Secrets Management needs ability to get/set/remove across vault types

[kilasuit]

The scenario at play is as follows

I have shared secrets in KeyVault/SecretServer I have a need to use these whilst disconnected from my core network (whilst on train/plane etc) So to be able to do so I need to get a secret and copy it to my own local vault (Cred manager in Windows)

I can do this with external modules and commands however it makes more sense for get to run against multiple vaults and a default vault/preference order of vaults be a configuration option via a variable/cmdlet combination

[Jaykul]

I'm not sure that's a good idea (maybe you could have an implementation of your secret provider that has a local cache?), but you can obviously copy things with just the commands we have now:

foreach ($name in (Get-SecretInfo -Vault AzureKeyVault).Name) {
    # This should be **SET** Secret, but:
    Add-Secret $name (Get-Secret $name -Vault AzureKeyVault)
}

It would be nice if these cmdlet accepted their properties with ValueFromPipelineByPropertyName, and made sure to add a Name property to the secrets, so you could just write this to copy locally ;-)

Get-SecretInfo -Vault AzureKeyVault | Get-Secret -Vault AzureKeyVault | Set-Secret

[SydneyhSmith]

@Jaykul agree that pipelines are a reasonable way to solve this, I will mark that work item for our next milestone

[SydneyhSmith]

I will close this any we can track pipeline support with issue #30 for now we are not planning on implementing a "Copy-Secret" cmdlet