Powershell 调用阿里云 云解析API 实现动态域名解析

2021-07-02 13:11

阅读:437

标签:sem   turn   orm   isa   mobile   util   auth   enable   i++   

由于阿里云解析API调用官方文档中没有Powershell的示例脚本,而API接口调用实际是通过向DNS API的服务端地址发送HTTP POST或GET请求,因此根据官方文档写了相关的函数用于查询域名解析、修改域名解析的状态。如果要增删域名解析,参考官方文档修改函数中的Action等参数即可。

参考的阿里API调用链接:https://help.aliyun.com/document_detail/29743.html?spm=a2c4g.11186623.6.614.35f94c7bRwGbqZ

function GetAliDnsInfo
{

param(
[Parameter(Mandatory=$true)]
            $SubDomain
)
$array = New-Object -TypeName System.Collections.ArrayList
$Action = "DescribeSubDomainRecords"
$array.Add(@("SubDomain",$SubDomain)) | Out-Null
$array.Add(@("Action",$Action)) | Out-Null
$array.Add(@("PageNumber","1")) | Out-Null
$array.Add(@("PageSize","20")) | Out-Null

#region 生成公共参数
$AccessKeyId = "AccessKeyId"        #填写你的AccessKeyId
$AccessKeySecret = "AccessKeySecret&"  #填写你的AccessKeySecret并在末尾添加&符号,如secret是1,那么这里值应该是1&
$Format = "XML"
$SignatureMethod="HMAC-SHA1"
$SignatureVersion="1.0"
$Version="2015-01-09"
$time = (get-date).AddHours(-8).AddMinutes(2)
$Timestamp = get-date $time -Format yyyy-MM-ddTHH:mm:ssZ
$SignatureNonce= Get-Random
$array.Add(@("AccessKeyId",$AccessKeyId)) | Out-Null
$array.Add(@("Format",$Format)) | Out-Null
$array.Add(@("Timestamp",$Timestamp)) | Out-Null
$array.Add(@("SignatureNonce",$SignatureNonce)) | Out-Null
$array.Add(@("SignatureMethod",$SignatureMethod)) | Out-Null
$array.Add(@("SignatureVersion",$SignatureVersion)) | Out-Null
$array.Add(@("Version",$Version)) | Out-Null
#endregion

#region 生成转义请求字符串
$newarray = $array | sort
$csstring = $null
foreach($arr in $newarray)
{
$csstring += $arr[0] + "=" + $arr[1] + "&"
}

$length = $csstring.Length - 1
$string = $csstring.Substring(0,$length)

[Reflection.Assembly]::LoadWithPartialName("System.Web") | Out-Null
$newstring = "GET&%2F&"
$length = $string.Length
for($i = 0 ; $i -lt $length; $i++){
$char = $string[$i].ToString()
$pattern = "[A-Z,0-9-_.~]"
$flag = $char -match $pattern
if($flag){
$newstring += $char
}else{
if($char -eq " " -or $char -eq ":"){
if($char -eq " "){
$newstring += "%20"
}else{
$newstring += "%253A"
}
}else{
$newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper()
}
}
}
#endregion

#region 生成签名
$hmacsha1 = new-object System.Security.Cryptography.HMACSHA1;
$hmacsha1.Key = [System.Text.Encoding]::UTF8.GetBytes($AccessKeySecret);
$oauth_signature = [System.Convert]::ToBase64String($hmacsha1.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($newstring)));
#$oauth_signature
$newstring = $null$length = $oauth_signature.Length
for($i = 0 ; $i -lt $length; $i++){
$char = $oauth_signature[$i].ToString()
$pattern = "[A-Z,0-9-_.~]"
$flag = $char -match $pattern
if($flag){
$newstring += $char
}else{
if($char -eq " " -or $char -eq ":"){
if($char -eq " "){
$newstring += "%20"
}else{
$newstring += "%253A"
}
}else{
$newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper()
}
}
}
$oauth_signature = $newstring
#endregion

