: CertificateCreateOrUpdateParameters,
16
if_match: str = None,
17
if_none_match: str = None,
18
**kwargs: Any
19
) -> LROPoller[Certificate]:
20
"""
21
Creates a new certificate inside the specified account.
22
23
Args:
24
resource_group_name (str): The name of the resource group
25
account_name (str): The name of the Batch account
26
certificate_name (str): The identifier for the certificate
27
parameters (CertificateCreateOrUpdateParameters): Certificate parameters
28
if_match (str, optional): ETag value for conditional operations
29
if_none_match (str, optional): ETag value for conditional operations
30
31
Returns:
32
LROPoller[Certificate]: Long-running operation poller for the certificate
33
"""
34
```
35
36
### Certificate Retrieval
37
38
Retrieves detailed information about an existing certificate.
39
40
```python { .api }
41
def get(
42
resource_group_name: str,
43
account_name: str,
44
certificate_name: str,
45
**kwargs: Any
46
) -> Certificate:
47
"""
48
Gets information about the specified certificate.
49
50
Args:
51
resource_group_name (str): The name of the resource group
52
account_name (str): The name of the Batch account
53
certificate_name (str): The identifier for the certificate
54
55
Returns:
56
Certificate: The certificate details
57
"""
58
```
59
60
### Certificate Updates
61
62
Updates certificate properties and configuration.
63
64
```python { .api }
65
def update(
66
resource_group_name: str,
67
account_name: str,
68
certificate_name: str,
69
parameters: CertificateCreateOrUpdateParameters,
70
if_match: str = None,
71
**kwargs: Any
72
) -> LROPoller[Certificate]:
73
"""
74
Updates the specified certificate.
75
76
Args:
77
resource_group_name (str): The name of the resource group
78
account_name (str): The name of the Batch account
79
certificate_name (str): The identifier for the certificate
80
parameters (CertificateCreateOrUpdateParameters): Update parameters
81
if_match (str, optional): ETag value for conditional operations
82
83
Returns:
84
LROPoller[Certificate]: Long-running operation poller for the update
85
"""
86
```
87
88
### Certificate Deletion
89
90
Deletes a certificate from the Batch account.
91
92
```python { .api }
93
def delete(
94
resource_group_name: str,
95
account_name: str,
96
certificate_name: str,
97
**kwargs: Any
98
) -> LROPoller[None]:
99
"""
100
Deletes the specified certificate.
101
102
Args:
103
resource_group_name (str): The name of the resource group
104
account_name (str): The name of the Batch account
105
certificate_name (str): The identifier for the certificate
106
107
Returns:
108
LROPoller[None]: Long-running operation poller for the deletion
109
"""
110
```
111
112
### Certificate Listing
113
114
Lists certificates within a Batch account with optional filtering.
115
116
```python { .api }
117
def list_by_batch_account(
118
resource_group_name: str,
119
account_name: str,
120
maxresults: int = None,
121
select: str = None,
122
filter: str = None,
123
**kwargs: Any
124
) -> ItemPaged[Certificate]:
125
"""
126
Lists all certificates in the specified account.
127
128
Args:
129
resource_group_name (str): The name of the resource group
130
account_name (str): The name of the Batch account
131
maxresults (int, optional): Maximum number of results to return
132
select (str, optional): OData select clause
133
filter (str, optional): OData filter clause
134
135
Returns:
136
ItemPaged[Certificate]: Paginated list of certificates
137
"""
138
```
139
140
### Certificate Deletion Cancellation
141
142
Cancels a failed certificate deletion operation.
143
144
```python { .api }
145
def cancel_deletion(
146
resource_group_name: str,
147
account_name: str,
148
certificate_name: str,
149
**kwargs: Any
150
) -> Certificate:
151
"""
152
Cancels a failed deletion of a certificate from the specified account.
