In the last article, I introduced you to the secrets management tools from Microsoft. This toolset provides a secure way to store information like credentials, tokens, and keys. The idea is that you can retrieve these items as you need them for your PowerShell work. Even though I know people do, we never want to store secret or sensitive information in script files. Instead, let me demonstrate some ways that you can incorporate a secrets vault into your work. I also want to show you how to extend secrets management to other password tools.

If you want to follow along, I’m going to assume you have set up the Microsoft secret store and added a few secrets.

PS C:\> Get-SecretVault -Name stash

Name  ModuleName                       IsDefaultVault
----  ----------                       --------------
Stash microsoft.powershell.secretstore True

PS C:\> Get-secretinfo admin

Name  Type         VaultName
----  ----         ---------
admin PSCredential Stash

My default vault is still unlocked, so I’m not prompted for a password. In a new PowerShell session, I have to unlock the vault.