如何提高Azure功能的权限?
我已经创建了一个Azure函数(计时器触发)(有关它的编辑版本,请参见下文),在该函数上,我在Azure上运行时会遇到ValueError(“未知密码”)错误。我在Linux计算机上进行了一些调试,该计算机通过使用通过SSH在Azure Portal中的Azure函数的SSH可用的Bash Shell运行Azure功能。在这里,我在Python脚本中使用了以下代码的近似值,并能够重现错误-valueRorr(“未知密码”)。但是,当我使用sudo命令(sudo python nameofscript.py)运行python脚本时,则没有出现错误消息,这使我相信由于Azure函数的权限有限,因此错误消息发生在Azure函数中。所以我的问题是:如何提高Azure功能的权限?还是如果可能的话,它会与sudo一起运行?如果它相关,那么我使用Azure Devops管道将Azure函数部署到Azure。
import datetime
import logging
import azure.functions as func
from azure.identity import DefaultAzureCredential
from azure.keyvault.secrets import SecretClient
import paramiko
def main(mytimer: func.TimerRequest) -> None:
utc_timestamp = datetime.datetime.utcnow().replace(
tzinfo=datetime.timezone.utc).isoformat()
if mytimer.past_due:
logging.info('The timer is past due!')
logging.Logger.root.level = 10
logging.basicConfig()
logging.getLogger("paramiko").setLevel(logging.DEBUG)
# Used for getting access to secrets on Azure key vault for authentication purposes
credential = DefaultAzureCredential()
secret_client = SecretClient(vault_url="InsertVaultURL", credential=credential)
secret_name = secret_client.get_secret("InsertSecretUsernameName")
secret_pass = secret_client.get_secret("InsertSecretPasswordName")
secret_host_key = secret_client.get_secret("InsertSecretHostKeyName")
# Server name for FSTP server
host_name = 'InsertFSTPHostAddress'
# Connecting to FSTP server
ssh = paramiko.SSHClient()
ssh.get_host_keys().add(hostname = host_name, keytype='ssh-rsa', key = paramiko.PKey(data = secret_host_key.value.encode('ascii')))
ssh.load_system_host_keys()
ssh.connect(hostname = host_name, port = 22, username=secret_name.value, password=secret_pass.value)
sftp = ssh.open_sftp()
# Perform some activity with SFTP connection
# Close the SFTP session
sftp.close()
# Close SSH Client
ssh.close()
I've created an Azure Function (timer trigger) (see below for an edited version of it) where I get ValueError("unknown cipher") error when it's run on Azure. I did some debugging on the linux machine that's running the Azure Function by using the bash shell that's available via SSH under Development Options for the Azure Function in the Azure Portal. Here I used an approximation of the of the code below in a python script, and was able to reproduce the error - ValueError("unknown cipher"). However when I ran the python script using sudo command (sudo python nameOfScript.py) then the error message did not appear, which leads me to believe that the error occurred in the Azure Function because of limited permissions for the Azure Function. So my question is this: How can I elevate the permissions for the Azure Function? Or make it run with sudo if that's possible? In case it's relevant then I use an Azure DevOps pipeline to deploy the Azure Function to Azure.
import datetime
import logging
import azure.functions as func
from azure.identity import DefaultAzureCredential
from azure.keyvault.secrets import SecretClient
import paramiko
def main(mytimer: func.TimerRequest) -> None:
utc_timestamp = datetime.datetime.utcnow().replace(
tzinfo=datetime.timezone.utc).isoformat()
if mytimer.past_due:
logging.info('The timer is past due!')
logging.Logger.root.level = 10
logging.basicConfig()
logging.getLogger("paramiko").setLevel(logging.DEBUG)
# Used for getting access to secrets on Azure key vault for authentication purposes
credential = DefaultAzureCredential()
secret_client = SecretClient(vault_url="InsertVaultURL", credential=credential)
secret_name = secret_client.get_secret("InsertSecretUsernameName")
secret_pass = secret_client.get_secret("InsertSecretPasswordName")
secret_host_key = secret_client.get_secret("InsertSecretHostKeyName")
# Server name for FSTP server
host_name = 'InsertFSTPHostAddress'
# Connecting to FSTP server
ssh = paramiko.SSHClient()
ssh.get_host_keys().add(hostname = host_name, keytype='ssh-rsa', key = paramiko.PKey(data = secret_host_key.value.encode('ascii')))
ssh.load_system_host_keys()
ssh.connect(hostname = host_name, port = 22, username=secret_name.value, password=secret_pass.value)
sftp = ssh.open_sftp()
# Perform some activity with SFTP connection
# Close the SFTP session
sftp.close()
# Close SSH Client
ssh.close()
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
Glad @ pythonforazure3942 您已经通过使用
Fabric> Fabric> Fabric> Fabric> Fabric> Fabric> Python库。发布该决议作为帮助其他社区成员的答案。是的,Fabric Python库用于交互和自动化任务,例如应用程序部署到通用系统管理,以提高权限/特权。
Glad @PythonForAzure3942 that you had resolved the issue yourself by using
fabric python library. Posting this resolution as an answer to help other community members.Yes, Fabric Python library is used to interact and automate tasks like App deployment to the General System Administration for elevating permissions/privileges.