We have started moving our secrets from local store to Azure KeyVault so these are managed Centrally, and we can do password rotation with ease.
First Step is to Create/ import the secrets in AzureKeyvault as shown in below screenshot:
Click Generate/Import à Select Manual
Name the Secret, Enter the value and ADD tags as per requirement.
Hit create to store the secret in the Vault.
Now let us retrieve this Secret from PowerShell.
Note: Az Module is required for performing below operations.
Connect to Azure using Connect-AzAccount
Now to get the Secret from the Vault use below command
Get-AzKeyVaultSecret -VaultName “kv-techwizard-vault” -Name “TWAutomation”
To get secret value, get it in variable first and then call the property SecretValue as shown in below screenshot:
To get the value in plain text just use -AsPlainText at the end of the command
Similarly, we can set the Secrets in the Keyvault
$secret = ConvertTo-SecureString “SuperSecret02” -AsPlainText -Force
Set-AzKeyVaultSecret -VaultName “kv-techwizard-vault” -Name “TWAutomation” -SecretValue $secret
Now if we will see in gui, you will find this secret there as new/current version.
There are other cmdlets as well but these two are enough for fetching/ setting the secrets and getting started.
You can further explore Microsoft PowerShell Secrets management and Microsoft PowerShell Secret Store Module,
how you can utilize the AzureKeyvault extension with it.
Thanks for reading …
Tech Wizard
Tech Wizard 