2
votes

It's possible to retrieve the access key to an Azure storage account using Get-AzureRmStorageAccountKey from Powershell. How would I get hold of the access key to a shared access policy of an Azure Service Bus?

More clarification

This is what I get when I use the Get-AzureRmServiceBusNamespaceKey cmdlet:

PS C:\Windows\system32> Login-AzureRmAccount -Credential $cred

Environment           : AzureCloud
Account               : ***redacted***
TenantId              : ***redacted***
SubscriptionId        : ***redacted***
CurrentStorageAccount : 

PS C:\Windows\system32> Set-AzureRmContext -SubscriptionId ***redacted***

Environment           : AzureCloud
Account               : ***redacted***
TenantId              : ***redacted***
SubscriptionId        : ***redacted***
CurrentStorageAccount : 


PS C:\Windows\system32> Get-AzureRmServiceBusNamespaceKey -ResourceGroup testresourcegroup -Name test-bus -AuthorizationRuleName SendPolicy
Get-AzureRmServiceBusNamespaceKey : Run Login-AzureRmAccount to login.
At line:1 char:1
+ Get-AzureRmServiceBusNamespaceKey -ResourceGroup testresourcegroup -Name    test-bus ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : InvalidOperation: (:) [Get-AzureRmServiceBusNamespaceKey], PSInvalidOperationException
+ FullyQualifiedErrorId :   InvalidOperation,Microsoft.Azure.Commands.ServiceBus.Commands.Namespace.GetAzure RmServiceBusNamespaceKey


PS C:\Windows\system32> Get-AzureRmStorageAccountKey -ResourceGroupName testresourcegroup -Name teststoragexxx

Key1                                                                                                        Key2                                                                                                   
----                                                                                                    ----                                                                                                   
***redacted***                ***redacted***
2

2 Answers

3
votes

Not with Get-AzureRmStorageAccountKey, but you can use Get-AzureRmServiceBusNamespaceKey

$resourceGroup = "myResourceGroup"
$serviceBusName ="myservicebusname"
$policyName = "policyname"

Get-AzureRmServiceBusNamespaceKey -ResourceGroup $resourceGroup -Name $serviceBusName -AuthorizationRuleName $policyName

This will return the whole object, so you can pass it into a variable and get the keys or connection strings from that.

1
votes

Please have a try to login with tenantId and ServicePrincipal. I do a demo test about that, it works correctly for me.

Login-AzureRmAccount -Credential $psCred  -TenantId $azureTenantId  -ServicePrincipal -SubscriptionId $subscriptionId 

The following is may detail steps.

1 . We need to install service Bus module if it is not install. More detail info about AzureRM.ServiceBus please refer to document.

Install-Module -Name AzureRM.ServiceBus 

2.More detail info about Automatically login script please refer to another SO thread.

3.Run the test script and check the result.

$azureAplicationId ="Azure AD Application Id"
$azureTenantId= "Your Tenant Id"
$azurePassword = ConvertTo-SecureString "strong password" -AsPlainText -Force
$subscriptionId="Your subcription"
$psCred = New-Object System.Management.Automation.PSCredential($azureAplicationId , $azurePassword)
Login-AzureRmAccount -Credential $psCred  -TenantId $azureTenantId  -ServicePrincipal -SubscriptionId $subscriptionId 


$resourceGroup = "Resource Group name"
$serviceBusName ="Service Bus Name"
$policyName = "Policy Name"
Get-AzureRmServiceBusNamespaceKey  -ResourceGroup $resourceGroup -Name $serviceBusName -AuthorizationRuleName $policyName

enter image description here