Last active
September 17, 2020 18:35
-
-
Save svenmalvik/5a09f29cd766dd87a0e70b408172afce to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Param([Object]$WebhookData) | |
| $body = (ConvertFrom-Json -InputObject $WebhookData.RequestBody) | |
| Write-Output "Hello from Runbook" | |
| $apimSubscriptionId = "TO_BE_SET" | |
| $apimServiceName = "TO_BE_SET" | |
| $rg = "TO_BE_SET" | |
| $appcname = "TO_BE_SET" | |
| $keyToUpdate = $body.data.key | |
| # Put these values into an Azure Key Vault and retrieve them from there | |
| $global:ClientID = "TO_BE_SET" # SP | |
| $global:ClientSecret = "TO_BE_SET" #SP | |
| $global:TenantID = "TO_BE_SET" | |
| function setupConnection { | |
| Write-Output "Start process getting AzureRunAsConnection" | |
| $connectionName = "AzureRunAsConnection" | |
| try | |
| { | |
| # Get the connection "AzureRunAsConnection " | |
| $servicePrincipalConnection = Get-AutomationConnection -Name $connectionName | |
| Write-Output $servicePrincipalConnection | |
| "Logging in to Azure..." | |
| Add-AzAccount ` | |
| -ServicePrincipal ` | |
| -TenantId $servicePrincipalConnection.TenantId ` | |
| -ApplicationId $servicePrincipalConnection.ApplicationId ` | |
| -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint | |
| } | |
| catch { | |
| if (!$servicePrincipalConnection) | |
| { | |
| $ErrorMessage = "Connection $connectionName not found." | |
| throw $ErrorMessage | |
| } else{ | |
| Write-Error -Message $_.Exception | |
| throw $_.Exception | |
| } | |
| } | |
| } | |
| function getBearer([string]$ClientID, [string]$ClientSecret) { | |
| $TokenEndpoint = {https://login.windows.net/{0}/oauth2/token} -f $TenantID | |
| $ARMResource = "https://management.azure.com"; | |
| $Body = @{ | |
| 'resource' = $ARMResource | |
| 'client_id' = $ClientID | |
| 'grant_type' = 'client_credentials' | |
| 'client_secret' = $ClientSecret | |
| } | |
| $params = @{ | |
| ContentType = 'application/x-www-form-urlencoded' | |
| Headers = @{'accept' = 'application/json' } | |
| Body = $Body | |
| Method = 'Post' | |
| URI = $TokenEndpoint | |
| } | |
| $global:accessToken = Invoke-RestMethod @params | |
| } | |
| setupConnection | |
| getBearer $ClientID $ClientSecret | |
| $body = @{ | |
| "key" = $keyToUpdate | |
| } | |
| $headers = @{ | |
| "Content-type" = "application/json" | |
| "Authorization" = "Bearer " + $accessToken.access_token | |
| } | |
| $jsonbody = $body | ConvertTo-Json | |
| Write-output "Let me see what we have in azure app configuration" | |
| $data = (Invoke-RestMethod -Method Post -Uri "https://management.azure.com/subscriptions/$apimSubscriptionId/resourceGroups/$rg/providers/Microsoft.AppConfiguration/configurationStores/$appcname/listKeyValue?api-version=2019-10-01" -Headers $headers -Body $jsonbody -UseBasicParsing) | |
| Write-output "$data.value" | |
| # Update APIM | |
| Set-AzContext -Subscription $apimSubscriptionId | |
| $context = New-AzApiManagementContext -ResourceGroupName $rg -ServiceName $apimServiceName | |
| Set-AzApiManagementNamedValue -Context $context -NamedValueId $keyToUpdate -Value $data.value |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment