Closed kilasuit closed 4 years ago
I'm not sure that's a good idea (maybe you could have an implementation of your secret provider that has a local cache?), but you can obviously copy things with just the commands we have now:
foreach ($name in (Get-SecretInfo -Vault AzureKeyVault).Name) {
# This should be **SET** Secret, but:
Add-Secret $name (Get-Secret $name -Vault AzureKeyVault)
}
It would be nice if these cmdlet accepted their properties with ValueFromPipelineByPropertyName, and made sure to add a Name
property to the secrets, so you could just write this to copy locally ;-)
Get-SecretInfo -Vault AzureKeyVault | Get-Secret -Vault AzureKeyVault | Set-Secret
@Jaykul agree that pipelines are a reasonable way to solve this, I will mark that work item for our next milestone
I will close this any we can track pipeline support with issue #30 for now we are not planning on implementing a "Copy-Secret" cmdlet
The scenario at play is as follows
I have shared secrets in KeyVault/SecretServer I have a need to use these whilst disconnected from my core network (whilst on train/plane etc) So to be able to do so I need to get a secret and copy it to my own local vault (Cred manager in Windows)
I can do this with external modules and commands however it makes more sense for get to run against multiple vaults and a default vault/preference order of vaults be a configuration option via a variable/cmdlet combination