Functions/Get-KeyVault.ps1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
function Get-KeyVault{ trap {Out-Error "[$resourceGroupName][Key vaults] - $_"; continue;} $keyVaultItems = New-Object System.Collections.ArrayList; $keyVaults = Get-AzureRmKeyVault -ResourceGroupName $resourceGroupName -ErrorAction Stop; Add-Log "resource group being processed: $resourceGroupName" $noOfKeyVaultsFound = $keyVaults.Count; Add-Log "No of keyvaults found: $noOfKeyVaultsFound" $noOfKeyVaultsProcessed = 0; foreach($keyVault in $keyVaults){ trap {Out-Error "[$resourceGroupName][$($keyVault.VaultName)] - Key Vault - $_"; continue;} $currentVaultName = $keyVault.VaultName; $currentVaultKeys = Get-AzureKeyVaultKey -VaultName $currentVaultName -ErrorAction Stop; foreach($currentVaultKey in $currentVaultKeys){ $currentVaultProcessedKey = New-Object PSObject; $currentVaultProcessedKey | add-member -MemberType NoteProperty -Name "VaultName" -Value $currentVaultName $currentVaultProcessedKey | add-member -MemberType NoteProperty -Name "ItemName" -Value $currentVaultKey.Name $currentVaultProcessedKey | add-member -MemberType NoteProperty -Name "ItemId" -Value $currentVaultKey.Id $currentVaultProcessedKey | add-member -MemberType NoteProperty -Name "CreatedDate" -Value $currentVaultKey.Created $currentVaultProcessedKey | add-member -MemberType NoteProperty -Name "ExpiryDate" -Value $currentVaultKey.Expires $currentVaultProcessedKey | add-member -MemberType NoteProperty -Name "Enabled" -Value $currentVaultKey.Enabled $currentVaultProcessedKey | add-member -MemberType NoteProperty -Name "ItemType" -Value "Key" $keyVaultItems.Add($currentVaultProcessedKey) | Out-Null; } $currentVaultSecrets = Get-AzureKeyVaultSecret -VaultName $currentVaultName -ErrorAction Stop; foreach($currentVaultSecret in $currentVaultSecrets){ $currentVaultProcessedSecret = New-Object PSObject; $currentVaultProcessedSecret | add-member -MemberType NoteProperty -Name "VaultName" -Value $currentVaultName $currentVaultProcessedSecret | add-member -MemberType NoteProperty -Name "ItemName" -Value $currentVaultSecret.Name $currentVaultProcessedSecret | add-member -MemberType NoteProperty -Name "ItemId" -Value $currentVaultSecret.Id $currentVaultProcessedSecret | add-member -MemberType NoteProperty -Name "CreatedDate" -Value $currentVaultSecret.Created $currentVaultProcessedSecret | add-member -MemberType NoteProperty -Name "ExpiryDate" -Value $currentVaultSecret.Expires $currentVaultProcessedSecret | add-member -MemberType NoteProperty -Name "Enabled" -Value $currentVaultSecret.Enabled $currentVaultProcessedSecret | add-member -MemberType NoteProperty -Name "ItemType" -Value "Secret" $keyVaultItems.Add($currentVaultProcessedSecret) | Out-Null; } $currentVaultCertificates = Get-AzureKeyVaultCertificate -VaultName $currentVaultName -ErrorAction Stop; foreach($currentVaultCertificate in $currentVaultCertificates){ $currentVaultProcessedCert = New-Object PSObject; $currentVaultProcessedCert | add-member -MemberType NoteProperty -Name "VaultName" -Value $currentVaultName $currentVaultProcessedCert | add-member -MemberType NoteProperty -Name "ItemName" -Value $currentVaultCertificate.Name $currentVaultProcessedCert | add-member -MemberType NoteProperty -Name "ItemId" -Value $currentVaultCertificate.Id $currentVaultProcessedCert | add-member -MemberType NoteProperty -Name "CreatedDate" -Value $currentVaultCertificate.Created $currentVaultProcessedCert | add-member -MemberType NoteProperty -Name "ExpiryDate" -Value $currentVaultCertificate.Expires $currentVaultProcessedCert | add-member -MemberType NoteProperty -Name "Enabled" -Value $currentVaultCertificate.Enabled $currentVaultProcessedCert | add-member -MemberType NoteProperty -Name "ItemType" -Value "Certificate" $keyVaultItems.Add($currentVaultProcessedCert) | Out-Null; } $noOfKeyVaultsProcessed++; } Add-Log "Finished processing keyvaults processed: $noOfKeyVaultsProcessed" if($keyVaultItems){ Set-Output -outputData $keyVaultItems -outputFileName "KeyVault"; } } |