/>
X

Microsoft: PowerShell's new 'secrets' tool preview is out

Microsoft Secrets Management module is for managing secrets in heterogeneous clouds.
liam-tung.jpg
Written by Liam Tung, Contributor on

Microsoft has released the second preview of the Secrets Management Module, a PowerShell module for managing secrets and credentials. 

Microsoft unveiled the PowerShell Secrets at Ignite 2019 as a new way to securely manage secrets in cloud environments that rely on components from multiple vendors, such as many secrets providers. 

The module provides a set of cmdlets that let users store secrets locally using a vault provider and access secrets from remote vaults. Users can register and unregister local and remote vaults on the local machine to manage and retrieve secrets. Microsoft released the first preview in February and now has issued the second preview. 

Microsoft created Secrets Management to address some of the challenges PowerShell developers face when advanced scripts require multiple secrets for coordinating across different clouds. The Secrets Management Module supports several secret types, including PSCredential, SecureString, String, HashTable, and Bye[ ].

SEE: 30 things you should never do in Microsoft Office (free PDF)

The default vault on Windows is Credential Manager, or CredMan, which is used to authenticate to a remote vault. Microsoft thinks it could be helpful by allowing developers to run scripts in local, test, and production environments by only tweaking the vault. On Linux, Microsoft plans to use GNOME Keyring while on macOS it will be Apple Keychain. 

The first two previews for PowerShell Secrets Management are only available for Windows but support for Linux is planned for the next preview followed by macOS support. 

Users who want to install the second preview will need to completely replace the module and extension modules due to breaking changes in this release. 

Some of the changes in this update include new cmdlet names, with, for example, Add-Secret now becoming Set-Secret to reflect its intent. There's a new Test-Vault cmdlet that allows owners of a vault extension to check it is properly configured at registration time. 

Sydney Smith, a program manager on Microsoft's PowerShell team, noted that users who installed the first preview should first remove any secrets from the LocalDefaultVault before installing the second preview. 

"Based on feedback we changed the naming convention for secrets stored in CredMan, therefore previous secrets stored in the local vault will no longer be visible after the new version of the module is installed," Smith explained.

SEE: Microsoft: VS Code for PowerShell 7 arrives with ISE mode 

However, users can still view and remove the old secrets via CredMan UI.    

Smith provides instructions for installing the second preview from a PowerShell console on the PowerShell developer blog.  

Related

Microsoft starts rolling out new 'One Outlook' Windows email client to testers
newoutlookclienthitsbeta.jpg

Microsoft starts rolling out new 'One Outlook' Windows email client to testers

Productivity
The 5 best Linux distros for beginners in 2022
Linux Mint 20.2 with Cinnamon

The 5 best Linux distros for beginners in 2022

Linux
Microsoft: Here are the new features coming to OneNote on Windows
Concentrated female employee typing at workplace using computer. Side view portrait of a copywriter working on pc home.

Microsoft: Here are the new features coming to OneNote on Windows

Microsoft