使用 powershell 从 keyvault 密钥轮换策略触发密钥轮换

问题描述 投票:0回答:1

对如何以编程方式使用 Azure 密钥保管库密钥的立即旋转选项进行了一些研究。我想出了下面的脚本,但它似乎不起作用。我想知道是否有人知道如何在已经存在策略的情况下轮换密钥。

# Install the Azure PowerShell module if not already installed
# Install-Module -Name Az -Force -AllowClobber -Scope CurrentUser

# Sign in to Azure (use 'Connect-AzAccount' and provide credentials if not signed in)
# Connect-AzAccount

# Variables
$KeyVaultName = "my-kv"

# Get all keys in the Key Vault
$keys = Get-AzKeyVaultKey -VaultName $KeyVaultName

foreach ($key in $keys) {
    # Create a new version of the key
    $newKeyVersion = Update-AzKeyVaultKey -VaultName $KeyVaultName -KeyName $key.Name -KeyVersion $key.KeyIdentifier.Version


    Write-Host "Key rotation completed for $($key.Name). New version: $($newKeyVersion.KeyIdentifier.Version)"
}

Write-Host "Key rotation completed for all keys in $KeyVaultName."
azure powershell azure-keyvault
1个回答
0
投票

我为示例创建了密钥,如下所示:

enter image description here

并为所有键配置轮换策略:

示例,key1

enter image description here

要以编程方式对 Azure 密钥保管库密钥使用 立即旋转选项,请使用以下 PowerShell 脚本:

$KeyVaultName = "testrukkv1"

# Get all keys in the Key Vault
$keys = Get-AzKeyVaultKey -VaultName $KeyVaultName

foreach ($key in $keys) {
    # Rotate the key
    $newKeyVersion = Invoke-AzKeyVaultKeyRotation -VaultName $KeyVaultName -KeyName $key.Name

    Write-Host "Key rotation completed for $($key.Name). New version: $($newKeyVersion.Version)"
}

Write-Host "Key rotation completed for all keys in $KeyVaultName."

enter image description here

输出:

Key rotation completed for key1. New version: xxx
Key rotation completed for key2. New version: xxx
Key rotation completed for key3. New version: xxx
Key rotation completed for all keys in testrukkv1.

在门户中,钥匙旋转成功:

enter image description here

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.