由于阿里云解析API调用官方文档中没有Powershell的示例脚本,而API接口调用实际是通过向DNS API的服务端地址发送HTTP POST或GET请求,因此根据官方文档写了相关的函数用于查询域名解析、修改域名解析的状态。如果要增删域名解析,参考官方文档修改函数中的Action等参数即可。
参考的阿里API调用链接:https://help.aliyun.com/document_detail/29743.html?spm=a2c4g.11186623.6.614.35f94c7bRwGbqZ
function GetAliDnsInfo { <# .Synopsis 获取阿里云解析的域名解析 GetAliDnsInfo -SubDomain ceshi.domain.cn | ft #> param( [Parameter(Mandatory=$true)] $SubDomain ) $array = New-Object -TypeName System.Collections.ArrayList $Action = "DescribeSubDomainRecords" $array.Add(@("SubDomain",$SubDomain)) | Out-Null $array.Add(@("Action",$Action)) | Out-Null $array.Add(@("PageNumber","1")) | Out-Null $array.Add(@("PageSize","20")) | Out-Null #region 生成公共参数 $AccessKeyId = "AccessKeyId" #填写你的AccessKeyId $AccessKeySecret = "AccessKeySecret&" #填写你的AccessKeySecret并在末尾添加&符号,如secret是1,那么这里值应该是1& $Format = "XML" $SignatureMethod="HMAC-SHA1" $SignatureVersion="1.0" $Version="2015-01-09" $time = (get-date).AddHours(-8).AddMinutes(2) $Timestamp = get-date $time -Format yyyy-MM-ddTHH:mm:ssZ $SignatureNonce= Get-Random $array.Add(@("AccessKeyId",$AccessKeyId)) | Out-Null $array.Add(@("Format",$Format)) | Out-Null $array.Add(@("Timestamp",$Timestamp)) | Out-Null $array.Add(@("SignatureNonce",$SignatureNonce)) | Out-Null $array.Add(@("SignatureMethod",$SignatureMethod)) | Out-Null $array.Add(@("SignatureVersion",$SignatureVersion)) | Out-Null $array.Add(@("Version",$Version)) | Out-Null #endregion #region 生成转义请求字符串 $newarray = $array | sort $csstring = $null foreach($arr in $newarray) { $csstring += $arr[0] + "=" + $arr[1] + "&" } $length = $csstring.Length - 1 $string = $csstring.Substring(0,$length) [Reflection.Assembly]::LoadWithPartialName("System.Web") | Out-Null $newstring = "GET&%2F&" $length = $string.Length for($i = 0 ; $i -lt $length; $i++){ $char = $string[$i].ToString() $pattern = "[A-Z,0-9-_.~]" $flag = $char -match $pattern if($flag){ $newstring += $char }else{ if($char -eq " " -or $char -eq ":"){ if($char -eq " "){ $newstring += "%20" }else{ $newstring += "%253A" } }else{ $newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper() } } } #endregion #region 生成签名 $hmacsha1 = new-object System.Security.Cryptography.HMACSHA1; $hmacsha1.Key = [System.Text.Encoding]::UTF8.GetBytes($AccessKeySecret); $oauth_signature = [System.Convert]::ToBase64String($hmacsha1.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($newstring))); #$oauth_signature $newstring = $null$length = $oauth_signature.Length for($i = 0 ; $i -lt $length; $i++){ $char = $oauth_signature[$i].ToString() $pattern = "[A-Z,0-9-_.~]" $flag = $char -match $pattern if($flag){ $newstring += $char }else{ if($char -eq " " -or $char -eq ":"){ if($char -eq " "){ $newstring += "%20" }else{ $newstring += "%253A" } }else{ $newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper() } } } $oauth_signature = $newstring #endregion #region 生成URL $array.Add(@("Signature",$oauth_signature)) | Out-Null $newarray = $array | sort $csstring = $null foreach($arr in $newarray){ $csstring += $arr[0] + "=" + $arr[1] + "&" } $length = $csstring.Length - 1 $string = $csstring.Substring(0,$length) $webrequest = "http://alidns.aliyuncs.com/?" + $string #endregion #region 筛选出信息 $Error.Clear() $body = Invoke-WebRequest -Uri $webrequest -Method Get if($Error){ return $null }else{ $xmldata = [xml]($body.Content) $records = $xmldata.DescribeSubDomainRecordsResponse.DomainRecords.Record return $records } #endregion } function SetAliDnsStatus { <# .Synopsis 修改已有的阿里云解析状态 SetAliDnsStatus -SubDomain ceshi.domain.cn -statu 0 -line os_namerica_us | ft 参数line 表示线路,阿里云支持智能解析,比如亚洲用户解析到IP地址A,美国解析到IP地址B。 参数statu表示状态,1启用,0禁用 #> param( [Parameter(Mandatory=$true)] $SubDomain, [Parameter(Mandatory=$true)] [ValidateSet("1","0")] $statu, [Parameter(Mandatory=$false)] [ValidateSet("default","os_asia","os_euro","os_namerica_us","os_oceanica_au","os_namerica_us","os_oceanica_au","mobile","unicom")] $line = 0, [Parameter(Mandatory=$false)] $ip = 0 ) $oldrecords = $null if($line -or $ip){ if($line){ $oldrecords = GetAliDnsInfo $SubDomain | where{$_.line -eq $line} } if($ip){ $oldrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip} } if($line -and $ip){ $oldrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip} | where{$_.line -eq $line} } }else{ $oldrecords = GetAliDnsInfo $SubDomain } if($oldrecords){ $Change = New-Object -TypeName System.Collections.ArrayList [Reflection.Assembly]::LoadWithPartialName("System.Web") | Out-Null $newoldrecords = $oldrecords | sort Value foreach($record in $newoldrecords){ #region 需要修改的记录 $RecordId = $record.RecordId $array = New-Object -TypeName System.Collections.ArrayList if($statu -eq 1){ $Status = "ENABLE" } if($statu -eq 0){ $Status = "Disable" } $Action = "SetDomainRecordStatus" $array.Add(@("RecordId",$RecordId))| Out-Null $array.Add(@("Action",$Action))| Out-Null $array.Add(@("Status",$Status))| Out-Null #region 创建公共参数 $AccessKeyId = "AccessKeyId" #填写你的AccessKeyId $AccessKeySecret = "AccessKeySecret&" #填写你的AccessKeySecret并在末尾添加&符号,如secret是1,那么这里值应该是1& $Format = "XML" $SignatureMethod="HMAC-SHA1" $SignatureVersion="1.0" $Version="2015-01-09" $time = (get-date).AddHours(-8) $Timestamp = get-date $time -Format yyyy-MM-ddTHH:mm:ssZ $SignatureNonce= Get-Random $array.Add(@("AccessKeyId",$AccessKeyId)) | Out-Null $array.Add(@("Format",$Format))| Out-Null $array.Add(@("Timestamp",$Timestamp))| Out-Null $array.Add(@("SignatureNonce",$SignatureNonce))| Out-Null $array.Add(@("SignatureMethod",$SignatureMethod))| Out-Null $array.Add(@("SignatureVersion",$SignatureVersion))| Out-Null $array.Add(@("Version",$Version))| Out-Null #endregion #region 转义请求字符串 $newarray = $array | sort $csstring = $null foreach($arr in $newarray){ $csstring += $arr[0] + "=" + $arr[1] + "&" } $length = $csstring.Length - 1 $string = $csstring.Substring(0,$length) $newstring = "GET&%2F&" $length = $string.Length for($i = 0 ; $i -lt $length; $i++){ $char = $string[$i].ToString() $pattern = "[A-Z,0-9-_.~]" $flag = $char -match $pattern if($flag){ $newstring += $char }else{ if($char -eq " " -or $char -eq ":"){ if($char -eq " "){ $newstring += "%20" }else{ $newstring += "%253A" } }else{ $newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper() } } } #endregion #region 生成签名 $hmacsha1 = new-object System.Security.Cryptography.HMACSHA1; $hmacsha1.Key = [System.Text.Encoding]::UTF8.GetBytes($AccessKeySecret); $oauth_signature = [System.Convert]::ToBase64String($hmacsha1.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($newstring))); #$oauth_signature $newstring = $null $length = $oauth_signature.Length for($i = 0 ; $i -lt $length; $i++){ $char = $oauth_signature[$i].ToString() $pattern = "[A-Z,0-9-_.~]" $flag = $char -match $pattern if($flag){ $newstring += $char }else{ if($char -eq " " -or $char -eq ":"){ if($char -eq " "){ $newstring += "%20" }else{ $newstring += "%253A" } }else{ $newstring += [Web.HttpUtility]::UrlEncode($char).ToUpper() } } } $oauth_signature = $newstring #endregion #region 生成URL $array.Add(@("Signature",$oauth_signature)) | Out-Null $newarray = $array | sort $csstring = $null foreach($arr in $newarray){ $csstring += $arr[0] + "=" + $arr[1] + "&" } $length = $csstring.Length - 1 $string = $csstring.Substring(0,$length) $webrequest = "http://alidns.aliyuncs.com/?" + $string #endregion #region 获取结果 $Error.Clear() $body = Invoke-WebRequest -Uri $webrequest -Method Get if($Error){ $Errortxt = $Error | Out-String $obj = New-Object psobject $obj | Add-Member -MemberType NoteProperty -Name RequestId -Value $null $obj | Add-Member -MemberType NoteProperty -Name RecordId -Value $RecordId $obj | Add-Member -MemberType NoteProperty -Name Status -Value $null $obj | Add-Member -MemberType NoteProperty -Name Error -Value $Errortxt $Change.Add($obj) | Out-Null }else{ $xmldata = [xml]($body.Content) $obj = $xmldata.SetDomainRecordStatus $Change.Add($obj) | Out-Null } #endregion #endregion } $oldrecords | Add-Member -MemberType NoteProperty -Name Info -Value "Old" $newrecords = $null if($line -or $ip){ if($line){ $newrecords = GetAliDnsInfo $SubDomain | where{$_.line -eq $line} } if($ip){ $newrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip} } if($line -and $ip){ $newrecords = GetAliDnsInfo $SubDomain | where{$_.Value -eq $ip} | where{$_.line -eq $line} } }else{ $newrecords = GetAliDnsInfo $SubDomain } if($newrecords){ $newrecords | Add-Member -MemberType NoteProperty -Name Info -Value "New" } $userlist = New-Object -TypeName System.Collections.ArrayList $userlist.Add($Change) | Out-Null $userlist.Add($oldrecords) | Out-Null $userlist.Add($newrecords) | Out-Null return $userlist }else{ $content = $SubDomain + "查无此解析" return $content } }
示例1:使用GetAlidnsInfo命令查询mail.domain.cn的解析
PS C:\Users\xxx\Desktop> GetAliDnsInfo mail.domain.cn | ft RR Status Value Weight RecordId Type DomainName Locked Line TTL -- ------ ----- ------ -------- ---- ---------- ------ ---- --- mail ENABLE 111.222.333.44 1 311137911111416 A domain.cn false default 3600
示例2:禁用test.domain.cn解析
PS C:\Users\xxx\Desktop> SetAliDnsStatus test.domain.cn 0 | ft Info RR Status Value Weight RecordId Type DomainName Locked Line ---- -- ------ ----- ------ -------- ---- ---------- ------ ---- Old test ENABLE 1.1.1.1 1 111111111111 A domain.cn false default New test DISABLE 1.1.1.1 1 222222222222 A domain.cn false default