Powershell-Azure WebApp Ip限制-WebApps阵列

时间:2018-10-28 02:57:35

标签: arrays azure powershell azure-web-app-service

几天来,我一直在努力提出可行的解决方案

我要实现什么目标?

Foreach ($item in $webApps){ 
$WebAppConfig = (Get-AzureRmResource -ResourceType Microsoft.Web/sites/config -ResourceName $item -ResourceGroupName $resourceGroup -ApiVersion $APIVersion) 
} 

问题是“ -resourceName”将不接受对象,而仅接受字符串

我正在寻找一种方法来获取以下命令的输出,将其转换为字符串,以便它可以满足–ResourceName,并遍历字符串中的每一项

$webApps = (Get-AzureRmResourceGroup -Name $resourceGroup | Get-AzureRmWebApp).name 

这将返回一个漂亮的Azure WebApp列表,这些列表存在于指定的ResourceGroup中,但是它们是对象形式的–ResourceName不会采用

我尝试了几种方法将$ webApps的输出转换为字符串,在末尾添加逗号,然后执行–split',',但似乎没有任何正常工作,其中–ResourceName将接受

方法1:

[string]$webAppsArrays =@() 

Foreach ($webApp in $webApps){ 

$webAp+',' -split ',' 

} 

方法2:

$

webApps | ForEach-Object { 

$webApp = $_ + "," 

Write-Host $webApp 

} 

方法3:

$csvPath2 = 'C:\Users\Giann\Documents\_Git Repositorys\QueriedAppList2.csv' 

$webApps = (Get-AzureRmResourceGroup -Name $resourceGroup | Get-AzureRmWebApp).name | out-file -FilePath $csvPath1 -Append 

$csvFile2 = import-csv -Path $csvPath1 -Header Name 

此输出以CSV格式列出,但是仍然是对象,因此我无法将每个项目传递到–ResourceName

我正兜圈子,试图使下面的内容可重复,循环播放

所需的最终结果是使用下面的脚本以及一系列webApp,并从提供的资源组变量中进行查询:

任何使用此脚本的帮助将不胜感激,但是请记住$ WebAppConfig变量中的-ResourceName“ String”限制,从指定的资源组中提取WebApp的动态列表

以下是使用CSV文件中的属性为1个Web应用程序和1个资源组创建IP限制的原始脚本:

#Create a Function to create IP Restrictions for 1 Web App and 1 Resource Group, using properties from the CSV file:  

#Variables 
$WebApp = "" 
$resourceGroup ="" 
$subscription_Id = '' 

#Login to Azure 
Remove-AzureRmAccount -ErrorAction SilentlyContinue | Out-Null 
Login-AzureRmAccount -EnvironmentName AzureUSGovernment -Subscription $subscription_Id 

Function CreateIpRestriction {  
Param (  
[string] $name,  
[string] $ipAddress,  
[string] $subnetMask,  
[string] $action,  
[string] $priority  
)  

$APIVersion = ((Get-AzureRmResourceProvider -ProviderNamespace Microsoft.Web).ResourceTypes | Where-Object ResourceTypeName -eq sites).ApiVersions[0]  

$WebAppConfig = (Get-AzureRmResource -ResourceType Microsoft.Web/sites/config -ResourceName $WebApp -ResourceGroupName $ResourceGroup -ApiVersion $APIVersion)  

$ipRestriction = $WebAppConfig.Properties.ipSecurityRestrictions  
$ipRestriction.name = $name  
$ipRestriction.ipAddress = $ipAddress  
$ipRestriction.subnetMask = $subnetMask  
$ipRestriction.action = $action  
$ipRestriction.priority = $priority  
return $ipRestriction  
}  

#Set csv file path:  
$csvPath5 = 'C:\Users\Giann\Documents\_Git Repositorys\ipRestrictions5.csv' 

#import CSV Contents  
$ipRestrictionArray = Import-Csv -Path $csvPath5  

$ipRestrictions = @()  
foreach($item in $ipRestrictionArray){  
Write-Host "Adding ipRestriction properties for" $item.name  
$newIpRestriction = CreateIpRestriction -name $item.name -ipAddress $item.ipAddress -subnetMask $item.subnetMask -action $item.action -priority $item.priority  
$ipRestrictions += $newIpRestriction  
}  

#Set the new ipRestriction on the WebApp 
Set-AzureRmResource -ResourceGroupName $resourceGroup -ResourceType Microsoft.Web/sites/config -ResourceName $WebApp/web -ApiVersion $APIVersion -PropertyObject $ipRestrictions 

1 个答案:

答案 0 :(得分:1)

作为评论的继续,我真的需要多行,因此在这里作为答案。

  

请注意,我无法自己对此进行测试

此页面here显示Set-AzureRmResource -Properties 参数的类型应为PSObject(代替-Properties,您也可以使用别名-PropertyObject

在您的代码中,我认为函数CreateIpRestriction不会返回PSObject,但会尝试执行过多操作。

无论如何,尝试这样:

Function CreateIpRestriction {  
    Param (  
        [string] $name,  
        [string] $ipAddress,  
        [string] $subnetMask,  
        [string] $action,  
        [string] $priority  
    )  
    # There are many ways to create a PSObject (or PSCustomObject if you like).  
    # Have a look at https://social.technet.microsoft.com/wiki/contents/articles/7804.powershell-creating-custom-objects.aspx for instance.
    return New-Object -TypeName PSObject -Property @{
            name = $name  
            ipAddress = $ipAddress  
            subnetMask = $subnetMask  
            action = $action  
            priority = $priority
        }
}

#Set csv file path:  
$csvPath5 = 'C:\Users\Giann\Documents\_Git Repositorys\ipRestrictions5.csv' 

#import CSV Contents  
$ipRestrictionArray = Import-Csv -Path $csvPath5  

# create an new array of IP restrictions (PSObjects)
$newIpRestrictions = @()  
foreach($item in $ipRestrictionArray){  
    Write-Host "Adding ipRestriction properties for" $item.name  
    $newIpRestrictions += (CreateIpRestriction -name $item.name -ipAddress $item.ipAddress -subnetMask $item.subnetMask -action $item.action -priority $item.priority  )
}  

# here we set the restrictions we collected in $newIpRestrictions in the $WebAppConfig.Properties.ipSecurityRestrictions array
$APIVersion = ((Get-AzureRmResourceProvider -ProviderNamespace Microsoft.Web).ResourceTypes | Where-Object ResourceTypeName -eq sites).ApiVersions[0]  
$WebAppConfig = (Get-AzureRmResource -ResourceType Microsoft.Web/sites/config -ResourceName $WebApp -ResourceGroupName $ResourceGroup -ApiVersion $APIVersion)  
$WebAppConfig.Properties.ipSecurityRestrictions = $newIpRestrictions
$WebAppConfig | Set-AzureRmResource -ApiVersion $APIVersion -Force | Out-Null

上面的代码将用新的设置替换 ipSecurityRestrictions。您可能需要考虑先获取它们,然后将其添加到现有列表中。

我找到了获取,添加和删除ipSecurityRestrictions here的示例,但是我可以想象还有更多示例可以找到。

希望有帮助。