Home > OS >  Azure Powershell secure secret value
Azure Powershell secure secret value

Time:11-18

I am facing a weird issue and I don't have any idea why it is not working. I looked in all the documentation and tried different solution but nothing.

I am trying to script in powershelgl a simple command that takes 2 value:

  • secret name
  • secret value

I would like to have the value secured during the powershell execution, and when the script is finish, to see those parameters stored in a azure KeyVault -> Secrets.

I have set this code:

$SecretName = Read-Host "Enter Secret Name"
$password = Read-Host "Enter password" -AsSecureString
$password = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($password)
$password = [Runtime.InteropServices.Marshal]::PtrToStringBSTR($password)

Set-AzKeyVaultSecret -VaultName "keyvaultname" -Name $SecretName -SecretValue $password

But this it gives me the following error:

Cannot bind parameter 'SecretValue'. Cannot convert the "asdlkjiou" value of type "System.String" to type "System.Security.SecureString".

Notice: I am converting back the password because if I don't do so, the code runs, but the value in the KeyVault is showed as follow System.Security.SecureString

I am pretty much lost here, haven't used Windows PowerShell in a long time and none of the solution or documentation I found helped me to solve this problem.

Please, if anyone can direct me on how I can achieve this, I would be grateful.

And please if you need more infos, don't hesitate to ask me

CodePudding user response:

You don't need to perform those conversions with the InteropServices calls. Just use these three lines. The password variable is already of the correct type since you're reading it -AsSecureString.

$SecretName = Read-Host "Enter Secret Name"
$password = Read-Host "Enter password" -AsSecureString
Set-AzKeyVaultSecret -VaultName 'keyvaultname' -Name $SecretName -SecretValue $password
  • Related