1. 首頁
  2. 問答
  3. 在REST API或.Net SDK中是否有等效的Set-AzureRmKeyVaultAccessPolicy?

在REST API或.Net SDK中是否有等效的Set-AzureRmKeyVaultAccessPolicy?

2016-12-05 62 views

回答

0

here you go,你可能會找到類似於.NET SDK的東西。

此外,如果你做Set-AzureRmKeyVaultAccessPolicy -debug你會發現所需的信息:

DEBUG: ============================ HTTP REQUEST ============================ 

HTTP Method: 
PUT 

Absolute Uri: 
https://management.azure.com/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.KeyVault/vaults/xxx?api-version=2015-06-01 

Body {Omitted}

編輯:以供將來參考,PowerShell使用REST的API。如果有PS命令,肯定有REST端點。通過Junnas

來源

2016-12-05 17:47:31 4c74356b41

0

我們可以使用Microsoft Azure Key Vault Management來做到這一點。它是一個預覽版本。我們可以使用keyVaultManagementClient.Vaults.CreateOrUpdateAsync()函數創建或更新密鑰保險庫。 我爲它做了一個演示。我的具體步驟如下:

先決條件:

註冊一個App在Azure的AD併爲它創建的服務原則。更詳細的步驟請參考document

步驟:

1.創建一個C#控制檯應用程序

2.增加該項目的演示代碼

using System; 
using System.Collections.Generic; 
using Microsoft.Azure.Management.KeyVault; 
using Microsoft.Azure.Management.KeyVault.Models; 
using Microsoft.IdentityModel.Clients.ActiveDirectory; 
using Microsoft.Rest; 

var subscriptionId = "Your Subscription Id"; 
var clientId = "Your Registry Application Id"; 
var tenantId = "Your tenant Id"; 
var secretKey = "Application secret Key"; 
var objectId = "Registry Application object Id" 
var clientCredential = new ClientCredential(clientId, secretKey); 
var context = new AuthenticationContext("https://login.windows.net/" + tenantId); 
const string resourceGroupName = "tom"; 
// The name of the vault to create. 
const string vaultName = "TomNewKeyVaultForTest"; 

var accessPolicy = new AccessPolicyEntry 
{ 
    ApplicationId = Guid.Parse(clientId), 
    TenantId = Guid.Parse(tenantId), 
    Permissions = new Permissions 
    { 
     Keys = new List<string> { "List","Get" }, 
     Secrets = new List<string> { "All" } 
     }, 
     ObjectId = Guid.Parse(objectId) 
    }; 

    VaultProperties vaultProps = new VaultProperties 
    { 
     EnabledForTemplateDeployment = true, 
     TenantId = Guid.Parse(tenantId), 
     AccessPolicies = new List<AccessPolicyEntry> 
     { 
      accessPolicy 
     } 
    }; 
    Microsoft.Rest.ServiceClientCredentials credentials = new TokenCredentials(token); 
    VaultCreateOrUpdateParameters vaultParams = new VaultCreateOrUpdateParameters("eastasia", vaultProps); 

    KeyVaultManagementClient keyVaultManagementClient= new KeyVaultManagementClient(credentials) 
    { 
     SubscriptionId = subscriptionId 
    }; 

    var result = keyVaultManagementClient.Vaults.CreateOrUpdateAsync(resourceGroupName, vaultName, vaultParams).Result;

3.Debug演示

enter image description here

4.檢查在蔚藍的門戶

enter image description here

更多SDK的信息,請參閱package.config文件中創建或更新KeyVault:

<?xml version="1.0" encoding="utf-8"?> 
<packages> 
    <package id="Hyak.Common" version="1.0.2" targetFramework="net452" /> 
    <package id="Microsoft.Azure.Common" version="2.1.0" targetFramework="net452" /> 
    <package id="Microsoft.Azure.Common.Dependencies" version="1.0.0" targetFramework="net452" /> 
    <package id="Microsoft.Azure.Management.KeyVault" version="2.0.0-preview" targetFramework="net452" /> 
    <package id="Microsoft.Bcl" version="1.1.9" targetFramework="net452" /> 
    <package id="Microsoft.Bcl.Async" version="1.0.168" targetFramework="net452" /> 
    <package id="Microsoft.Bcl.Build" version="1.0.14" targetFramework="net452" /> 
    <package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="2.28.3" targetFramework="net452" /> 
    <package id="Microsoft.Net.Http" version="2.2.22" targetFramework="net452" /> 
    <package id="Microsoft.Rest.ClientRuntime" version="2.3.1" targetFramework="net452" /> 
    <package id="Microsoft.Rest.ClientRuntime.Azure" version="3.3.1" targetFramework="net452" /> 
    <package id="Newtonsoft.Json" version="6.0.8" targetFramework="net452" /> 
</packages>

來源

2016-12-06 16:07:25

相關問題

 相關問題