我想建立一个azure功能应用程序,收集以下数据:
- 软删除资源 <
- 软删除Azure关键库条目/gh>
目标是使入口点处于订阅级别。该函数应该查询订阅的资源组,然后搜索上述指定的内容。
我的研究表明,截至今天(2022-06-29),Microsoft.Azure.Resources包几乎已经过时,而替换包Azure.ResourceManager处于某种预览状态。我从昨天开始就在尝试以某种方式获得这些数据-但没有太大的成功,因为我真的不知道如何获得这些数据。
现在我的。csproj看起来像这样:
<PackageReference Include="Azure.Identity" Version="1.6.0" />
<PackageReference Include="Azure.Monitor.Query" Version="1.1.0" />
<PackageReference Include="Azure.ResourceManager" Version="1.0.0" />
<PackageReference Include="Azure.ResourceManager.KeyVault" Version="1.0.0-beta.8" />
<PackageReference Include="Azure.ResourceManager.Monitor" Version="1.0.0-beta.2" />
<PackageReference Include="Azure.ResourceManager.Resources" Version="1.0.0" />
<PackageReference Include="Azure.ResourceManager.Compute" Version="1.0.0-beta.9" />
<PackageReference Include="Azure.ResourceManager.Network" Version="1.0.0-beta.7" />
<PackageReference Include="Azure.ResourceManager.Storage" Version="1.0.0-beta.8" />
我的函数类也很乱,因为我真的不知道从哪里开始。所以我试图安装一堆包最终得到一个扩展方法与一些有用的在灵活;
using System;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.ManagementGroups;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Storage;
using Azure.ResourceManager.Compute;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.KeyVault;
using Azure.ResourceManager.Monitor;
using Azure.Monitor.Query;
using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Host;
using Microsoft.Extensions.Logging;
using System.Threading.Tasks;
using SoftDeleteDetection.Models;
//using Microsoft.Azure.Management.ResourceManager.Models;
//using Microsoft.Azure.Management.Compute.Models;
namespace SoftDeleteDetection;
public class NotifyOnSoftDeletedResourcesFunctions
{
[FunctionName("ScanAndNotify")]
public async Task ScanAndNotify([TimerTrigger("0 0 9 * * MON")]TimerInfo myTimer, ILogger log)
{
log.LogInformation($"C# Timer trigger function executed at: {DateTime.Now}");
await DoSomething();
}
private async Task DoSomething()
{
//var credentials = new EnvironmentCredential();
var credentials = new VisualStudioCredential();
ArmClient client = new(credentials, Environment.GetEnvironmentVariable(Settings.SubscriptionId));
var subscription = await client.GetDefaultSubscriptionAsync();
var resourceGroups = subscription.GetResourceGroups();
foreach (var group in resourceGroups)
{
var resources = group.GetGenericResources("");
var vaults = group.GetVaults();
foreach (var vault in vaults)
{
var secrets = vault.GetSecrets();
foreach (var secret in secrets)
{
// no useful property here
}
var keys = vault.GetVaultKeys();
foreach (var key in keys)
{
// no useful property here
}
}
//var dada = group.Getkey
//Azure.ResourceManager.KeyVault.
//if (group.GetGenericResources())
//var dudu = group.GetStorageAccounts();
}
////var subscription = await armClient.GetDefaultSubscriptionAsync();
////subscription.
//string rgName = "myResourceGroup";
//SubscriptionResource subscription = await armClient.GetDefaultSubscriptionAsync();
//var fufu = await subscription.GetResourceGroups().GetAsync("myRg");
//fufu.Value.
//ResourceGroup rg = await subscription.GetResourceGroups().GetAsync(rgName);
//await foreach (VirtualMachine vm in rg.GetVirtualMachines().GetAllAsync())
//{
// //previously we would have to take the resourceGroupName and the vmName from the vm object
// //and pass those into the powerOff method as well as we would need to execute that on a separate compute client
// await vm.StartPowerOff().WaitForCompletionAsync();
//}
//var rp = subscription.GetResourceProvider("Microsoft.ApiManagement");
////rp.Value.
//var rgs = subscription.GetResourceGroups();
////ResourceGroup resourceGroup = await subscription.GetResourceGroups().GetAsync("myRgName");
//foreach (var group in rgs)
//{
// //var det = group.getre.Get();
// //det.Value.GetVirtualMachines();
//}
//var mg = client.GetManagementGroups();
//var mgs = mg.GetAll();
//foreach (var item in mgs)
//{
// //item.
// //item.
//}
//var sc = client.GetSubscriptions();
//var subs = sc.GetAll();
//foreach (var item in subs)
//{
// //item.
//}
}
}
I would be very happy if someone can point me to the right direction.
软删除资源
我知道,目前没有特定的类库或CLI &PowerShell获取软删除资源命令
软删除Azure密钥库条目
我们可以通过使用Portal, Azure CLI, PowerShell来检索软删除的Key Vault条目详细信息。. 参考Doc
在c#中,你可以使用DeletedSecretIdentifier。IsDeletedSecretIdentifier检查标识符是否属于已删除的密钥库secret使用。net删除密钥库中的秘密标识符
引用- 软删除(密钥库)