无法使用 Azure 管理重新生成存储密钥 API
Unable to regenerate storage key with Azure Management API
我无法使用 /regenerateKey [1] 为具有 Azure 管理的存储帐户重新生成密钥 API。
我在 JavaScript 中使用以下代码(资源已删除订阅)
const { ClientSecretCredential } = require('@azure/identity');
const { SecretClient } = require('@azure/keyvault-secrets');
const MSRestAzure = require('ms-rest-azure');
const keyVaultName = process.env.KEY_VAULT_NAME;
const KVUri = `https://${keyVaultName}.vault.azure.net`;
const credential = new ClientSecretCredential(
process.env.AZURE_TENANT_ID,
process.env.AZURE_CLIENT_ID,
process.env.AZURE_CLIENT_SECRET,
);
const vault = new SecretClient(KVUri, credential);
function getCreds() {
return new Promise((res, rej) => {
MSRestAzure.loginWithServicePrincipalSecret(
process.env.AZURE_CLIENT_ID,
process.env.AZURE_CLIENT_SECRET,
process.env.AZURE_TENANT_ID,
(err, creds) => {
if (err) {
rej(err);
return;
}
res(creds);
},
);
});
}
const getResourceUrl = (resource, action) => `https://management.azure.com${resource}/${action}?api-version=2019-04-01`;
const resource = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myRg/providers/Microsoft.Storage/storageAccounts/MyStore
const creds = await getCreds();
const client = new MSRestAzure.AzureServiceClient(creds);
const regenUrl = getResourceUrl(resource, 'regenerateKey');
await client.sendRequest({ method: 'POST', url: regenUrl }).then(console.log);
我收到 UnexpectedException 回复 -
{
"error": {
"code": "UnexpectedException",
"message": "The server was unable to complete your request."
}
}
客户端 ID/Secret 属于有权访问存储帐户的应用程序注册,以及该订阅的贡献者和存储帐户密钥操作员。
我认为我没有正确形成请求。
如果不指定请求正文,我可以重现错误。
请按以下格式提供请求正文:
{
keyName: "key1 or key2 (basically which key you want to regenerate)"
}
我无法使用 /regenerateKey [1] 为具有 Azure 管理的存储帐户重新生成密钥 API。
我在 JavaScript 中使用以下代码(资源已删除订阅)
const { ClientSecretCredential } = require('@azure/identity');
const { SecretClient } = require('@azure/keyvault-secrets');
const MSRestAzure = require('ms-rest-azure');
const keyVaultName = process.env.KEY_VAULT_NAME;
const KVUri = `https://${keyVaultName}.vault.azure.net`;
const credential = new ClientSecretCredential(
process.env.AZURE_TENANT_ID,
process.env.AZURE_CLIENT_ID,
process.env.AZURE_CLIENT_SECRET,
);
const vault = new SecretClient(KVUri, credential);
function getCreds() {
return new Promise((res, rej) => {
MSRestAzure.loginWithServicePrincipalSecret(
process.env.AZURE_CLIENT_ID,
process.env.AZURE_CLIENT_SECRET,
process.env.AZURE_TENANT_ID,
(err, creds) => {
if (err) {
rej(err);
return;
}
res(creds);
},
);
});
}
const getResourceUrl = (resource, action) => `https://management.azure.com${resource}/${action}?api-version=2019-04-01`;
const resource = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myRg/providers/Microsoft.Storage/storageAccounts/MyStore
const creds = await getCreds();
const client = new MSRestAzure.AzureServiceClient(creds);
const regenUrl = getResourceUrl(resource, 'regenerateKey');
await client.sendRequest({ method: 'POST', url: regenUrl }).then(console.log);
我收到 UnexpectedException 回复 -
{
"error": {
"code": "UnexpectedException",
"message": "The server was unable to complete your request."
}
}
客户端 ID/Secret 属于有权访问存储帐户的应用程序注册,以及该订阅的贡献者和存储帐户密钥操作员。
我认为我没有正确形成请求。
如果不指定请求正文,我可以重现错误。
请按以下格式提供请求正文:
{
keyName: "key1 or key2 (basically which key you want to regenerate)"
}