Fatal编程技术网
  • azure-cosmosdb/
  • Azure cosmosdb 以编程方式获取/重置Azure Cosmos DB主密钥

Azure cosmosdb 以编程方式获取/重置Azure Cosmos DB主密钥

azure-cosmosdb

Azure cosmosdb 以编程方式获取/重置Azure Cosmos DB主密钥,azure-cosmosdb,Azure Cosmosdb,我正在尝试从代码中获取并重置Azure Cosmos DB帐户的主密钥,特别是从Azure Function应用程序中的C#代码,该应用程序的系统分配的托管身份在Cosmos DB帐户上定义了RBAC角色。Cosmos DB客户端api似乎没有此功能。下面是一个如何从github repo生成的示例 private static string GenerateMasterKeyAuthorizationSignature(string verb, string resourceId, strin

我正在尝试从代码中获取并重置Azure Cosmos DB帐户的主密钥,特别是从Azure Function应用程序中的C#代码,该应用程序的系统分配的托管身份在Cosmos DB帐户上定义了RBAC角色。Cosmos DB客户端api似乎没有此功能。

下面是一个如何从github repo生成的示例

private static string GenerateMasterKeyAuthorizationSignature(string verb, string resourceId, string resourceType, string key, string keyType, string tokenVersion)
{
    var hmacSha256 = new System.Security.Cryptography.HMACSHA256 { Key = Convert.FromBase64String(key) };

    string payLoad = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n",
            verb.ToLowerInvariant(),
            resourceType.ToLowerInvariant(),
            resourceId,
            utc_date.ToLowerInvariant(),
            ""
    );

    byte[] hashPayLoad = hmacSha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(payLoad));
    string signature = Convert.ToBase64String(hashPayLoad);

    return System.Web.HttpUtility.UrlEncode(String.Format(System.Globalization.CultureInfo.InvariantCulture, "type={0}&ver={1}&sig={2}",
        keyType,
        tokenVersion,
        signature));
}
您可以使用Azure Management Fluent API实现这一点。 您需要包含此nuget软件包“Microsoft.Azure.Management.Fluent”。 这是你的电话号码

下面是相同的示例代码

    var credentials = SdkContext.AzureCredentialsFactory
                            .FromServicePrincipal(clientId,
                            clientSecret,
                            tenantId,
                            AzureEnvironment.AzureGlobalCloud);

    IAzure azure = Azure.Authenticate(credentials).WithSubscription("<<Your subscription Id>>");
    var cosmosaccount = azure.CosmosDBAccounts.GetByResourceGroup("<<Your cosmos account resource group name>>", "<<Your cosmos account name>>");

    Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey);
    cosmosaccount.RegenerateKey("secondary");
    Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey); 

var-credentials=SdkContext.AzureCredentialsFactory
.FromServicePrincipal(客户ID,
客户机密,
租户,
AzureEnvironment.AzureGlobalCloud);
IAzure azure=azure.Authenticate(凭证).WithSubscription(“”);
var cosmosaccount=azure.CosmosDBAccounts.GetByResourceGroup(“,”);
Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey);
cosmosaccount.key(“次要”);
Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey);