Microsoft recently released a second preview of its PowerShell tool Secrets Management Module. According to the tech giant, the tool is suitable for managing sensitive information and login details that are located in multiple (cloud) environments.
Companies store their sensitive information -secrets- as authentication tokens, API keys and login data in ‘digital vaults’ (vaults) in multiple (cloud) environments of different suppliers. These can be cloud providers, but also suppliers of solutions for the management of secrets and login data. The second preview of the management module released by the tech giant, the first of which was made public as early as February, ensures that all this important data can be managed in a clear and secure manner.
According to Microsoft, the module now offers a set of cdmlets that should help users to store sensitive (login) data locally via a supplier of a digital vault. In addition, the module provides access to data in remote vaults. Users can use the module to register and delete local and remote vaults on a local machine. This way the management of all secrets can be simplified.
The tech giant developed this module to help PowerShell developers solve secrets management problems. Especially when advanced scripts require different login credentials for different cloud environments. The tool now released supports secret types such as PSCredential, SecureString, String, HashTable and Bye[ ].
Use with other operating systems
Within the tool the default for Windows is vault Credential Manager. According to Microsoft, this is used to authenticate a vault remotely. The techgigant thinks this is useful by allowing developers to modify scripts within local, test and production environments by just modifying the vault.
The first two previews are only suitable for Windows, but the techgigant believes that other operating systems have been worked on. For Linux, the tech giant wants to use GNOME Keyring and for macOS Apple Keychain.
Microsoft also provides tips on how users can install the second preview. To install this preview, they need to replace the entire module and extension modules. This because of some important changes in the latest version.
Some of these changes are new cmdlet titles. For example Add-Secret now becomes Set-Secret. There is also a new Test-Vault cmdlet that allows owners of a vault extension to check if it is properly configured at a certain registration time.
Also, users who have installed the first preview now need to uninstall all secrets of the LocalDefaultVault before installing the second preview. According to the techgigant it turned out that these secrets would not be visible after installing the second preview without this action. Users can still see and remove the old secrets via the CredMan user interface.
More installation instructions can be found here.