#region 生成URL
$array.Add(@("Signature",$oauth_signature)) | Out-Null
$newarray = $array | sort
$csstring = $null
foreach($arr in $newarray){
$csstring += $arr[0] + "=" + $arr[1] + "&"
}
$length = $csstring.Length - 1
$string = $csstring.Substring(0,$length)
$webrequest = "http://alidns.aliyuncs.com/?" + $string
#endregion

#region 筛选出信息
$Error.Clear()
$body = Invoke-WebRequest -Uri $webrequest -Method Get
if($Error){
return $null
}else{
$xmldata = [xml]($body.Content)
$records = $xmldata.DescribeSubDomainRecordsResponse.DomainRecords.Record
return $records
}
#endregion
}

function SetAliDnsStatus
{

param(
[Parameter(Mandatory=$true)]
            $SubDomain,
[Parameter(Mandatory=$true)]
[ValidateSet("1","0")]
            $statu,
[Parameter(Mandatory=$false)]
[ValidateSet("default","os_asia","os_euro","os_namerica_us","os_oceanica_au","os_namerica_us","os_oceanica_au","mobile","unicom")]
            $line = 0,
[Parameter(Mandatory=$false)]
            $ip = 0
)

$oldrecords = $null
if($line -or $ip){
if($line){
$oldrecords = GetAliDnsInfo $SubDomain | where{$_.line -eq $line}
}
if($ip){
$oldrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip}
}
if($line -and $ip){
$oldrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip} | where{$_.line -eq $line}
}
}else{
$oldrecords = GetAliDnsInfo $SubDomain
}
if($oldrecords){
$Change = New-Object -TypeName System.Collections.ArrayList
[Reflection.Assembly]::LoadWithPartialName("System.Web") | Out-Null
$newoldrecords = $oldrecords | sort Value
foreach($record in $newoldrecords){

#region 需要修改的记录
$RecordId = $record.RecordId
$array = New-Object -TypeName System.Collections.ArrayList
if($statu -eq 1){
$Status = "ENABLE"
}
if($statu -eq 0){
$Status = "Disable"
}
$Action = "SetDomainRecordStatus"
$array.Add(@("RecordId",$RecordId))| Out-Null
$array.Add(@("Action",$Action))| Out-Null
$array.Add(@("Status",$Status))| Out-Null

#region 创建公共参数
$AccessKeyId = "AccessKeyId"        #填写你的AccessKeyId
$AccessKeySecret = "AccessKeySecret&"  #填写你的AccessKeySecret并在末尾添加&符号,如secret是1,那么这里值应该是1&
$Format = "XML"
$SignatureMethod="HMAC-SHA1"
$SignatureVersion="1.0"
$Version="2015-01-09"
$time = (get-date).AddHours(-8)
$Timestamp = get-date $time -Format yyyy-MM-ddTHH:mm:ssZ
$SignatureNonce= Get-Random
$array.Add(@("AccessKeyId",$AccessKeyId)) | Out-Null
$array.Add(@("Format",$Format))| Out-Null
$array.Add(@("Timestamp",$Timestamp))| Out-Null
$array.Add(@("SignatureNonce",$SignatureNonce))| Out-Null
$array.Add(@("SignatureMethod",$SignatureMethod))| Out-Null
$array.Add(@("SignatureVersion",$SignatureVersion))| Out-Null
$array.Add(@("Version",$Version))| Out-Null
#endregion

#region 转义请求字符串
$newarray = $array | sort
$csstring = $null
foreach($arr in $newarray){
$csstring += $arr[0] + "=" + $arr[1] + "&"
}

$length = $csstring.Length - 1
$string = $csstring.Substring(0,$length)

$newstring = "GET&%2F&"
$length = $string.Length
for($i = 0 ; $i -lt $length; $i++){
$char = $string[$i].ToString()
$pattern = "[A-Z,0-9-_.~]"
$flag = $char -match $pattern
if($flag){
$newstring += $char
}else{
if($char -eq " " -or $char -eq ":"){
if($char -eq " "){
$newstring += "%20"
}else{
$newstring += "%253A"
}
}else{
$newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper()
}
}
}

