有没有办法通过 HTTP 方法 GET 从 azure key vault 中检索多个秘密值?我正在使用链接 https://{keyvaultname}.vault.azure.net/secrets/{keysecretname}?api-version=7.1
我一次只能检索一个值。那么有没有办法使用 HTTP 方法来获取所有的秘密值呢?
【问题讨论】:
标签: azure http postman azure-keyvault
目前,没有 Azure Vault API 操作可让您从 Azure Vault 检索所有机密及其各自的值。
但是,您可以使用 postman 来协调所有机密的检索,方法是利用 Collection Runner 以及控制逻辑来定义运行哪个请求以及何时运行。 我参考了这个community post 并创建了一个邮递员集合,可以帮助您检索所有秘密。
我自己在我的个人 Azure 订阅中的 Key Vault 上对此进行了测试,它就像一个魅力。请确保在 Collection Runner 中有一个空白的 Postman Environment 来运行此 Collection。
希望这会有所帮助。如果您遇到任何问题,请告诉我。
{
"info": {
"_postman_id": "c7298583-a343-47f3-b608-73547da45d5e",
"name": "Azure Vault Secrets",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Retrieve All Secret Keys",
"event": [
{
"listen": "test",
"script": {
"id": "af71963c-adc5-4688-aa55-5fdae1aea154",
"exec": [
"// Function to extract last element i.e. the Secret Key Name from the secrets URL",
"const getLastItem = thePath => thePath.substring(thePath.lastIndexOf('/') + 1);",
"",
"// Parse the response Body",
"var jsonData = pm.response.json();",
"",
"// Map the secrets URL from the element 'id' presnet in response",
"var secretUrllist = _.map(jsonData.value, 'id');",
"",
"// Initialize an empty array to store the secret Key name",
"var secretList = [];",
"",
"// Populate the array and extract the last element from the URL",
"_.forEach(secretUrllist, function(value){",
" secretList.push(getLastItem(value));",
"});",
"",
"// Set the secretList",
"pm.environment.set('secretList',JSON.stringify(secretList));",
"",
"// Set the next index of the array for secretList ",
"pm.environment.set('nextIndex', 0);",
"",
"// Set the active secret Key name to fetch the secret Value for",
"pm.environment.set('activeSecret', secretList[0]);",
""
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "noauth"
},
"method": "GET",
"header": [],
"url": {
"raw": "{{vaultBaseUrl}}/secrets?api-version=7.1",
"host": [
"{{vaultBaseUrl}}"
],
"path": [
"secrets"
],
"query": [
{
"key": "api-version",
"value": "7.1"
}
]
}
},
"response": []
},
{
"name": "Retrieve All Secret Values",
"event": [
{
"listen": "test",
"script": {
"id": "7d6e8591-9c9b-4a97-92f3-a24059fa8750",
"exec": [
"let secretList = JSON.parse(pm.environment.get('secretList')),",
" // Increment the next Index",
" nextIndex = parseInt(pm.environment.get('nextIndex')) + 1;",
"",
"",
"// In case secret values have been fetched for all requests then we're done here",
"// time to end the collection run and clean up the environment and activeSecret",
"if (secretList.length === nextIndex) {",
" pm.environment.set('nextIndex', 0);",
" pm.environment.set('activeSecret', secretList[0]);",
"",
" postman.setNextRequest(null);",
"}",
"else {",
" let activeSecret = secretList[nextIndex];",
" pm.environment.set('nextIndex', nextIndex);",
" pm.environment.set('activeSecret', activeSecret);",
"",
" // Now run the Retrieve All Secret Values request again to get the secret value",
" // for the next request",
" postman.setNextRequest(\"Retrieve All Secret Values\");",
"}",
"",
""
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "noauth"
},
"method": "GET",
"header": [],
"url": {
"raw": "{{vaultBaseUrl}}/secrets/{{activeSecret}}?api-version=7.1",
"host": [
"{{vaultBaseUrl}}"
],
"path": [
"secrets",
"{{activeSecret}}"
],
"query": [
{
"key": "api-version",
"value": "7.1"
}
]
}
},
"response": []
}
],
"protocolProfileBehavior": {}
}
【讨论】: