关于 cmdlet 'Get-AzKeyVaultSecret' SecretValueText 已弃用 Az4.6.1 中的重大更改的警告
Warning about Breaking changes in the cmdlet 'Get-AzKeyVaultSecret' SecretValueText deprecated Az4.6.1
我今天将 Az Powershell 升级到 4.6.1 并开始看到以下警告。我的问题是我应该如何处理这个警告?我可以将警告静音,但这根本无法帮助我为这一重大变化做好准备。我检查了 Az 4.6.1 Microsoft docs,他们告诉我我应该仍然使用 SecretValueText 并且没有提供关于弃用的类似警告或任何其他获取秘密值的方法。那么,使用 SecretValueText 读取 KeyVault 机密的 powershell 的更新路径是什么?
WARNING: Breaking changes in the cmdlet 'Get-AzKeyVaultSecret' :
WARNING: - "The output type 'Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecret' is changing"
- The following properties in the output type are being deprecated :
'SecretValueText'
WARNING: Note :The change is expected to take effect from the version : '3.0.0'
WARNING: - "The output type 'Microsoft.Azure.Commands.KeyVault.Models.PSDeletedKeyVaultSecret' is changing"
- The following properties in the output type are being deprecated :
'SecretValueText'
WARNING: Note :The change is expected to take effect from the version : '3.0.0'
WARNING: NOTE : Go to https://aka.ms/azps-changewarnings for steps to suppress this breaking change warning, and other information on breaking changes in Azure PowerShell.
这是 Microsoft docs 中的当前示例:
$secret = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret'
Write-Host "Secret Value is:" $secret.SecretValueText
Secret Value is: P@ssw0rd
好吧,即使 SecretValueText 将被弃用,也有一种方法永远有效。
就用$secret.SecretValue,它是一个System.Security.SecureString,我们只需要将它转换成String,下面的$Password就是你想要的[=17] =]
$secret = Get-AzKeyVaultSecret -VaultName joykeyvault -Name mySecret123
$SecurePassword = $secret.SecretValue
$Password = [System.Net.NetworkCredential]::new("", $SecurePassword).Password
这可以通过以下方式完成:
获取秘密:
$secret = Get-AzKeyVaultSecret -VaultName {YourVaultName} -Name {YourSecret}
$pass = $secret.SecretValue | ConvertFrom-SecureString -AsPlainText
这与
$secret.SecretValueText
ConvertFrom-SecureString -PowerShell 7 支持 AsPlainText。不要在较低版本上尝试它
Microsoft 文档现已更新
本例取自最新的docs
$secret = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret'
$secretValueText = '';
$ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secret.SecretValue)
try {
$secretValueText = [System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr)
} finally {
[System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)
}
Write-Host "Secret Value is:" $secretValueText
Secret Value is: P@ssw0rd
您可以在 Get-AzKeyVaultSecret 上使用 -AsPlainText 开关。
$secretText = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret' -AsPlainText
另一种选择是将 SecretValueText 属性 添加回 Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecretIdentityItem 对象。
# Update PSKeyVaultSecretIdentityItem object type to include scriptproperty secretvaluetext
$Script = { Get-AzKeyVaultSecret -VaultName $this.VaultName -Name $this.Name -AsPlainText }
Update-TypeData -TypeName 'Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecretIdentityItem' -MemberName 'SecretValueText' -MemberType ScriptProperty -Value $Script
# SecretValueText property will contain decrypted secret text for the session
$secret = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret'
$secret.SecretValueText
我今天将 Az Powershell 升级到 4.6.1 并开始看到以下警告。我的问题是我应该如何处理这个警告?我可以将警告静音,但这根本无法帮助我为这一重大变化做好准备。我检查了 Az 4.6.1 Microsoft docs,他们告诉我我应该仍然使用 SecretValueText 并且没有提供关于弃用的类似警告或任何其他获取秘密值的方法。那么,使用 SecretValueText 读取 KeyVault 机密的 powershell 的更新路径是什么?
WARNING: Breaking changes in the cmdlet 'Get-AzKeyVaultSecret' :
WARNING: - "The output type 'Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecret' is changing"
- The following properties in the output type are being deprecated :
'SecretValueText'
WARNING: Note :The change is expected to take effect from the version : '3.0.0'
WARNING: - "The output type 'Microsoft.Azure.Commands.KeyVault.Models.PSDeletedKeyVaultSecret' is changing"
- The following properties in the output type are being deprecated :
'SecretValueText'
WARNING: Note :The change is expected to take effect from the version : '3.0.0'
WARNING: NOTE : Go to https://aka.ms/azps-changewarnings for steps to suppress this breaking change warning, and other information on breaking changes in Azure PowerShell.
这是 Microsoft docs 中的当前示例:
$secret = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret'
Write-Host "Secret Value is:" $secret.SecretValueText
Secret Value is: P@ssw0rd
好吧,即使 SecretValueText 将被弃用,也有一种方法永远有效。
就用$secret.SecretValue,它是一个System.Security.SecureString,我们只需要将它转换成String,下面的$Password就是你想要的[=17] =]
$secret = Get-AzKeyVaultSecret -VaultName joykeyvault -Name mySecret123
$SecurePassword = $secret.SecretValue
$Password = [System.Net.NetworkCredential]::new("", $SecurePassword).Password
这可以通过以下方式完成:
获取秘密:
$secret = Get-AzKeyVaultSecret -VaultName {YourVaultName} -Name {YourSecret}
$pass = $secret.SecretValue | ConvertFrom-SecureString -AsPlainText
这与 $secret.SecretValueText
ConvertFrom-SecureString -PowerShell 7 支持 AsPlainText。不要在较低版本上尝试它
Microsoft 文档现已更新 本例取自最新的docs
$secret = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret'
$secretValueText = '';
$ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secret.SecretValue)
try {
$secretValueText = [System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr)
} finally {
[System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)
}
Write-Host "Secret Value is:" $secretValueText
Secret Value is: P@ssw0rd
您可以在 Get-AzKeyVaultSecret 上使用 -AsPlainText 开关。
$secretText = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret' -AsPlainText
另一种选择是将 SecretValueText 属性 添加回 Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecretIdentityItem 对象。
# Update PSKeyVaultSecretIdentityItem object type to include scriptproperty secretvaluetext
$Script = { Get-AzKeyVaultSecret -VaultName $this.VaultName -Name $this.Name -AsPlainText }
Update-TypeData -TypeName 'Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecretIdentityItem' -MemberName 'SecretValueText' -MemberType ScriptProperty -Value $Script
# SecretValueText property will contain decrypted secret text for the session
$secret = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret'
$secret.SecretValueText