如何将AZ KeyVault Secret List -O表输出存储在数组中? Azure CLI,Shell脚本
AZ KEYVAULT SECRED LIST列表 - Vault-Name $ VaultName -Query“ [?attributes.expires< ='2022-06-06-06-30']” -O Table
输出:
ContentType | Name
------------- ----------
Content1 KV-Secret1
Content2 KV-Secret2
将输出存储到中的主要目的数组是,我想将两个值分为不同的变量,即必需值$ varibale1 = content1,$ variable2 = kv-secret1
我需要列出所有从当前日期30天内到期的特定钥匙弹的秘密,然后我需要两个秘密的值-1.Secret名称和2.secrettype,该值将用于另一个脚本来重置秘密到期日期。
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
谢谢出于您的建议,将您的建议发布为社区Wiki,因此其他遇到相同要求的人对于他们而言,将是be的
您必须在URI中指定每个键金库名称(让我们说:
“获取”,“”/“ + https:// keyVaults [“ vault_uri”] +“ keys?api-version?api-version? = 7.0“或“ get”,“/” + https:// keyVaults [“ vault_uri”] + “秘密?apiversion = 7.0”)要检索各个键和秘密的到期日期,因为这些信息是数据平面的一部分,它允许您与存储在密钥库中的数据一起工作。因此,您不能使用管理平面端点“ get”,'/subscriptions/xxxxx/providers/microsoft.keyvault/vaults?api-version=2019-09-09-01'来检索有关数据的信息存储在Azure KeyVault中。要了解有关不同类型的密钥保险公司平面的更多信息,请参阅: https://learn.microsoft.com/en-us/aswers/questions/questions/25726/what-is-management-ymagement-and-data-data-plane-plane-in-azure-key-vau.html
因此,您需要在订阅中创建所有关键保险库名称并将其加载到某些变量中,然后可以相应地检索键和秘密的到期日期。如果您不能从变量中检索密钥保险库名称,则可以考虑使用替代方法来监视Microsoft.Keyvault.keyvault.secretnearexpiry,使用Azure Automation(event Grid)或逻辑应用程序获得通知,如下所述:
azure键保管登录:
创建一个逻辑应用程序以提醒密钥保险箱密钥到期: https://learn.microsoft.com/en-us/aswers/questions/398632/creating-a-a-logic-app-to-to-remind-key--
Thank You sikumars-msft for your suggestion, Posting your suggestion as community wiki so other who encounter the same requirement so it will be benficial for them
You must specify each keys vault names in URI (let say:
"GET", "/" + https://keyvaults["Vault_Uri"] + "keys?api-version=7.0"or"GET", "/" + https://keyvaults["Vault_Uri"] + "secrets?api-version=7.0") to retrieve expiry dates of respective keys and secrets because these information are part of the data plane which allows you to work with the data stored in a key vault. Hence, you can't use management plane endpoint"GET", '/subscriptions/xxxxx/providers/Microsoft.KeyVault/vaults?api-version=2019-09-01' to retrieve information about data stored in Azure KeyVault.To learn more about different type of key vault plane, refer: https://learn.microsoft.com/en-us/answers/questions/25726/what-is-management-and-data-plane-in-azure-key-vau.html
Therefore, you need to get all key vault name created in your subscription and load them into some variable then you can retrieve expiry date of keys and secrets accordingly. In case if you can't retrieve Key Vault name from variable then you could think so using alternative approach of enabling Azure Key vault logging to monitor Microsoft.KeyVault.SecretNearExpiry to get notification using Azure automation (Event grid) or Logic App as explained below:
Azure Key Vault logging: https://learn.microsoft.com/en-us/azure/key-vault/general/logging?tabs=Vault
Creating a Logic App to remind Key Vault key Expiry: https://learn.microsoft.com/en-us/answers/questions/398632/creating-a-logic-app-to-remind-key-