How to use a secret from AzureKeyVault into PowerShell -Credential?
Question
- task: AzureKeyVault@2
inputs:
azureSubscription: 'mySub'
KeyVaultName: 'myVault'
SecretsFilter: 'myPass'
RunAsPreJob: false
I can do this to make sure the password is correct, which it is.
echo $(myPass) > secret.txt
This is how I use it in a separate task:
- task: PowerShell@2
inputs:
targetType: inline
script: |
$password = ConvertTo-SecureString -String $(myPass) -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "administrator", $password
Invoke-Command -VMName "myVM" -ScriptBlock {
Write-Host "Hello!"
systeminfo
} -Credential $cred
displayName: 'Remoting into a computer.'
I get this error:
The credential is invalid.
How do I use that password I get from the keyvault to get onto the VM?
1 answers
solution1
1 2022-08-25 01:38:33
From your YAML sample, you are using the Key Vault secret in Pipeline. When you download the Key vault secret, it will save as secret variable in Pipeline.
To use the secret variable in Azure Pipeline, you need to explicitly map secret variables in Agent Job.
In your case, you need to add environment variable in PowerShell task to map secret variables.
Here is an example:
- powershell: |
echo $(myPass)
displayName: 'PowerShell Script'
env:
myPass: $(myPass)
For more detailed info, you can refer to this doc: Secret Variable
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.