PowerShell – Azure KeyVault Set and Retrieve Secrets

We have started moving our secrets from local store to Azure KeyVault so these are managed Centrally, and we can do password rotation with ease.

First Step is to Create/ import the secrets in AzureKeyvault as shown in below screenshot:

Click Generate/Import à Select Manual

Name the Secret, Enter the value and ADD tags as per requirement.

Hit create to store the secret in the Vault.

Now let us retrieve this Secret from PowerShell.

Note: Az Module is required for performing below operations.

Connect to Azure using Connect-AzAccount

Now to get the Secret from the Vault use below command

Get-AzKeyVaultSecret -VaultName “kv-techwizard-vault” -Name “TWAutomation”

To get secret value, get it in variable first and then call the property SecretValue as shown in below screenshot:

To get the value in plain text just use -AsPlainText at the end of the command

Similarly, we can set the Secrets in the Keyvault

$secret = ConvertTo-SecureString “SuperSecret02” -AsPlainText -Force

Set-AzKeyVaultSecret -VaultName “kv-techwizard-vault” -Name “TWAutomation” -SecretValue $secret

Now if we will see in gui, you will find this secret there as new/current version.

There are other cmdlets as well but these two are enough for fetching/ setting the secrets and getting started.

You can further explore Microsoft PowerShell Secrets management and Microsoft PowerShell Secret Store Module,

how you can utilize the AzureKeyvault extension with it.



Thanks for reading …

Tech Wizard




PowerShell Fast Track


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s