Skip to content

Commit 8d4298e

Browse files
Prajwal-MicrosoftPrajwal-Microsoft
authored
Merge pull request #749 from microsoft/psl-fixpostdeployment-script1
fix: Enable Key Vault while running post deployment script
2 parents ea5a2e5 + 5023139 commit 8d4298e

File tree

1 file changed

+46
-0
lines changed

1 file changed

+46
-0
lines changed

infra/scripts/process_sample_data.sh

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ azSubscriptionId=""
1919
original_storage_public_access=""
2020
original_storage_default_action=""
2121
original_foundry_public_access=""
22+
original_keyvault_public_access=""
2223
aif_resource_group=""
2324
aif_account_resource_id=""
2425
# Add global variable for SQL Server public access
@@ -112,6 +113,28 @@ enable_public_access() {
112113
echo "✓ AI Foundry public access already enabled"
113114
fi
114115

116+
# Enable public access for Key Vault
117+
echo "Enabling public access for Key Vault: $keyvaultName"
118+
original_keyvault_public_access=$(az keyvault show \
119+
--name "$keyvaultName" \
120+
--resource-group "$resourceGroupName" \
121+
--query "properties.publicNetworkAccess" \
122+
-o tsv)
123+
if [ "$original_keyvault_public_access" != "Enabled" ]; then
124+
az keyvault update \
125+
--name "$keyvaultName" \
126+
--resource-group "$resourceGroupName" \
127+
--public-network-access Enabled \
128+
--output none
129+
if [ $? -eq 0 ]; then
130+
echo "✓ Key Vault public access enabled"
131+
else
132+
echo "✗ Failed to enable Key Vault public access"
133+
return 1
134+
fi
135+
else
136+
echo "✓ Key Vault public access already enabled"
137+
fi
115138

116139
# Enable public access for SQL Server
117140
echo "Enabling public access for SQL Server: $sqlServerName"
@@ -250,6 +273,29 @@ restore_network_access() {
250273
else
251274
echo "AI Foundry access unchanged (already at desired state)"
252275
fi
276+
277+
# Restore Key Vault access
278+
if [ -n "$original_keyvault_public_access" ] && [ "$original_keyvault_public_access" != "Enabled" ]; then
279+
echo "Restoring Key Vault public access to: $original_keyvault_public_access"
280+
# Handle case sensitivity - convert to proper case
281+
case "$original_keyvault_public_access" in
282+
"enabled"|"Enabled") restore_value="Enabled" ;;
283+
"disabled"|"Disabled") restore_value="Disabled" ;;
284+
*) restore_value="$original_keyvault_public_access" ;;
285+
esac
286+
az keyvault update \
287+
--name "$keyvaultName" \
288+
--resource-group "$resourceGroupName" \
289+
--public-network-access "$restore_value" \
290+
--output none
291+
if [ $? -eq 0 ]; then
292+
echo "✓ Key Vault access restored"
293+
else
294+
echo "✗ Failed to restore Key Vault access"
295+
fi
296+
else
297+
echo "Key Vault access unchanged (already at desired state)"
298+
fi
253299

254300
# Restore SQL Server public access
255301
if [ -n "$original_sql_public_access" ] && [ "$original_sql_public_access" != "Enabled" ]; then

0 commit comments

Comments
 (0)