Azure powershell - how to create json file with azure keyvaults secrets
(I know how to read the secrets with power shell). I do know how to put key values pairs and export as a file.
So, given I have this
secret1Name - secret1Value
secret2Name - secret2Value
secret3Name - secret3Value
I need a file saved to the file system
{
"secret1Name":"secret1Value",
"secret2Name":"secret2Value",
"secret3Name":"secret3Value",
}
I found that there is something like this for reading from a file
$globalParametersJson = Get-Content $globalParametersFilePath
$globalParametersObject = [Newtonsoft.Json.Linq.JObject]::Parse($globalParametersJson)
And I (think) i need help doing it for writing a file.
Can anyone help ??
Export Azure key vault secrets as json list (or file)
I have tried to reproduce your ask and I have received expected results:
What I have understood from your question is that you want to write a secret to file (then below is the answer for that).
Firstly, created an empty Json file and copied its path and I followed Microsoft-Document.
Then I executed the below script:
$y="C:\Users\vs\emo.json"
$secret = Get-AzKeyVaultSecret -VaultName "rithkey"
$secretnames=$secret.Name
$Target = #()
$result = New-Object -TypeName PSObject
foreach($em in $secretnames )
{
$Target=Get-AzKeyVaultSecret -VaultName rithkey -Name $em
$x=Get-AzKeyVaultSecret -VaultName rithkey -AsPlainText -Name $em
$result | Add-Member -Type NoteProperty -Name $Target.Name -Value $x
}
$result | ConvertTo-Json | Set-Content $y
Now we can check file emo.json as we used Set-Content to write to emo.json file and output is below:
Related
I need a quick script to convert device names to Object IDs, so that I can perform a bulk upload in Intune. I have the device names saved as a .csv which I import. After running the script the output BulkObjectID.csv comes up empty (0 kb). I am not sure what I could be doing wrong. Thanks in advance for any help.
connect-azuread
$csv = Import-Csv C:\Tools\NEW.csv
$ObjectID=#()
foreach ($DisplayName in $csv){
$ObjectID += get-AzureADDevice -Filter "DisplayName eq '$._DisplayName'" | Select ObjectID
}
$ObjectID
$ObjectID | export-csv -path 'C:\Tools\BulkObjectID.csv' -append
I tried to reproduce the same in my environment and got below results
I have few Azure AD devices existing in my tenant like below:
I created one csv file with display names of above devices like this:
Now, I ran the same script as you and got same output with empty (0 kb) BulkObjectID.csv file like below:
Connect-AzureAD
$csv = Import-Csv C:\test\new.csv
$ObjectID=#()
foreach ($DisplayName in $csv){
$ObjectID += get-AzureADDevice -Filter "DisplayName eq '$._DisplayName'" | Select ObjectID
}
$ObjectID
$ObjectID | export-csv -path 'C:\test\BulkObjectID.csv' -append
Response:
When I checked the folder, empty (0 kb) BulkObjectID.csv file is present like below:
To resolve this, modify your script by making few changes like below:
Connect-AzureAD
$csv = Import-Csv C:\test\new.csv
$ObjectID=#()
foreach ($DisplayName in $csv)
{
$name = $DisplayName.DisplayName
$ObjectID = get-AzureADDevice -Filter "DisplayName eq '$name'" | Select ObjectID
$ObjectID
$ObjectID | export-csv -path 'C:\test\ObjectID.csv' -append
}
Response:
When I checked the folder, ObjectID.csv file is present with device IDs like below:
I have written a PowerShell script in Azure DevOps to get all Azure Active Directory users as JSONM. I want to save the output as a JSON file in Azure repos.
My code:
Install-Module -Name "AzureAD" -Force
Import-Module -Name "AzureAD"
[string]$userName = 'TEST#TEST.TEST'
[string]$userPassword = 'TEST'
[securestring]$secStringPassword = ConvertTo-SecureString $userPassword -AsPlainText -Force
[pscredential]$credObject = New-Object System.Management.Automation.PSCredential ($userName, $secStringPassword)
Connect-AzureAD -Credential $credObject
Get-AzureADUser | select #{N='email';E={$_.UserPrincipalName}} | ConvertTo-Json | Out-File -FilePath .\UserExport.txt
here is an example :
YOUR-COMMAND | Out-File -FilePath c:\PATH\TO\FOLDER\OUTPUT.txt
You seemed right to this, have you tried to see what it gives you in txt first ? Or it simply don't save the file ?
Hm... Can you give an example of the json ? By default the depth in "ConvertTo-Json" is 2.
So you may have to change it like this :
Get-AzureADUser | select #{N='email';E={$_.UserPrincipalName}} | ConvertTo-Json -depth 100 | Out-File -FilePath .\UserExport.txt
I am trying to create a powershell that will grab the varibles from an excel sheet and then add them to the powersehll command.
in the excel sheet i have 3 columns i am interested in the data from (Name , resourcegroup, location)
And then for each line with this i want it to parse into into the varible field for the powershell
I have created the powershell to do what i need but it would be better if it could loop through and pull this as I am just running the command again with different machine info manually added from the excel.
With #Theo Help
I am working with this version of the script now
Import-Csv -Path 'c:\scripts\vmtest.csv' | ForEach-Object {
# combine the VMName with suffix '-Snapshot'
$snapshotName = $vm.name + "-Snapshot"
$SnapshotStorage = "Azure-Snapshots"
$vm = Get-AzVM -ResourceGroupName $_.ResourceGroup -Name $_.Name
# using splatting for better readability
$configParams = #{
SourceUri = $vm.StorageProfile.OsDisk.ManagedDisk.Id
Location = $_.location
CreateOption = 'copy'
}
$snapshot = New-AzSnapshotConfig #configParams
New-AzSnapshot -Snapshot $snapshot -SnapshotName $snapshotname -ResourceGroupName $snapshotstorage
}
If as you have commented, you now have the data stored in a CSV file that might look something like this:
Name,ResourceGroup,Location
PRD-ITM001,SJAVIRTUALMACHINES,uksouth
TST-GRSSQL001,SJAVIRTUALMACHINES,uksouth
it has become very simple to import that data and loop through the records like below:
Import-Csv -Path 'c:\scripts\vmtest.csv' | ForEach-Object {
# combine the VMName with suffix '-Snapshot'
$snapshotName = '{0}-Snapshot' -f $_.Name
$SnapshotStorage = "Azure-Snapshots"
$vm = Get-AzVM -ResourceGroupName $_.ResourceGroup -Name $_.Name
# using splatting for better readability
$configParams = #{
SourceUri = $vm.StorageProfile.OsDisk.ManagedDisk.Id
Location = $_.Location
CreateOption = 'copy'
}
$snapshot = New-AzSnapshotConfig #configParams
New-AzSnapshot -Snapshot $snapshot -SnapshotName $snapshotName -ResourceGroupName $_.ResourceGroup
}
Note that the above code assumes your CSV uses the (default) comma as delimiter character. If in your case this is some other character, append parameter -Delimiter followed by the character the csv uses.
Inside a ForEach-Object {..} loop, the $_ automatic variable references the current record from the csv
I used Splatting for better readability of the code. This helps on cmdlets that take a long list of parameters and eliminates the use of the backtick.
Based on the above shared requirement, we understood that you want to pull the values of ResourceGroupName, VMName from the excel sheet & also you want to use those values in the script further.
Using PSExcel Module, We have written the below PowerShell Script which will pull the ResourceGroupName, VMName from excel & it will run Get-AzVM Cmdlet.
Before running the below PowerShell script , run the below cmdlet Save-Azcontext cmdlet it will saves the current authentication information for use in other PowerShell sessions.
Connect-AzAccount
Save-AzContext -Path C:\test.json
Here is the PowerShell script:
$currentDir = "C:\Program Files\WindowsPowerShell\Modules" ##pass the path of the PSexcel Module
Import-Module $currentDir"\PSExcel"
Import-AzContext -Path C:\test.json ##passing the azcontext file path which was saved earlier
$ExcelFile = "Give here the path of the current folder where scripts are stored"
$objExcel = New-Excel -Path $ExcelFile
$WorkBook = $objExcel|Get-Workbook
ForEach($Worksheet in #($Workbook.Worksheets)){
$totalNoOfRecords = $Worksheet.Dimension.Rows
$totalNoOfItems = $totalNoOfRecords-1
# Declare the starting positions first row and column names
$rowNo,$colResourceGroupName = 1,1
$rowNo,$colVMName = 1,2
if ($totalNoOfRecords -gt 1){
#Loop to get values from excel file
for($i=1;$i -le ($totalNoOfRecords-1);$i++){
$ResourceGroupName=$Worksheet.Cells.Item($rowNo+$i,$colResourceGroupName).Value
$VMName=$Worksheet.Cells.Item($rowNo+$i,$colVMName).Value
Get-AzVM -ResourceGroupName $ResourceGroupName -Name $VMName |select -Property Name,ResourceGroupName,Location
}
}
}
Here is the sample output for reference:
For more information ,you refer this blog post on How to Read excel file using PSExcel Module in PowerShell.
