Is there is a way to get the primary key of an Azure DocumentDB using PowerShell?
Thanks,
Asked
Active
Viewed 2,179 times
2
-
No, there is no such command in Powershell according to https://github.com/savjani/Azure-DocumentDB-Powershell-Cmdlets, I'd suggest you go to https://feedback.azure.com/forums/263030-documentdb and create the request for this. – forester123 Apr 11 '16 at 09:15
3 Answers
5
You can use the below powershell script to create the DocumentDB account and retrieve the key.
You can modifty it if you just want to retrieve the key.
Let me know if this helps or you require help. Happy to help :)
#Input
$subName = "<subscription name>"
$rgName = "<resource group name>"
$docDBAccount = "<DocDB account name>"
Select-AzureRmSubscription -SubscriptionName $subName
$sub = Get-AzureRmSubscription -SubscriptionName $subName
#Get Azure AAD auth token
$clientId = "1950a258-227b-4e31-a9cf-717495945fc2"
$redirectUri = "urn:ietf:wg:oauth:2.0:oob"
$resourceClientId = "00000002-0000-0000-c000-000000000000"
$resourceAppIdURI = "https://management.core.windows.net/"
$authority = "https://login.windows.net/common"
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority,$false
$authResult = $authContext.AcquireToken($resourceAppIdURI, $clientId, $redirectUri, "Auto")
$header = $authresult.CreateAuthorizationHeader()
$tenants = Invoke-RestMethod -Method GET -Uri "https://management.azure.com/tenants?api-version=2014-04-01" -Headers @{"Authorization"=$header} -ContentType "application/json"
$tenant = $tenants.value.tenantId
$authority = [System.String]::Format("https://login.windows.net/{0}", $tenant)
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority,$false
$authResult = $authContext.AcquireToken($resourceAppIdURI, $clientId, $redirectUri, "Auto")
$header = $authresult.CreateAuthorizationHeader()
#Get the account keys and dsi
$account = Get-AzureRmResource -ResourceType Microsoft.DocumentDb/databaseAccounts -ResourceName $docDBAccount -ResourceGroupName $rgName
$keysurl = [System.String]::Format("https://management.azure.com/subscriptions/{0}/resourcegroups/{1}/providers/Microsoft.DocumentDB/databaseAccounts/{2}/listKeys?api-version=2014-04-01", $sub.SubscriptionId, $rgName, $docDBAccount)
$keys = Invoke-RestMethod -Method POST -Uri $keysurl -Headers @{"Authorization"=$header} -ContentType "application/json"
$account.Properties.DocumentEndpoint
$keys.primaryMasterKey
$keys.secondaryMasterKey
-
Hi Satish, I saw this PowerShell script before but how to get these values using PowerShell? I'm trying to automate my deployment. $clientId = "1950a258-227b-4e31-a9cf-717495945fc2" $redirectUri = "urn:ietf:wg:oauth:2.0:oob" $resourceClientId = "00000002-0000-0000-c000-000000000000" – A Seyam Apr 12 '16 at 06:23
-
You can use the same clientid and resourceclientid for now. It should work for you. We will have an improved experience in future. – Satish Kumar Rangavajjula Apr 12 '16 at 19:00
5
I could find a better way to List Keys of a any azure resource.
Example: for document DB- you can use the following script
$keys = Invoke-AzureRmResourceAction -Action listKeys -ResourceType "Microsoft.DocumentDb/databaseAccounts" -ApiVersion "2015-04-08" -ResourceGroupName "<resource-group-name>" -Name "<database-account-name>"
For more info, Please visit msdn article. https://learn.microsoft.com/en-us/azure/documentdb/documentdb-manage-account-with-powershell
Mark Wragg
- 22,105
- 7
- 39
- 68
Raja Mouli Ankireddy
- 196
- 2
- 4
-
If you want to return the read-only keys instead of the read write keys, change the action to `readonlykeys`. – Mark Wragg Oct 07 '19 at 09:54
0
Here are articles which explain the values above:
How does Azure PowerShell work with username/password based auth?
https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-protocols-oauth-code/
Community
- 1
- 1
stephbaron
- 51
- 1