Azure CDN - 通過資源管理API的自定義域SSL

Question

使用最新的Azure Powershell SDK，但仍似乎不能create Custom SSL Domains for CDNs in Azure via API Management。我們有100個子域名需要創建，並且需要能夠爲未來的可擴展性創建此任務。

有誰知道如何通過自SDK has no support的REST API切換這個標誌？我們正在使用New-AzureRmCdnCustomDomain commandlet。

Answer 1

用於使自定義域HTTPS的REST API在docs.microsoft.com

是記錄啓用自定義的Https

啓用HTTPS遞送自定義域的。

POST /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Cdn/profiles/{profileName}/endpoints/{endpointName}/customDomains/{customDomainName}/enableCustomHttps?api-version=2016-10-02 

之前，你可以使用Azure的REST API，你需要得到an access token：

生成訪問令牌使用PowerShell：

$Token = Invoke-RestMethod -Uri https://login.microsoftonline.com/<TenantID>/oauth2/token?api-version=1.0 -Method Post -Body @{ 
    "grant_type" = "client_credentials" 
    "resource" = "https://management.core.windows.net/" 
    "client_id" = "<application id>" 
    "client_secret" = "<password you selected for authentication>" 
} 

響應包含一個訪問令牌，關於令牌有效時間的信息以及有關wha的信息你可以使用那個 令牌。在前面的HTTP調用 中收到的訪問令牌必須傳遞給資源管理器API的所有請求。您將 作爲名爲「授權」的標頭值傳遞，值爲「承載者 YOUR_ACCESS_TOKEN」。注意「持證人」和您訪問令牌之間的空白處。

通過在Azure AD中創建應用程序註冊並在創建的應用程序註冊的「鍵」部分中生成客戶端密鑰來重新獲取客戶端ID。這可以被組合成這樣一個解決方案：

$subscriptionId = "..." 
$resourceGroupName = "..." 
$profileName = "..." 
$endpointName = "..." 
$customDomainName = ".." 

$Token = Invoke-RestMethod -Uri https://login.microsoftonline.com/<TenantID>/oauth2/token?api-version=1.0 -Method Post -Body @{ 
    "grant_type" = "client_credentials" 
    "resource" = "https://management.core.windows.net/" 
    "client_id" = "<application id>" 
    "client_secret" = "<password you selected for authentication>" 
} 

$header = @{ 
    "Authorization"= "Bearer $($Token.access_token)" 
} 

Invoke-RestMethod -Method Post -Headers $header -Uri "https://management.azure.com/subscriptions/$subscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.Cdn/profiles/$profileName/endpoints/$endpointName/customDomains/$customDomainName/enableCustomHttps?api-version=2016-10-02" 

如果不需要自動化腳本，則可以使用使用此改性樣品GUI（不需要應用註冊）手動登錄（基於Source ）。它需要AzureRM-模塊，它可以使用Install-Module AzureRM安裝：

Function Login-AzureRESTApi { 

    Import-Module AzureRM.Profile 

    # Load ADAL Azure AD Authentication Library Assemblies 
    $modulepath = Split-Path (Get-Module -Name AzureRM.Profile).Path 
    $adal = "$modulepath\Microsoft.IdentityModel.Clients.ActiveDirectory.dll" 
    $adalforms = "$modulepath\Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms.dll" 
    $null = [System.Reflection.Assembly]::LoadFrom($adal) 
    $null = [System.Reflection.Assembly]::LoadFrom($adalforms) 

    # Login to Azure 
    $Env = Login-AzureRmAccount 

    # Select Subscription 
    $Subscription = (Get-AzureRmSubscription | Out-GridView -Title "Choose a subscription ..." -PassThru) 
    $adTenant = $Subscription.TenantId 
    $global:SubscriptionID = $Subscription.SubscriptionId 

    # Client ID for Azure PowerShell 
    $clientId = "1950a258-227b-4e31-a9cf-717495945fc2" 

    # Set redirect URI for Azure PowerShell 
    $redirectUri = "urn:ietf:wg:oauth:2.0:oob" 

    # Set Resource URI to Azure Service Management API | @marckean 
    $resourceAppIdURIASM = "https://management.core.windows.net/" 
    $resourceAppIdURIARM = "https://management.azure.com/" 

    # Set Authority to Azure AD Tenant 
    $authority = "https://login.windows.net/$adTenant" 

    # Create Authentication Context tied to Azure AD Tenant 
    $authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority 

    # Acquire token 
    $global:authResultASM = $authContext.AcquireToken($resourceAppIdURIASM, $clientId, $redirectUri, "Auto") 
    $global:authResultARM = $authContext.AcquireToken($resourceAppIdURIARM, $clientId, $redirectUri, "Auto") 

} 

$resourceGroupName = "..." 
$profileName = "..." 
$endpointName = "..." 
$customDomainName = ".." 

Login-AzureRESTApi 

#Reuse selected subscription from login 
$Subscription = $global:subscriptionId 

$header = @{ 
    "Authorization"= $global:authResultARM.CreateAuthorizationHeader() 
} 

Invoke-RestMethod -Method Post -Headers $header -Uri "https://management.azure.com/subscriptions/$subscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.Cdn/profiles/$profileName/endpoints/$endpointName/customDomains/$customDomainName/enableCustomHttps?api-version=2016-10-02"