我正在使用 KeyVault 来存储Ocp-Apim-Subscription-Key. 应用程序正在从 KeyVault 获取此密钥并成功向 API 管理发出请求。
但是现在,我想Ocp-Apim-Subscription-Key在 Runbooks 中使用 powershell 脚本频繁地旋转它。我找不到Ocp-Apim-Subscription-Key通过 powershell 重新生成的方法。这可能吗 ?如果还有其他选项可以轮换此密钥,请告诉我。
问问题
1188 次
2 回答
1
绝对可以通过API:
- https://docs.microsoft.com/en-us/rest/api/apimanagement/subscription/regenerateprimarykey
- https://docs.microsoft.com/en-us/rest/api/apimanagement/subscription/regeneratesecondarykey
也应该在PS中的某个地方。
于 2018-07-31T21:04:56.620 回答
1
# Get API Management Services information and set context
$ApiManagements = Get-AzApiManagement
foreach ($ApiManagement in $ApiManagements)
{
$ApiManagementContext = New-AzApiManagementContext -ResourceId $ApiManagement.Id
# Get all API Management Subscriptions
$ApiManagementSubscriptions = Get-AzApiManagementSubscription -Context $ApiManagementContext
foreach ($ApiManagementSubscription in $ApiManagementSubscriptions)
{
# Update the Keys
$PrimaryKey = (New-Guid) -replace '-',''
$SecondaryKey = (New-Guid) -replace '-',''
Set-AzApiManagementSubscription -Context $ApiManagementContext -SubscriptionId $ApiManagementSubscription.SubscriptionId -PrimaryKey $PrimaryKey `
-SecondaryKey $SecondaryKey -State Active
}
}
于 2019-10-21T13:17:42.640 回答