My last post, where I was talking about encrypting VMs, took several pages to just explain/screenshot/etc. At the end, I thought it’d be nice to link to the full PS runbook, but I didn’t have any webserver place to easily store it. “Use your damn website you goof,” I thought…pft, too easy. Let’s make it
hard more fun.
1. Use Azure BLOB Storage (boring, too easy you say…mkay, keep going).
2. Do it all in PowerShell (okay, a few more steps…keep going)
2. Use a storage account that was created in ARM mode (there ya go).
You may be aware, the Azure ARM stuff is still catching up with the ASM stuff, so we need to poke around some.
In old ASM PowerShell, I could do things like get-azurestorageaccount which still works, but it only returns ASM created storage. Me, I created my storage account in ARM mode, so there should be a get-azurermstorageaccount – yep, there is. So that’s good.
Next, in old ASM PowerShell, I could do this: `new-azurestoragecontainer` which is great. Logic would tell me that therefore there is a `new-azurermstoragecontainer` – nope…why I haven’t the foggiest, but I suspect it will be along shortly. Here’s what I managed to do.
$storagekeys = get-azurermstorageaccountkey -resourcegroupname <my resource group name> -name <my storage account name>
$context = new-azurestoragecontext -storageaccountname <my storage account name> -storageaccountkey $storagekey.key1
Now, I have myself something I can work with – the first thing I needed to do was create a container. Since there is no new-azurermstoragecontainer but there IS new-azurestoragecontainer which takes a `-context` parameter, this should work:
new-azurestoragecontainer -name mycontainer -permission container -context $context
Note: The new-azurestoragecontext just builds an API object, it doesn’t do any validation, so make sure your stuff is right.
Now, I can upload my script to the container and we’re done!
set-azurestorageblobcontent -file <my local file path> -container mycontainer -context $context