New-AzSqlDatabaseExport provides invalid storage key format for secrets received as parameter

[tmfahim]

Description

I was trying to use storage key as secret string, but it is giving error New-AzSqlDatabaseExport: D:\a\uda-mcs-sql-db-cloud\uda-mcs-sql-db-cloud\bkp.ps1:15 Line | 15 | … rtRequest = New-AzSqlDatabaseExport -ResourceGroupName $rgName -Serve … | ~~~~~~~~~~~~~ | The ImportExport operation failed because of invalid storage key format.

Issue script & Debug output

`$secureKey= $storageKey | ConvertTo-SecureString -AsPlainText -Force

$exportRequest = New-AzSqlDatabaseExport -ResourceGroupName $rgName -ServerName $serverName -DatabaseName $dbName -AuthenticationType Sql -StorageKeyType "StorageAccessKey" -StorageKey $secureKey -AdministratorLogin $sqlUser -AdministratorLoginPassword $securePassword -StorageUri $bacpacURL 

$importStatus = Get-AzSqlDatabaseImportExportStatus -OperationStatusLink $exportRequest.OperationStatusLink
[Console]::Write("Exporting...")
while ($importStatus.Status -eq "InProgress")
{
    $importStatus =Get-AzSqlDatabaseImportExportStatus -OperationStatusLink $exportRequest.OperationStatusLink
    [Console]::Write(".")
    Start-Sleep -s 10
}
[Console]::WriteLine("")
$importStatus
`

Environment data

Name                           Value
----                           -----
PSVersion                      7.2.10
PSEdition                      Core
GitCommitId                    7.2.10
OS                             Microsoft Windows 10.0.20348
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

Name              : Az.Accounts
Path              : C:\Modules\az_9.3.0\Az.Accounts\2.12.1\Az.Accounts.psm1
Description       : Microsoft Azure PowerShell - Accounts credential management cmdlets for Azure Resource Manager in 
                    Windows PowerShell and PowerShell Core.

                    For more information on account credential management, please visit the following: 
                    https://learn.microsoft.com/powershell/azure/authenticate-azureps
Guid              : 17a2feff-488b-47f9-8729-e2cec094624c
Version           : 2.12.1
ModuleBase        : C:\Modules\az_9.3.0\Az.Accounts\2.12.1
ModuleType        : Script
PrivateData       : {PSData}
AccessMode        : ReadWrite
ExportedAliases   : {[Add-AzAccount, Add-AzAccount], [Get-AzDomain, Get-AzDomain], [Invoke-AzRest, Invoke-AzRest], 
                    [Login-AzAccount, Login-AzAccount]…}
ExportedCmdlets   : {[Add-AzEnvironment, Add-AzEnvironment], [Clear-AzConfig, Clear-AzConfig], [Clear-AzContext, 
                    Clear-AzContext], [Clear-AzDefault, Clear-AzDefault]…}
ExportedFunctions : {}
ExportedVariables : {}
NestedModules     : {Microsoft.Azure.PowerShell.Cmdlets.Accounts}

Error output

No response

[ghost]

Thank you for your feedback. This has been routed to the support team for assistance.

[wyunchi-ms]

Hi @tmfahim , thanks for your feedback! Currently the StorageKey only support plain string. But it's a good point whether we need to support SecureString.

[ghost]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @azureSQLGitHub.

Issue Details

---

### Description I was trying to use storage key as secret string, but it is giving error New-AzSqlDatabaseExport: D:\a\uda-mcs-sql-db-cloud\uda-mcs-sql-db-cloud\bkp.ps1:15 Line | 15 | … rtRequest = New-AzSqlDatabaseExport -ResourceGroupName $rgName -Serve … | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | The ImportExport operation failed because of invalid storage key format. ### Issue script & Debug output ```PowerShell `$secureKey= $storageKey | ConvertTo-SecureString -AsPlainText -Force $exportRequest = New-AzSqlDatabaseExport -ResourceGroupName $rgName -ServerName $serverName -DatabaseName $dbName -AuthenticationType Sql -StorageKeyType "StorageAccessKey" -StorageKey $secureKey -AdministratorLogin $sqlUser -AdministratorLoginPassword $securePassword -StorageUri $bacpacURL $importStatus = Get-AzSqlDatabaseImportExportStatus -OperationStatusLink $exportRequest.OperationStatusLink [Console]::Write("Exporting...") while ($importStatus.Status -eq "InProgress") { $importStatus =Get-AzSqlDatabaseImportExportStatus -OperationStatusLink $exportRequest.OperationStatusLink [Console]::Write(".") Start-Sleep -s 10 } [Console]::WriteLine("") $importStatus ` ``` ### Environment data ```PowerShell Name Value ---- ----- PSVersion 7.2.10 PSEdition Core GitCommitId 7.2.10 OS Microsoft Windows 10.0.20348 Platform Win32NT PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…} PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1 WSManStackVersion 3.0 ``` ### Module versions ```PowerShell Name : Az.Accounts Path : C:\Modules\az_9.3.0\Az.Accounts\2.12.1\Az.Accounts.psm1 Description : Microsoft Azure PowerShell - Accounts credential management cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core. For more information on account credential management, please visit the following: https://learn.microsoft.com/powershell/azure/authenticate-azureps Guid : 17a2feff-488b-47f9-8729-e2cec094624c Version : 2.12.1 ModuleBase : C:\Modules\az_9.3.0\Az.Accounts\2.12.1 ModuleType : Script PrivateData : {PSData} AccessMode : ReadWrite ExportedAliases : {[Add-AzAccount, Add-AzAccount], [Get-AzDomain, Get-AzDomain], [Invoke-AzRest, Invoke-AzRest], [Login-AzAccount, Login-AzAccount]…} ExportedCmdlets : {[Add-AzEnvironment, Add-AzEnvironment], [Clear-AzConfig, Clear-AzConfig], [Clear-AzContext, Clear-AzContext], [Clear-AzDefault, Clear-AzDefault]…} ExportedFunctions : {} ExportedVariables : {} NestedModules : {Microsoft.Azure.PowerShell.Cmdlets.Accounts} ``` ### Error output _No response_

Author:	tmfahim
Assignees:	SaurabhSharma-MSFT
Labels:	`SQL`, `feature-request`, `Service Attention`, `customer-reported`
Milestone:	-