#endregion

#region 生成签名
$hmacsha1 = new-object System.Security.Cryptography.HMACSHA1;
$hmacsha1.Key = [System.Text.Encoding]::UTF8.GetBytes($AccessKeySecret);
$oauth_signature = [System.Convert]::ToBase64String($hmacsha1.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($newstring)));
#$oauth_signature
$newstring = $null
$length = $oauth_signature.Length
for($i = 0 ; $i -lt $length; $i++){
$char = $oauth_signature[$i].ToString()
$pattern = "[A-Z,0-9-_.~]"
$flag = $char -match $pattern
if($flag){
$newstring += $char
}else{
if($char -eq " " -or $char -eq ":"){
if($char -eq " "){
$newstring += "%20"
}else{
$newstring += "%253A"
}
}else{
$newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper()
}
}
}
$oauth_signature = $newstring
#endregion

#region 生成URL
$array.Add(@("Signature",$oauth_signature)) | Out-Null
$newarray = $array | sort
$csstring = $null
foreach($arr in $newarray){
$csstring += $arr[0] + "=" + $arr[1] + "&"
}
$length = $csstring.Length - 1
$string = $csstring.Substring(0,$length)
$webrequest = "http://alidns.aliyuncs.com/?" + $string
#endregion

#region 获取结果
$Error.Clear()
$body = Invoke-WebRequest -Uri $webrequest -Method Get
if($Error){
$Errortxt = $Error | Out-String
$obj = New-Object psobject
$obj | Add-Member -MemberType NoteProperty -Name RequestId -Value $null
$obj | Add-Member -MemberType NoteProperty -Name RecordId -Value $RecordId
$obj | Add-Member -MemberType NoteProperty -Name Status -Value $null
$obj | Add-Member -MemberType NoteProperty -Name Error -Value $Errortxt
$Change.Add($obj) | Out-Null
}else{
$xmldata = [xml]($body.Content)
$obj = $xmldata.SetDomainRecordStatus
$Change.Add($obj) | Out-Null
}
#endregion
#endregion
}

$oldrecords | Add-Member -MemberType NoteProperty -Name Info -Value "Old"
$newrecords = $null
if($line -or $ip){
if($line){
$newrecords = GetAliDnsInfo $SubDomain | where{$_.line -eq $line}
}
if($ip){
$newrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip}
}
if($line -and $ip){
$newrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip} | where{$_.line -eq $line}
}
}else{
$newrecords = GetAliDnsInfo $SubDomain
}
if($newrecords){
$newrecords | Add-Member -MemberType NoteProperty -Name Info -Value "New"
}
$userlist = New-Object -TypeName System.Collections.ArrayList
$userlist.Add($Change) | Out-Null
$userlist.Add($oldrecords) | Out-Null
$userlist.Add($newrecords) | Out-Null
return $userlist
}else{
$content = $SubDomain + "查无此解析"
return $content
}
}

示例1:使用GetAlidnsInfo命令查询mail.domain.cn的解析

PS C:\Users\xxx\Desktop> GetAliDnsInfo mail.domain.cn | ft

RR   Status Value        Weight RecordId         Type DomainName  Locked Line    TTL
--   ------ -----        ------ --------         ---- ----------  ------ ----    ---
mail ENABLE 111.222.333.44 1      311137911111416 A    domain.cn false  default 3600

示例2:禁用test.domain.cn解析

PS C:\Users\xxx\Desktop> SetAliDnsStatus test.domain.cn 0 | ft
Info RR   Status Value   Weight RecordId         Type DomainName  Locked Line
---- --   ------ -----   ------ --------         ---- ----------  ------ ----
Old  test ENABLE 1.1.1.1 1      111111111111      A    domain.cn false  default
New  test DISABLE 1.1.1.1 1     222222222222      A    domain.cn false  default

Powershell 调用阿里云 云解析API 实现动态域名解析

标签:sem   turn   orm   isa   mobile   util   auth   enable   i++   

原文地址:http://blog.51cto.com/6293080/2313946


评论


亲,登录后才可以留言!