Windows Azure Service Management REST API Reference
Updated: June 7, 2012
The Service Management API provides programmatic access to much of the functionality available through the Management Portal.
The Service Management API is a REST API. All API operations are performed over SSL and mutually authenticated using X.509 v3 certificates.
Windows Azure Subscription
A Windows Azure subscription is a unique user account in Windows Azure. All resources available via the Service Management API are organized beneath the subscription.
When you create a Windows Azure subscription, it is uniquely identified by a subscription ID. The subscription ID forms part of the URI for every call that you make to the Service Management API. See Addressing Service Management Resources for information about how to construct URIs for Service Management operations.
A storage account is a unique endpoint for the Windows Azure Blob, Queue, and Table services. For more information on the Blob, Queue, and Table services, see the Windows Azure Storage Services REST API Reference.
You must create a storage account to use the Blob, Queue, and Table services. The name you give your storage account becomes the host name within the URI that you use to address Blob, Queue, or Table resources. For example, to address a container resource in the Blob service, you use a URI like the following, where
<storage-account> refers to the name of your storage account:
Each storage account has two associated access keys, a primary access key and a secondary access key. These keys are used to authenticate requests against the storage account.
You can use the Service Management API to manage an existing storage account. The API includes operations to list the storage accounts within your subscription, to return storage account properties, to retrieve the primary or secondary access key, and to regenerate the keys. See Operations on Storage Accounts for a complete list of API operations.
A cloud service is a container for your application deployments in Windows Azure. The name that you give your cloud service must be unique across Windows Azure. This name forms part of the URI for calls that you make to the Service Management API to act on this cloud service.
Several operations in the Service Management API permit you to manage your cloud service either by referencing a deployment by its deployment name, or by referencing the deployment environment (staging or production) in which the deployment is running.
|A number of Service Management operations on cloud services are asynchronous. See Tracking Asynchronous Service Management Requests for more information on calling asynchronous operations.|
See Operations on Hosted Services for a complete list of API operations.
You can upload management certificates to the Windows Azure certificate store for your subscription, using the Management Portal. Certificates are now packaged and uploaded separately from the binaries for your service. This means that certificates may now be managed by someone other than the developer, such as an IT manager. The service definition file specifies a logical name for the certificate and the name and location of the local store where it may be found, and associates the certificate with a cloud service endpoint. The service configuration file associates the logical name of the certificate with its thumbprint.
See Operations on Service Certificates for a complete list of API operations.
Locations and Affinity Groups
When you create a cloud service or a storage account, you must specify a geographical location for it. You can do this either by specifying a data center location or by specifying that the cloud service or storage account should be part of an affinity group. Note that you must choose one or the other – it's not possible to specify both.
An affinity group ensures that your cloud services are located together in Windows Azure data centers. If cloud services in your subscription need to work together – for example, if your cloud service stores data in the Blob or Table service or relies on the Queue service for workflow – then you can organize your cloud service and storage account within an affinity group for optimal performance.
An affinity group is defined at the subscription level and is available to any subsequent cloud services or storage accounts that you create. You can create an affinity group when you create a storage account or a cloud service. You can then associate other cloud services with your affinity group as you create them.
|If you create a cloud service or storage account and don't associate it with an affinity group at the time of creation, you'll need to delete and recreate the service if you wish to associate it with an affinity group at a later time.|
You can use the Service Management API to create, list, delete, update, and get properties of an affinity group and locations within your subscription. See Operations on Affinity Groups and Operations on Locations for a complete list of API operations.
You can view subscription history for a specified timeframe by using the Service Management API. For example, you can list all cloud services that were created in the past month. See Operations for Retrieving Subscription History for a complete list of API operations.
You can create and manage virtual machines by using the Service Management API. See the following for a complete list of API operations: