[英]Undeleting a Soft Deleted Blob in Azure Storage Using a REST API call from PowerShell
I am trying to create a script to retrieve blobs for a given customer number from a storage account in Azure.我正在尝试创建一个脚本来从 Azure 中的存储帐户中检索给定客户编号的 blob。 All blobs reside in a single container, with 'actioned' blobs being soft deleted.
所有 blob 都驻留在一个容器中,“已执行”的 blob 被软删除。 I can use PowerShell to display the relevant blobs, including their 'IsDeleted' status, but I understand that PowerShell doesn't have the necessary command to undelete blobs and so I'm trying to make a REST API call from the PowerShell script.
I can use PowerShell to display the relevant blobs, including their 'IsDeleted' status, but I understand that PowerShell doesn't have the necessary command to undelete blobs and so I'm trying to make a REST API call from the PowerShell script.
I do an inital login to the Azure platform and set a variable for an SAS token (which includes the necessary permissions to undelete):我对 Azure 平台进行了初始登录,并为 SAS 令牌设置了一个变量(其中包括取消删除的必要权限):
$username = "<myUserName>"
$encryptedPwd = Get-Content <path\securepassword.txt> | ConvertTo-SecureString
$cred = New-Object System.Management.Automation.PsCredential($username, $encryptedPwd)
$strgaccname = "<myStorageAccount>"
$strgcontainer = "<myContainer>"
#SAS Token
$sastkn = "<mySAStoken>"
#Set StorageContext
$ctx = New-AzStorageContext -StorageAccountName $strgaccname -SasToken $sastkn
$subId = "mySubscriptionID"
Connect-AzAccount -Credential $cred -Subscription $subID
I can list all matching blobs with the following PowerShell:我可以使用以下 PowerShell 列出所有匹配的 blob:
$searchstring = '*'+<myCustomerNumber>+'*'
Get-AzStorageBlob -Blob $searchstring -Context $ctx -Container $strgcontainer -IncludeDeleted `
| Select-Object Name, Length, LastModified, IsDeleted `
| Sort-Object LastModified -Descending
I am unsure how to proceed with the REST API call.我不确定如何继续拨打 REST API 电话。 Looking at some other people's methods, I have something like the following, using a test blob that has been soft deleted:
看了一些其他人的方法,我有类似下面的,使用一个已经被软删除的测试blob:
$uri = "https://<myStorageAccount>.blob.core.windows.net/<myContainer>/<myTestBlob>?comp=undelete"
$headers = @{
'Authorization' = "Bearer <accessToken>";
'x-ms-date' = $((get-date -format r).ToString());
'x-ms-version' = "2020-12-06";
}
Invoke-RestMethod -Method 'Put' -Uri $uri -Headers $headers
However, I don't know how to create the Bearer Access Token that is mentioned.但是,我不知道如何创建提到的承载访问令牌。
We have done a repro in our local environment & it is working fine, Below statements are based on our analysis.我们已经在我们的本地环境中进行了复制,并且运行良好,以下陈述基于我们的分析。
You can use the below Powershell script which will help you in restoring the soft-deleted blobs in your storage account.您可以使用以下Powershell 脚本,该脚本将帮助您恢复存储帐户中软删除的 blob。
Here is the Powershell Script:这是 Powershell 脚本:
Connect-AzAccount
#Get all deleted blob within a container
$StorageAccount = Get-AzStorageAccount | Where-Object { $_.StorageAccountName -eq "<storageAccountName>" }
$Blobs = Get-AzStorageContainer -Name "<ContainerName>" -Context $StorageAccount.Context | Get-AzStorageBlob -IncludeDeleted
$DeletedBlobs=$($Blobs| Where-Object {$_.IsDeleted -eq $true})
#Get your Bearer access token
$resource = “https://storage.azure.com"
$context = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile.DefaultContext
$accessToken = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate($context.Account, $context.Environment, $context.Tenant.Id.ToString(), $null, [Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never, $null, $resource).AccessToken
#Restore
foreach ($DeletedBlob in $DeletedBlobs) {
Write-Host "Restoring : $($DeletedBlob.Name)"
$uri = "$($DeletedBlob.BlobBaseClient.Uri.AbsoluteUri)?comp=undelete"
$headers = @{
'Authorization' = "Bearer $accessToken";
'x-ms-date' = $((get-date -format r).ToString());
'x-ms-version' = "2020-12-06";
}
Invoke-RestMethod -Method 'Put' -Uri $uri -Headers $headers
}
Here is the Sample output for your reference:以下是样品 output 供您参考:
Note:笔记:
In order to perform the restoration of soft-deleted blob , you need to have a Storage Blob Data Contributor RBAC role on the Storage Account.为了执行软删除 blob 的恢复,您需要在存储帐户上具有存储 Blob 数据参与者RBAC 角色。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.