I am trying to read in the access policies using the az cmdlets but struggling to do this. I thought this would work
$foo = az keyvault show -g "my-rg" -n "my-kv"
This returns a value back and was hoping to do:
$accessPolicies = $foo.accessPolicies
However this returns a null. I did notice the output produces properties so I also tried
$accessPolicies = $foo.properties.accessPolicies
Clearly doing something wrong here. Any ideas how I do this?
You could directly query the accessPolicies properties from the Azure CLI command.
$accessPolicies = az keyvault show -g "my-rg" -n "my-kv" --query 'properties.accessPolicies'
The --query parameter needs the JMESPath query string. See http://jmespath.org/ for more information and examples.
If you want to use the PowerShell commands, you can do it like this:
$accessPolicies= (Get-AzKeyVault -vaultname "my-kv" -resourcegroupname "my-rg").AccessPolicies
Related
I am using powershell script in pipeline and the problem I have with this query.
$value = $(az appconfig kv show -n ThisisEnv --key thisisconfigkey) | ConvertFrom-Json
What this query does is get the data related to key if exist. If this key doesn't exist it give the error like
ERROR: Key 'abcdefg' with label 'None' does not exist.
It is work as expected. In pipeline when the key doesn't exist, it's printed a error on CLI. The pipeline see it as error and show it as failed. Is there a way I can make it work.
Is there a way I can stop it printing it on console. Any powershell operator which help me to get the value from azure command but also let me get it without print anything on console.
You could try to redirect the standard error using 2> $null
$value = $(az appconfig kv show -n ThisisEnv --key thisisconfigkey 2> $null) | ConvertFrom-Json
This will suppress the error within the console. You might also want to set the powerShellIgnoreLASTEXITCODE within the Azure CLI Task in order that the pipeline run doesn't fail - or as a workaround, set the $LASTEXITCODE to 0
I have a KeyValue pair in azure appConfiguration
and when I run the following command, it does not work. however another version of it is working
//works
az appconfig kv list -n app-config-dev --key 'my*'
//does not work
az appconfig kv list -n app-config-dev --key '*Key'
documentation says this
what am I doing wrong
Not sure but I'm guessing the --key argument only supports prefix.
You could use jmespath to work around that:
az appconfig kv list -n cockpit-app-config-dev --query "[?ends_with(key, 'key')]" --all
Note:
The query filter is applied on the results of the command so you need to get --all secrets then the query is applied (see documentation)
I ran the following AZ cli command below, whilst it provided me with the information I was after, I could not filter or select the columns I wanted.
az pipelines list --org org_url --project az_project --out table
I am after the name and status column only, and would like to filter on where the name matches the string "dev"
Another option i looked at was piping this out in Powershell
$output = az pipelines list --org org_url --project az_project --out table
$output | select-object name, status
I found that this didnt work either, as looking at the members of $output suggests it was not converted to a custom object. I am thinking there must be a way to do this in powershell.
Credit to #AdminOfThings
This is what I was trying to do.
az pipelines list --org org_url --project az_project | ConvertFrom-Json -Depth 10 | Select Name,Status | where {$_.Name -like "*name*"}
I am trying to create a new Azure Key Vault secret using the Azure Cli v2.9.0 (we use this version in our pipelines and upgrading would be difficult at the moment.) via the command below,
az keyvault secret set --vault-name $myKeyVaultName -n $mySecretName --value "abc^def"
The command is accepted and a new secret is created but it drops the caret (^) from the string and results in a secret value of abcdef instead of the intended abc^def.
During my testing I have seen the below message from Powershell but it's very rare :
Unable to encode the output with cp1252 encoding. Unsupported characters are discarded.
Strange as tjhe caret is in the character set - https://en.wikipedia.org/wiki/Windows-1252#Code_page_layout
Is there a way to run this command and get Key Vault to accept the value with the caret?
I can reproduce your issue.
Actually, it depends on your environment, this issue just occurs when you run the command in Powershell, if you run the CLI command in Bash, it works fine.
az keyvault secret set --vault-name joykeyvault -n testkey12 --value "abc^def"
So if you want to run this command in Powershell environment, just use the line below.
az keyvault secret set --vault-name joykeyvault -n testkey12 --value '"abc^def"'
If you have any special value to store in AKV please use double quote under single quote '"abcx^09|"' instead of "abcx^09|"
AKV Stored Value = abcx^09|
I am trying to use variable in azure CLI like we used in powershell.
In powershell we define variable as follows
$LOCATION = value
And used it in command as follows
az group create --name foo --location $LOCATION
What I have tried :-
I have tried to find it out in Microsoft documentation
https://learn.microsoft.com/en-us/cli/azure/get-started-with-azure-cli?view=azure-cli-latest
but I did not get any information about that.
Question :-
How we can define variable in azure CLI?(like powershell)
How we can used it in command?(like powershell)
Note:- I have installed azure CLI at my local.
The easiest way to pass variables to any CLI command is by using environment variables
An environment variable is a variable whose value is set outside the
program, typically through a functionality built into the operating
system or microservice. An environment variable is made up of a
name/value pair, and any number may be created and available for
reference at a point in time.
Below you can find examples in Bash and CMD:
Bash-
Set new environment variable-
export LOCATION=westeurope
Print the environment variable-
echo ${LOCATION}
AZ CLI example-
az group create --name foo --location ${LOCATION}
CMD-
Set new environment variable-
set LOCATION=westeurope
Print the environment variable-
echo %LOCATION%
AZ CLI example-
az group create --name foo --location %LOCATION%
It is the same way you do it in powershell,
To assign a value
sajeetharan#Azure:~$ LOCATION="eastus"
To check value is set,
sajeetharan#Azure:~$ echo $LOCATION
eastus
You could do it like this:
New-Variable -Name "location" -Visibility Public -Value "eastus"
Azure Cloud Shell
Assignment: use double quotes if you are assigning a long string (export is not needed):
AZURE_STORAGE_CONNECTION_STRING="DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=MYACCNAME;AccountKey=MYACCKEY"
Usage: invoke/surround it with ${}, example:
checking Storage Queue messages:
az storage message peek \
--connection-string ${AZURE_STORAGE_CONNECTION_STRING} \
--queue-name MYQUEUE
printing:
echo ${AZURE_STORAGE_CONNECTION_STRING}