Microsoft Azure: obtaining credentials on linux with Azure API for Python

For the first four, you should enable MSI on your VM and it will be automatic:

• https://docs.microsoft.com/en-us/azure/active-directory/managed-service-identity/overview
• https://github.com/Azure-Samples/compute-python-msi-vm
• https://github.com/Azure-Samples/resource-manager-python-manage-resources-with-msi

Resource Group name and PublicIP name will be specific to your application. You can use "azure-mgmt-resource" with MSI authentication to get the list of all existing Resource Group, and then "azure-mgmt-network" with MSI authentication to get a list of all PublicIPs. If listing them is possible, then yes you don't need any parameters at all.

Ok I enabled MSI
And made this:

from azure.mgmt.network import NetworkManagementClient
from azure.common.credentials import ServicePrincipalCredentials
from azure.common.credentials import get_azure_cli_credentials
from azure.common.cloud import get_cli_active_cloud
import sys

#Script takes two arguments resource_group_name and public_ip_name and returns public IP of VM

def _get_azure_cli_credentials():
    credentials, subscription_id = get_azure_cli_credentials()
    cloud_environment = get_cli_active_cloud()

    cli_credentials = {
        'credentials': credentials,
        'subscription_id': subscription_id,
        'cloud_environment': cloud_environment
    }
    #print credentials
    #print subscription_id
    print cloud_environment
    print cli_credentials

With it I get this:

{'endpoints': {'active_directory': 'https://login.microsoftonline.com',
               'active_directory_data_lake_resource_id': 'https://datalake.azure.net/',
               'active_directory_graph_resource_id': 'https://graph.windows.net/',
               'active_directory_resource_id': 'https://management.core.windows.net/',
               'batch_resource_id': 'https://batch.core.windows.net/',
               'gallery': 'https://gallery.azure.com/',
               'management': 'https://management.core.windows.net/',
               'resource_manager': 'https://management.azure.com/',
               'sql_management': 'https://management.core.windows.net:8443/',
               'vm_image_alias_doc': 'https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/arm-compute/quickstart-templates/aliases.json'},
 'is_active': True,
 'name': 'AzureCloud',
 'profile': 'latest',
 'suffixes': {'azure_datalake_analytics_catalog_and_job_endpoint': 'azuredatalakeanalytics.net',
              'azure_datalake_store_file_system_endpoint': 'azuredatalakestore.net',
              'keyvault_dns': '.vault.azure.net',
              'sql_server_hostname': '.database.windows.net',
              'storage_endpoint': 'core.windows.net'}}
{'credentials': <azure.cli.core.adal_authentication.AdalAuthentication object at 0x7f54884bac10>, 'subscription_id': 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX', 'cloud_environment': <azure.cli.core.cloud.Cloud object at 0x7f54884ba410>}

subscription_id matches the one i temporally hardcoded but where should I search for the rest?

Also I've tried this:

from subprocess import call
import os
import subprocess
import requests

A=subprocess.Popen("curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F' -H Metadata:true", shell=True, stdout=subprocess.PIPE).stdout.read()

print "Printing A..."
print A
B=A.split(",")
C=B[0].split("\",\"")
D=C[0].split("\":\"")
token=D[1][0:len(D[1])-1]
print token

C=B[1].split("\",\"")
D=C[0].split("\":\"")
client_id=D[1][0:len(D[1])-1]
print client_id

it returns huuge token and some client_id but it doesn't match

and lastly i tried CLI 2.0

az account list

Which returns "id" that matches hardcoded subscription_id and "tenantId" that matches hardcoded tenant_id