Example: Use the Azure libraries to create a resource group
This example demonstrates how to use the Azure SDK management libraries in a Python script to create a resource group. (The Equivalent Azure CLI command is given later in this article. If you prefer to use the Azure portal, see Create resource groups.)
All the commands in this article work the same in Linux/macOS bash and Windows command shells unless noted.
1: Set up your local development environment
If you haven't already, set up an environment where you can run this code. Here are some options:
Configure a Python virtual environment using
venvor your tool of choice. You can create the virtual environment locally or in Azure Cloud Shell and run the code there. Be sure to activate the virtual environment to start using it.Use a conda environment.
Use a Dev Container in Visual Studio Code or GitHub Codespaces.
2: Install the Azure library packages
Create a file named requirements.txt with the following contents:
azure-mgmt-resource
azure-identity
In a terminal or command prompt with the virtual environment activated, install the requirements:
pip install -r requirements.txt
3: Write code to create a resource group
Create a Python file named provision_rg.py with the following code. The comments explain the details:
# Import the needed credential and management objects from the libraries.
import os
from azure.identity import DefaultAzureCredential
from azure.mgmt.resource import ResourceManagementClient
# Acquire a credential object using DevaultAzureCredential.
credential = DefaultAzureCredential()
# Retrieve subscription ID from environment variable.
subscription_id = os.environ["AZURE_SUBSCRIPTION_ID"]
# Obtain the management object for resources.
resource_client = ResourceManagementClient(credential, subscription_id)
# Provision the resource group.
rg_result = resource_client.resource_groups.create_or_update(
"PythonAzureExample-rg", {"location": "centralus"}
)
# Within the ResourceManagementClient is an object named resource_groups,
# which is of class ResourceGroupsOperations, which contains methods like
# create_or_update.
#
# The second parameter to create_or_update here is technically a ResourceGroup
# object. You can create the object directly using ResourceGroup(location=
# LOCATION) or you can express the object as inline JSON as shown here. For
# details, see Inline JSON pattern for object arguments at
# https://learn.microsoft.com/azure/developer/python/sdk
# /azure-sdk-library-usage-patterns#inline-json-pattern-for-object-arguments
print(
f"Provisioned resource group {rg_result.name} in the {rg_result.location} region"
)
# The return value is another ResourceGroup object with all the details of the
# new group. In this case the call is synchronous: the resource group has been
# provisioned by the time the call returns.
# To update the resource group, repeat the call with different properties, such
# as tags:
rg_result = resource_client.resource_groups.create_or_update(
"PythonAzureExample-rg",
{
"location": "centralus",
"tags": {"environment": "test", "department": "tech"},
},
)
print(f"Updated resource group {rg_result.name} with tags")
# Optional lines to delete the resource group. begin_delete is asynchronous.
# poller = resource_client.resource_groups.begin_delete(rg_result.name)
# result = poller.result()
Authentication in the code
Later in this article, you sign in to Azure with the Azure CLI to run the sample code. If your account has permissions to create and list resource groups in your Azure subscription, the code will run successfully.
To use such code in a production script, you can set environment variables to use a service principal-based method for authentication. To learn more, see How to authenticate Python apps with Azure services. You need to ensure that the service principal has sufficient permissions to create and list resource groups in your subscription by assigning it an appropriate role in Azure; for example, the Contributor role on your subscription.
Reference links for classes used in the code
4: Run the script
If you haven't already, sign in to Azure using the Azure CLI:
az loginSet the
AZURE_SUBSCRIPTION_IDenvironment variable to your subscription ID. (You can run the az account show command and get your subscription ID from theidproperty in the output):Run the script:
python provision_rg.py
5: Verify the resource group
You can verify that the group exists through the Azure portal or the Azure CLI.
Azure portal: open the Azure portal, select Resource groups, and check that the group is listed. If you've already had the portal open, use the Refresh command to update the list.
Azure CLI: use the az group show command:
az group show -n PythonAzureExample-rg
6: Clean up resources
Run the az group delete command if you don't need to keep the resource group created in this example. Resource groups don't incur any ongoing charges in your subscription, but resources in the resource group might continue to incur charges. It's a good practice to clean up any group that you aren't actively using. The --no-wait argument allows the command to return immediately instead of waiting for the operation to finish.
az group delete -n PythonAzureExample-rg --no-wait
You can also use the ResourceManagementClient.resource_groups.begin_delete method to delete a resource group from code. The commented code at the bottom of the script in this article demonstrates the usage.
For reference: equivalent Azure CLI command
The following Azure CLI az group create command creates a resource group with tags just like the Python script:
az group create -n PythonAzureExample-rg -l centralus --tags "department=tech" "environment=test"
See also
- Example: List resource groups in a subscription
- Example: Create Azure Storage
- Example: Use Azure Storage
- Example: Create a web app and deploy code
- Example: Create and query a database
- Example: Create a virtual machine
- Use Azure Managed Disks with virtual machines
- Complete a short survey about the Azure SDK for Python