Azure cosmosdb 以编程方式获取/重置Azure Cosmos DB主密钥
我正在尝试从代码中获取并重置Azure Cosmos DB帐户的主密钥,特别是从Azure Function应用程序中的C#代码,该应用程序的系统分配的托管身份在Cosmos DB帐户上定义了RBAC角色。Cosmos DB客户端api似乎没有此功能。下面是一个如何从github repo生成的示例Azure cosmosdb 以编程方式获取/重置Azure Cosmos DB主密钥,azure-cosmosdb,Azure Cosmosdb,我正在尝试从代码中获取并重置Azure Cosmos DB帐户的主密钥,特别是从Azure Function应用程序中的C#代码,该应用程序的系统分配的托管身份在Cosmos DB帐户上定义了RBAC角色。Cosmos DB客户端api似乎没有此功能。下面是一个如何从github repo生成的示例 private static string GenerateMasterKeyAuthorizationSignature(string verb, string resourceId, strin
private static string GenerateMasterKeyAuthorizationSignature(string verb, string resourceId, string resourceType, string key, string keyType, string tokenVersion)
{
var hmacSha256 = new System.Security.Cryptography.HMACSHA256 { Key = Convert.FromBase64String(key) };
string payLoad = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n",
verb.ToLowerInvariant(),
resourceType.ToLowerInvariant(),
resourceId,
utc_date.ToLowerInvariant(),
""
);
byte[] hashPayLoad = hmacSha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(payLoad));
string signature = Convert.ToBase64String(hashPayLoad);
return System.Web.HttpUtility.UrlEncode(String.Format(System.Globalization.CultureInfo.InvariantCulture, "type={0}&ver={1}&sig={2}",
keyType,
tokenVersion,
signature));
}
您可以使用Azure Management Fluent API实现这一点。 您需要包含此nuget软件包“Microsoft.Azure.Management.Fluent”。 这是你的电话号码 下面是相同的示例代码
var credentials = SdkContext.AzureCredentialsFactory
.FromServicePrincipal(clientId,
clientSecret,
tenantId,
AzureEnvironment.AzureGlobalCloud);
IAzure azure = Azure.Authenticate(credentials).WithSubscription("<<Your subscription Id>>");
var cosmosaccount = azure.CosmosDBAccounts.GetByResourceGroup("<<Your cosmos account resource group name>>", "<<Your cosmos account name>>");
Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey);
cosmosaccount.RegenerateKey("secondary");
Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey);
var-credentials=SdkContext.AzureCredentialsFactory
.FromServicePrincipal(客户ID,
客户机密,
租户,
AzureEnvironment.AzureGlobalCloud);
IAzure azure=azure.Authenticate(凭证).WithSubscription(“”);
var cosmosaccount=azure.CosmosDBAccounts.GetByResourceGroup(“,”);
Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey);
cosmosaccount.key(“次要”);
Console.WriteLine(cosmosaccount.ListKeys().SecondaryMasterKey);