Jumpwin1 Custom Script Extension stores secrets in clear text

Please provide us with the following information:

This issue is for a: (mark with an `x`)

- [ ] bug report -> please search issues before submitting
- [ X ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

Deploy #AzureSandbox v2.9.2 Enable Defender for Cloud CSPM agentless scanning

Any log messages given by the failure

Contains Verified Secret risk factor related to file C:\Packages\Plugins\Microsoft.compute.CustomScriptExtension\1.10.15\RuntimeSettings\0.settings finding on jumpwin1

Expected/desired behavior

Eliminate the local storage of secrets altogether or at a minimum do not store them in clear text

OS and Version?

Windows Server 2022

Versions

AzureSandbox v2.9.2

Mention any other details that might be useful

Secrets are passed as clear text parameters to script configure-vm-jumpbox-win.ps1 using custom script extension.

Thanks! We'll be in touch soon.

Azure-Samples / azuresandbox

Jumpwin1 Custom Script Extension stores secrets in clear text #32

Please provide us with the following information:

This issue is for a: (mark with an `x`)

Minimal steps to reproduce

Any log messages given by the failure

Expected/desired behavior

OS and Version?

Versions

AzureSandbox v2.9.2

Mention any other details that might be useful

Azure-Samples / azuresandbox

Jumpwin1 Custom Script Extension stores secrets in clear text #32

Please provide us with the following information:

This issue is for a: (mark with an x)

Minimal steps to reproduce

Any log messages given by the failure

Expected/desired behavior

OS and Version?

Versions

AzureSandbox v2.9.2

Mention any other details that might be useful

This issue is for a: (mark with an `x`)