Last active
December 16, 2018 22:11
-
-
Save zplume/555332c4b953117d9f721b585a6064e7 to your computer and use it in GitHub Desktop.
Get-AzureFunctionKeys.ps1 retrieves Azure Function auth. codes for the Functions specified in FunctionAppMap.ps1, using the Azure REST API and user credentials. This script uses Get-AADToken.ps1 (https://gist.github.com/zplume/574e133b43ecf3037473286580ed524e) to retrieve an Azure access token.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Map Function App friendly name to URL | |
return @{ | |
DEV = @{ | |
"CreateTenderSite" = "https://dev-createtendersite.azurewebsites.net"; | |
"CopyDocuments" = "https://dev-copydocuments.azurewebsites.net"; | |
"Notifications" = "https://dev-notifications.azurewebsites.net"; | |
"PermissionAssignment" = "https://dev-permissions.azurewebsites.net" | |
}; | |
TEST = @{ | |
"CreateTenderSite" = "https://test-createtendersite.azurewebsites.net"; | |
"CopyDocuments" = "https://test-copydocuments.azurewebsites.net"; | |
"Notifications" = "https://test-notifications.azurewebsites.net"; | |
"PermissionAssignment" = "https://test-permissions.azurewebsites.net" | |
}; | |
UAT = @{ | |
"CreateTenderSite" = "https://uat-createtendersite.azurewebsites.net"; | |
"CopyDocuments" = "https://uat-copydocuments.azurewebsites.net"; | |
"Notifications" = "https://uat-notifications.azurewebsites.net"; | |
"PermissionAssignment" = "https://uat-permissions.azurewebsites.net" | |
}; | |
PROD = @{ | |
"CreateTenderSite" = "https://prod-createtendersite.azurewebsites.net"; | |
"CopyDocuments" = "https://prod-copydocuments.azurewebsites.net"; | |
"Notifications" = "https://prod-notifications.azurewebsites.net"; | |
"PermissionAssignment" = "https://prod-permissions.azurewebsites.net" | |
}; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param( | |
# e.g. "tenant.onmicrosoft.com" | |
[Parameter(Mandatory = $true)] | |
[string]$TenantDomain, | |
# Credentials paramter should be a variable containing the result of Get-Credential | |
[Parameter(Mandatory = $true)] | |
[pscredential]$Credentials, | |
[Parameter(Mandatory = $true)] | |
[ValidateSet("DEV", "TEST", "UAT", "PROD")] | |
[string]$Environment | |
) | |
function Get-PubCreds([string]$accessToken, [string]$id) { | |
$pubCreds = Invoke-RestMethod -Method POST -Headers @{Authorization=$accessToken} ` | |
-Uri "https://management.azure.com$id/publishxml?api-version=2016-08-01" | |
$user = $pubCreds.publishData.publishProfile[0].userName | |
$pass = $pubCreds.publishData.publishProfile[0].userPWD | |
$pair = "$($user):$($pass)" | |
$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($pair)) | |
return $encodedCreds | |
} | |
function Get-FunctionKey([string]$encodedCreds, [string]$appName, [string]$functionName) { | |
$accessToken = Invoke-RestMethod -Uri "https://$appName.scm.azurewebsites.net/api/functions/admin/token" ` | |
-Headers @{Authorization=("Basic {0}" -f $encodedCreds)} -Method GET | |
$keys = Invoke-RestMethod -Method GET -Headers @{Authorization="Bearer $accessToken"} ` | |
-Uri "https://$appName.azurewebsites.net/admin/functions/$functionName/keys" | |
$code = $keys.keys[0].value | |
return $code | |
} | |
function Get-FunctionAppFunctions([string]$accessToken, [string]$id) { | |
return (Invoke-RestMethod -Method GET -Headers @{Authorization=$accessToken} ` | |
-Uri "https://management.azure.com$id/functions?api-version=2016-08-01").value | |
} | |
function Get-Subscription([string]$accessToken) { | |
return Invoke-RestMethod -Method GET -Headers @{Authorization=$accessToken} ` | |
-Uri "https://management.azure.com/subscriptions?api-version=2016-06-01" | |
} | |
function Get-FunctionApps([string]$accessToken, [string]$subscriptionId) { | |
return (Invoke-RestMethod -Method GET -Headers @{Authorization=$accessToken} ` | |
-Uri "https://management.azure.com/subscriptions/$subscriptionId/providers/Microsoft.Web/sites?api-version=2016-08-01&`$filter=kind eq functionapp").value | |
} | |
$ErrorActionPreference = "Stop" | |
# this is required to prevent "underlying connection closed" errors with Invoke-RestMethod | |
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |
$functionAppMap = .\FunctionAppMap.ps1 | |
. .\Get-AADToken.ps1 | |
$accessToken = Get-AADToken -TenantADName $TenantDomain -Credential $Credentials | |
$subscriptions = Get-Subscription -accessToken $accessToken | |
$subscriptionId = $subscriptions.value.subscriptionId | |
$functionApps = Get-FunctionApps -accessToken $accessToken -subscriptionId $subscriptionId | |
Write-Host "`nLoading Function Apps" | |
$functionCodes = @{} | |
$functionMapApps = $functionAppMap[$Environment] | |
foreach($functionApp in $functionApps) { | |
$appName = $functionApp.name | |
Write-Host -f Yellow "`n$appName" | |
Write-Host "Loading Functions" | |
$functions = Get-FunctionAppFunctions -accessToken $accessToken -id $functionApp.id | |
$pubCreds = Get-PubCreds -accessToken $accessToken -id $functionApp.id | |
Write-Host "Retrieving Function keys" | |
foreach($function in $functions) { | |
$functionName = $function.properties.name | |
Write-Host " - $functionName" | |
$functionUrl = "https://$($functionApp.properties.defaultHostName)" | |
$functionCode = Get-FunctionKey -encodedCreds $pubCreds -appName $appName -functionName $functionName | |
# Match function URL to function app name via FunctionAppMap and add key to functionCodes hashtable | |
foreach($appMapName in $functionMapApps.Keys) { | |
$appMapUrl = $functionMapApps[$appMapName] | |
if($appMapUrl -eq $functionUrl) { | |
Write-Host -f Green " - Retrieved key for Function $appMapName\$functionName" | |
$functionCodes["$($appMapName)_$($functionName)Code"] = $functionCode | |
} | |
} | |
} | |
} | |
Write-Host | |
return $functionCodes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment