How to retrieve storage account key using powershell function app?
Question
I'm using powershell function app to retrieve storage account key but i'm not able to access resources.Please help me.
$resourceGroup = "DemoResourceGroup"
$AccountName = "Demo"
$Key = (Get-AzStorageAccountKey -ResourceGroupName $resourceGroup -Name $AccountName)
Write-Host "storage account key 1 = " $Key
I'm getting following error:
2020-05-14T14:00:05Z [Error] ERROR: Get-AzStorageAccountKey: 'this.Client.SubscriptionId' cannot be null. At D:\home\site\wwwroot\TimerTrigger1\run.ps1:25 char:8 + $key = Get-AzStorageAccountKey -ResourceGroupName "DocumentParser_FBI... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo: CloseError: (:) [Get-AzStorageAccountKey], ValidationException + FullyQualifiedErrorId: Microsoft.Azure.Commands.Management.Storage.GetAzureStorageAccountKeyCommand
Script stack trace: at, D:\home\site\wwwroot\TimerTrigger1\run.ps1: line 25
Microsoft.Rest.ValidationException: 'this.Client.SubscriptionId' cannot be null. at Microsoft.Azure.Management.Storage.StorageAccountsOperations.ListKeysWithHttpMessagesAsync(String resourceGroupName, String accountName, Nullable 1 expand, Dictionary 2 customHeaders, CancellationToken cancellationToken) at Microsoft.Azure.Management.Storage.StorageAccountsOperationsExtensions.ListKeysAsync(IStorageAccountsOperations operations, String resourceGroupName, String accountName, Nullable 1 expand, CancellationToken cancellationToken) at Microsoft.Azure.Management.Storage.StorageAccountsOperationsExtensions.ListKeys(IStorageAccountsOperations operations, String resourceGroupName, String accountName, Nullable 1 expand) at Microsoft.Azure.Commands.Management.Storage.GetAzureStorageAccountKeyCommand.ExecuteCmdlet()
1 answers
solution1
1 ACCPTED 2020-05-15 03:24:56
According to the script you provide, you use Az module. So if you want to choose which Azure subscription you use, you need to use the command Select-AzSubscription . Besides, you also can add -Subscription "<subscription Id>" in Connect-AzAccoun to ensure when you login, you choose the right subscription.
For example
- Create the service principal
Import-Module Az.Resources # Imports the PSADPasswordCredential object
$credentials = New-Object Microsoft.Azure.Commands.ActiveDirectory.PSADPasswordCredential -Property @{ StartDate=Get-Date; EndDate=Get-Date -Year 2024; Password=<Choose a strong password>}
$sp = New-AzAdServicePrincipal -DisplayName ServicePrincipalName -PasswordCredential $credentials
- assign the role to the service principal. For example, assign Contributor role to the sp at the subscription level
New-AzRoleAssignment -ApplicationId <service principal application ID> -RoleDefinitionName "Contributor" `
-Scope "/subscriptions/<subscription id>"
- Script
$appId = "your sp app id"
$password = "your sp password"
$secpasswd = ConvertTo-SecureString $password -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ($appId, $secpasswd)
Connect-AzAccount -ServicePrincipal -Credential $mycreds -Tenant <you sp tenant id>
Get-AzSubscription -SubscriptionName "CSP Azure" | Select-AzSubscription
$resourceGroup = "nora4test"
$AccountName = "qsstorageacc"
$Key = (Get-AzStorageAccountKey -ResourceGroupName $resourceGroup -Name $AccountName)[0].Value
Write-Host "storage account key 1 = " $Key
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.