CODEWITHSUNDEEP
azureemailazure-blob-storageazure-powershell
lubierzca
lubierzca

Reputation: 160

Retrieving file content from Azure Blob

I want to send report by using sendgrid in Azure AA. Problem is, I'm forced to use apikey pass in plaintext in a script and I obviously want to avoid that at any cost. I figured I could save file with apikey in txt file somewhere hidden Azure Storage in specific container. What I want to achieve is something like this:

(...)
$HTMLDetails = @{
Title = $Subject
Head = $CSS
}

$Username ="username"

$apikey = get-storageblobfilecontent -container x -blob y -file z | Out-String

$Password = ConvertTo-SecureString $apikey -Force

$Credential = New-Object System.Management.Automation.PSCredential $Username, $Password

$Splat = @{
    To          =...
    Cc          =...
    Body       ="$(import-csv -delimiter ";" DiskReport.csv | ConvertTo-Html @HTMLDetails)"
    Subject     = $Subject
    smtpServer  ="smtp.sendgrid.net"
    From        ="[email protected]" 
    BodyAsHtml  = $True
    }

Send-MailMessage @Splat -Credential $Credential -Usessl -Port xxx

Is it actually possible to do? Retrieving file content from the VM is not an option, as Runbook scripts cannot reach VM's directly.

Upvotes: 0

Views: 84

Answers (1)

tedsmitt
tedsmitt

Reputation: 776

You can use the built in Get-AutomationPSCredential cmdlet inside of your runbook. At the Automation account level you can configure credentials that get stored securely, then bring them into your runbook (it is configured so that the output can never be written to host in plaintext).

Create a credential (for example 'MyApiKey') inside of the Credentials tab on the AA. Inside of your script use the following command $apiKey = Get-AutomationPSCredential MyApiKey

You can then pass that into the $Credential object.

See https://learn.microsoft.com/en-us/azure/automation/shared-resources/credentials#activities for more information on the utility.

Upvotes: 1

Related Questions