153
154
Args:
155
resource_group_name (str): The name of the resource group
156
account_name (str): The name of the Batch account
157
certificate_name (str): The identifier for the certificate
158
159
Returns:
160
Certificate: The certificate after cancellation
161
"""
162
```
163
164
## Types
165
166
### Certificate Configuration Types
167
168
```python { .api }
169
class CertificateCreateOrUpdateParameters:
170
properties: CertificateCreateOrUpdateProperties
171
172
class CertificateCreateOrUpdateProperties:
173
data: str
174
format: CertificateFormat
175
password: str
176
thumbprint: str
177
thumbprint_algorithm: str
178
179
class Certificate:
180
id: str
181
name: str
182
type: str
183
etag: str
184
properties: CertificateProperties
185
186
class CertificateProperties(CertificateBaseProperties):
187
provisioning_state: CertificateProvisioningState
188
provisioning_state_transition_time: datetime
189
previous_provisioning_state: CertificateProvisioningState
190
previous_provisioning_state_transition_time: datetime
191
public_data: str
192
delete_certificate_error: DeleteCertificateError
193
```
194
195
### Certificate Base Properties
196
197
```python { .api }
198
class CertificateBaseProperties:
199
thumbprint: str
200
thumbprint_algorithm: str
201
format: CertificateFormat
202
203
class CertificateReference:
204
id: str
205
store_location: CertificateStoreLocation
206
store_name: str
207
visibility: list
208
209
class DeleteCertificateError:
210
code: str
211
message: str
212
target: str
213
details: list
214
```
215
216
### Certificate Enums
217
218
```python { .api }
219
class CertificateFormat:
220
PFX = "Pfx"
221
CER = "Cer"
222
223
class CertificateProvisioningState:
224
SUCCEEDED = "Succeeded"
225
DELETING = "Deleting"
226
FAILED = "Failed"
227
228
class CertificateStoreLocation:
229
CURRENT_USER = "CurrentUser"
230
LOCAL_MACHINE = "LocalMachine"
231
232
class CertificateVisibility:
233
START_TASK = "StartTask"
234
TASK = "Task"
235
REMOTE_USER = "RemoteUser"
236
```
237
238
## Usage Examples
239
240
### Creating a PFX Certificate
241
242
```python
243
import base64
244
from azure.mgmt.batch.models import (
245
CertificateCreateOrUpdateParameters,
246
CertificateCreateOrUpdateProperties,
247
CertificateFormat
248
)
249
250
# Read certificate file
251
with open("certificate.pfx", "rb") as cert_file:
252
cert_data = base64.b64encode(cert_file.read()).decode('utf-8')
253
254
# Create certificate parameters
255
cert_properties = CertificateCreateOrUpdateProperties(
256
data=cert_data,
257
format=CertificateFormat.PFX,
258
password="certificate_password",
259
thumbprint="THUMBPRINT_VALUE"
260
)
261
262
cert_params = CertificateCreateOrUpdateParameters(properties=cert_properties)
263
264
# Create the certificate
265
operation = client.certificate.create(
266
"my-resource-group",
267
"my-batch-account",
268
"my-certificate",
269
cert_params
270
)
271
272
certificate = operation.result()
273
print(f"Created certificate: {certificate.name}")
274
print(f"Provisioning state: {certificate.properties.provisioning_state}")
275
```
276
277
### Creating a CER Certificate
278
279
```python
280
# Read public certificate file
281
with open("certificate.cer", "rb") as cert_file:
282
cert_data = base64.b64encode(cert_file.read()).decode('utf-8')
283
284
# Create certificate parameters
285
cert_properties = CertificateCreateOrUpdateProperties(
286
data=cert_data,
287
format=CertificateFormat.CER,
288
thumbprint="THUMBPRINT_VALUE"
289
# No password needed for CER format
290
)
291
292
cert_params = CertificateCreateOrUpdateParameters(properties=cert_properties)
293
294
operation = client.certificate.create(
295
"my-resource-group",
296
"my-batch-account",
297
"my-public-cert",
298
cert_params
299
)
300
301
certificate = operation.result()
302
```
303
304
### Using Certificates in Pool Configuration
305
306
```python
307
from azure.mgmt.batch.models import (
308
CertificateReference,
309
CertificateStoreLocation,
310
CertificateVisibility
311
)
312
313
# Reference certificates in pool configuration
314
cert_references = [
315
CertificateReference(
316
id="/subscriptions/.../certificates/my-certificate",
317
store_location=CertificateStoreLocation.LOCAL_MACHINE,
318
store_name="My",
319
visibility=[CertificateVisibility.START_TASK, CertificateVisibility.TASK]
320
)
321
]
322
323
# Use in pool creation (this would be part of a Pool object)
324
pool_config = {
325
"certificates": cert_references,
326
# ... other pool configuration
327
}
328
```
329
330
### Managing Certificate Lifecycle
331
332
```python
333
# List all certificates
334
certificates = client.certificate.list_by_batch_account(
335
"my-resource-group",
336
"my-batch-account"
337
)
338
339
for cert in certificates:
340
print(f"Certificate: {cert.name}")
341
print(f"Thumbprint: {cert.properties.thumbprint}")
342
print(f"State: {cert.properties.provisioning_state}")
343
344
# Check for deletion errors
345
if cert.properties.delete_certificate_error:
346
error = cert.properties.delete_certificate_error
347
print(f"Deletion Error: {error.code} - {error.message}")
348
349
# Cancel failed deletion if needed
350
if cert.properties.provisioning_state == "Deleting":
351
client.certificate.cancel_deletion(
352
"my-resource-group",
353
"my-batch-account",
354
cert.name
355
)
356
print("Cancelled failed deletion")
357
```
358
359
### Certificate Filtering and Selection
360
361
```python
362
# List certificates with filtering
363
certificates = client.certificate.list_by_batch_account(
364
"my-resource-group",
365
"my-batch-account",
366
maxresults=10,
367
filter="properties/provisioningState eq 'Succeeded'",
368
select="name,properties/thumbprint,properties/provisioningState"
369
)
370
371
for cert in certificates:
372
print(f"Active Certificate: {cert.name} ({cert.properties.thumbprint})")
373
```