en-us/Scripting_Securely_with_SecureSettings.walkthru.help.txt
|
# SecureSettings is a PowerShell Module to help you securely keep settings information, like API access keys.
# You use the Add-SecureSetting command to a new secure setting. # You can store a string: Add-SecureSetting AStringSetting 'A String' # You can store a secure string, which you can ask for with Read-Host -AsSecureString Add-SecureSetting ASecureStringSetting (Read-Host "Is It Secret?" -AsSecureString) # You can store a credential, which you can use for access to remote machines. Prompt for credentials with Get-Credential. Add-SecureSetting ACredentialSetting (Get-Credential) # You can even store a complex hashtable (only if it contains strings, numbers, booleans, script blocks, and hashtables) Add-SecureSetting AHashtableSetting @{ a='b' c='d' } # Get-SecureSetting will list settings Get-SecureSetting # Get-SecureSetting can also list a single one AStringSetting Get-SecureSetting AStringSetting # Get-SecureSetting will return results encrypted by default. If you need to access an encrypted result, use -Decrypted Get-SecureSetting AStringSetting -Decrypted # Get-SecureSetting -ValueOnly will return just the decrypted value, without an object containing it Get-SecureSetting AStringSetting -ValueOnly # Remove-SecureSetting will remove a secure setting. It supports -WhatIf and -Confirm Get-SecureSetting | Remove-SecureSetting -WhatIf # This will clear all settings and prompt. To avoid the prompt, use -Confirm:$false Get-SecureSetting | Remove-SecureSetting # In a Pipeworks manifest, the SecureSetting list details the names of secured settings that will be pulled into the site: New-PipeworksManifest -Name AManifest -SecureSetting AzurestorageAccountName, AzureStorageAccountKey # When you use Get-SecureSetting inside of a webpage, it looks for settings in the web.config file. # If you write your functions to use -ValueOnly, you can have the script work the same in the console as it does on the web. $storageAccount = Get-SecureSetting 'AzureStorageAccountName' -ValueOnly |