What is Key Vault?
Azure Key Vault is a cloud service that works as a secure secrets store. You can securely store keys, passwords, certificates, and other secrets.
In this example, I am going to create/fetch secrets in Azure key vault secrets using the PowerShell task in the Azure DevOps, so for this, you need to ensure your Agent (it may be self-hosted or default Agent) has access to the Azure Key vault.
Note: Az Module is required for performing the below operations.
STEP: 1 Connect to Azure using Connect-AzAccount
After executing the below cmdlet, you will get the pop for authentication, post successful authentication you will able to execute from the STEP 2
Connect-AzAccount
STEP: 2 Convert the Values to Secure String
Before pushing the secrets in the Azure key vault ensure you are Converts plain text to encrypted strings to secure.
$captcha_value = ConvertTo-SecureString ‘5KjciMedTTTTTJObOOpwysZPFDH-M-TOx1OIuDt6’ -AsPlainText -Force
STEP: 3 Set the Secrets using set-AzKeyVaultSecret
set-AzKeyVaultSecret -VaultName kv-dgtl-dev -Name ‘captcha-secret-key’ -SecretValue $captcha_value
STEP: 4 Get the Secrets using Get-AzKeyVaultSecret
$captcha-secret = Get-AzKeyVaultSecret -VaultName kv-dgtl-dev -Name ‘captcha-secret-key’
To get the value in plain text just use -AsPlainText at the end of the command as shown below
$captcha-secret = Get-AzKeyVaultSecret -VaultName kv-dgtl-dev -Name ‘captcha-secret-key’ -AsPlainText