With the following command I am able to retrieve a list (or is it a dictionary? My Powershell knowledge is unfortunately very limited) of parameters supported by the Get-AzKeyVaultSecret cmdlet:
PS C:\> $params = (Get-Command Get-AzKeyVaultSecret).ParameterSets | Select -ExpandProperty Parameters
PS C:\> $params | ForEach {$_.Name}
VaultName
Name
InRemovedState
DefaultProfile
Verbose
Debug
ErrorAction
WarningAction
InformationAction
...
How could I please check if the list contains the AsPlainText parameter, which was added in the newer versions of the cmdlet?
In my custom script I would like to check for that and then adapt the way I retrieve a secret value from a key vault:
if ($is_AsPlainText_Supported) # how to set this variable?
{
$mySecret = Get-AzKeyVaultSecret -VaultName 'MyKeyVault' -Name 'MySecret' -AsPlainText
}
else
{
$mySecret = (Get-AzKeyVaultSecret -VaultName 'MyKeyVault' -Name 'MySecret').SecretValueText
}
I would prefer not to use try/catchhere (or check if retrieved secret value is null), because I have numerous Get-AzKeyVaultSecret calls in my real script and such approaches would cost performance.
Add this line before your if statement:
$is_AsPlainText_Supported = (Get-Command Get-AzKeyVaultSecret).ParameterSets.Parameters.Name -contains "AsPlainText"
The -contains operator will return a boolean based on if the list before the operator contains the item after it.
I am currently working in Powershell, trying to get some data from my Azure SQL Database. I have with success fetched some data into a dataset. However, i cannot seem to figure out how to upload it to Azure blob storage without saving it locally first as a csv.
The dataset must be converted to csv and uploaded to the blob as a csv without saving it locally.
This is what got so far:
$SQLServer = "xxxxxxx"
$SQLDBName = "xxxxxx"
$uid ="xxxxxxxx"
$pwd = "xxxxxxx"
$SqlQuery = "SELECT * from Dim.xxxxxx;"
$SqlConnection = New-Object System.Data.SqlClient.SqlConnection
$SqlConnection.ConnectionString = "Server = $SQLServer; Database = $SQLDBName; Integrated Security = False; User ID = $uid; Password = $pwd;"
$SqlCmd = New-Object System.Data.SqlClient.SqlCommand
$SqlCmd.CommandText = $SqlQuery
$SqlCmd.Connection = $SqlConnection
$SqlAdapter = New-Object System.Data.SqlClient.SqlDataAdapter
$SqlAdapter.SelectCommand = $SqlCmd
$DataSet = New-Object System.Data.DataSet
$SqlAdapter.Fill($DataSet)
$csv = $DataSet.Tables[0] | ConvertTo-Csv -Delimiter ";" -NoTypeInformation
Set-AzStorageBlobContent -File $csv -Context $context -Container "xxxxxx"
However the last line gives me this error:
Set-AzStorageBlobContent : Cannot convert 'System.Object[]' to the
type 'System.String' required by parameter 'File'. Specified method is
not supported.
I know im doing something wrong but i cannot figure out how to convert the dataset and upload it at the same time. Or maybe there is another way?
According to the documentation for the Set-AzStorageBlobContent, this is not possible:
The Set-AzStorageBlobContent cmdlet uploads a local file to an Azure Storage blob.
Source: https://learn.microsoft.com/en-us/powershell/module/az.storage/set-azstorageblobcontent?view=azps-2.8.0
The reason you are receiving that error message is because the command is expecting a file name, as a string, as the value for the -File parameter, not the content of the blob. Even if you converted the Object[] to a String, it still would not work as the command will try to find a file with that path.
I recommend you use the Blob Storage REST API to achieve this, in particular the Put Blob method. You will have to craft an HTTP request.
The other option is to use the Blob Storage .NET API, as you are able to use .NET classes from Powershell.
Just let Databricks manage it. The SQL Data Warehouse connector for Databricks will manage the intermediate storage. Just load your dataframe, then write to DW using the DW connector.
https://docs.databricks.com/data/data-sources/azure/sql-data-warehouse.html
A solution I found was to create an temporaryfile in Powershell instead.
First I declare a variable with the New-TemporaryFile. After this I take my DataSet and export it to $file Variable. And after I have done that i can upload it to my Azure Blob Storage.
So the solution is:
$file = New-TemporaryFile
$DataSet.Tables[0] | Export-Csv -Path $file -Delimiter ";" -NoTypeInformation
Set-AzStorageBlobContent -File $file -Container "xxxxxx" -Context $context -blob "dataset" -Force