< Back
Set-AzureKeyVaultSecret
Post
NAME Set-AzureKeyVaultSecret
SYNOPSIS
Creates or updates a secret in a key vault.
SYNTAX
Set-AzureKeyVaultSecret [-InputObject] <PSKeyVaultSecretIdentityItem> [-SecretValue] <SecureString> [-ContentType <String>] [-DefaultProfile
<IAzureContextContainer>] [-Disable] [-Expires <DateTime>] [-NotBefore <DateTime>] [-Tag <Hashtable>] [-Confirm] [-WhatIf] [<CommonParameters>]
Set-AzureKeyVaultSecret [-VaultName] <String> [-Name] <String> [-SecretValue] <SecureString> [-ContentType <String>] [-DefaultProfile
<IAzureContextContainer>] [-Disable] [-Expires <DateTime>] [-NotBefore <DateTime>] [-Tag <Hashtable>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureKeyVaultSecret cmdlet creates or updates a secret in a key vault in Azure Key Vault. If the secret does not exist, this cmdlet
creates it. If the secret already exists, this cmdlet creates a new version of that secret.
PARAMETERS
-ContentType <String>
Specifies the content type of a secret. To delete the existing content type, specify an empty string.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Disable [<SwitchParameter>]
Indicates that this cmdlet disables a secret.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-Expires <DateTime>
Specifies the expiration time, as a DateTime object, for the secret that this cmdlet updates. This parameter uses Coordinated Universal Time
(UTC). To obtain a DateTime object, use the Get-Date cmdlet. For more information, type `Get-Help Get-Date`.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-InputObject <PSKeyVaultSecretIdentityItem>
Secret object
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-Name <String>
Specifies the name of a secret to modify. This cmdlet constructs the fully qualified domain name (FQDN) of a secret based on the name that
this parameter specifies, the name of the key vault, and your current environment.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-NotBefore <DateTime>
Specifies the time, as a DateTime object, before which the secret cannot be used. This parameter uses UTC. To obtain a DateTime object, use
the Get-Date cmdlet.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SecretValue <SecureString>
Specifies the value for the secret as a SecureString object. To obtain a SecureString object, use the ConvertTo-SecureString cmdlet. For more
information, type `Get-Help ConvertTo-SecureString`.
Required? true
Position? 2
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Tag <Hashtable>
Key-value pairs in the form of a hash table. For example:
@{key0="value0";key1=$null;key2="value2"}
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-VaultName <String>
Specifies the name of the key vault to which this secret belongs. This cmdlet constructs the FQDN of a key vault based on the name that this
parameter specifies and your current environment.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecret
NOTES
Example 1: Modify the value of a secret using default attributes
PS C:\\> $Secret = ConvertTo-SecureString -String 'Password' -AsPlainText -Force
PS C:\\> Set-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret' -SecretValue $Secret
The first command converts a string into a secure string by using the ConvertTo-SecureString cmdlet, and then stores that string in the $Secret
variable. For more information, type `Get-Help ConvertTo-SecureString`.
The second command modifies value of the secret named ITSecret in the key vault named Contoso. The secret value becomes the value stored in
$Secret.
Example 2: Modify the value of a secret using custom attributes
PS C:\\> $Secret = ConvertTo-SecureString -String 'Password' -AsPlainText -Force
PS C:\\> $Expires = (Get-Date).AddYears(2).ToUniversalTime()
PS C:\\> $NBF =(Get-Date).ToUniversalTime()
PS C:\\> $Tags = @{ 'Severity' = 'medium'; 'IT' = null }
PS C:\\> $ContentType = 'txt'
PS C:\\> Set-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret' -SecretValue $Secret -Expires $Expires -NotBefore $NBF -ContentType
$ContentType -Disable $False -Tags $Tags
The first command converts a string into a secure string by using the ConvertTo-SecureString cmdlet, and then stores that string in the $Secret
variable. For more information, type `Get-Help ConvertTo-SecureString`.
The next commands define custom attributes for the expiry date, tags, and context type, and store the attributes in variables.
The final command modifies values of the secret named ITSecret in the key vault named Contoso, by using the values specified previously as
variables.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... aultsecret
Get-AzureKeyVaultSecret
Remove-AzureKeyVaultSecret
SYNOPSIS
Creates or updates a secret in a key vault.
SYNTAX
Set-AzureKeyVaultSecret [-InputObject] <PSKeyVaultSecretIdentityItem> [-SecretValue] <SecureString> [-ContentType <String>] [-DefaultProfile
<IAzureContextContainer>] [-Disable] [-Expires <DateTime>] [-NotBefore <DateTime>] [-Tag <Hashtable>] [-Confirm] [-WhatIf] [<CommonParameters>]
Set-AzureKeyVaultSecret [-VaultName] <String> [-Name] <String> [-SecretValue] <SecureString> [-ContentType <String>] [-DefaultProfile
<IAzureContextContainer>] [-Disable] [-Expires <DateTime>] [-NotBefore <DateTime>] [-Tag <Hashtable>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureKeyVaultSecret cmdlet creates or updates a secret in a key vault in Azure Key Vault. If the secret does not exist, this cmdlet
creates it. If the secret already exists, this cmdlet creates a new version of that secret.
PARAMETERS
-ContentType <String>
Specifies the content type of a secret. To delete the existing content type, specify an empty string.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Disable [<SwitchParameter>]
Indicates that this cmdlet disables a secret.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-Expires <DateTime>
Specifies the expiration time, as a DateTime object, for the secret that this cmdlet updates. This parameter uses Coordinated Universal Time
(UTC). To obtain a DateTime object, use the Get-Date cmdlet. For more information, type `Get-Help Get-Date`.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-InputObject <PSKeyVaultSecretIdentityItem>
Secret object
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-Name <String>
Specifies the name of a secret to modify. This cmdlet constructs the fully qualified domain name (FQDN) of a secret based on the name that
this parameter specifies, the name of the key vault, and your current environment.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-NotBefore <DateTime>
Specifies the time, as a DateTime object, before which the secret cannot be used. This parameter uses UTC. To obtain a DateTime object, use
the Get-Date cmdlet.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SecretValue <SecureString>
Specifies the value for the secret as a SecureString object. To obtain a SecureString object, use the ConvertTo-SecureString cmdlet. For more
information, type `Get-Help ConvertTo-SecureString`.
Required? true
Position? 2
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Tag <Hashtable>
Key-value pairs in the form of a hash table. For example:
@{key0="value0";key1=$null;key2="value2"}
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-VaultName <String>
Specifies the name of the key vault to which this secret belongs. This cmdlet constructs the FQDN of a key vault based on the name that this
parameter specifies and your current environment.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSecret
NOTES
Example 1: Modify the value of a secret using default attributes
PS C:\\> $Secret = ConvertTo-SecureString -String 'Password' -AsPlainText -Force
PS C:\\> Set-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret' -SecretValue $Secret
The first command converts a string into a secure string by using the ConvertTo-SecureString cmdlet, and then stores that string in the $Secret
variable. For more information, type `Get-Help ConvertTo-SecureString`.
The second command modifies value of the secret named ITSecret in the key vault named Contoso. The secret value becomes the value stored in
$Secret.
Example 2: Modify the value of a secret using custom attributes
PS C:\\> $Secret = ConvertTo-SecureString -String 'Password' -AsPlainText -Force
PS C:\\> $Expires = (Get-Date).AddYears(2).ToUniversalTime()
PS C:\\> $NBF =(Get-Date).ToUniversalTime()
PS C:\\> $Tags = @{ 'Severity' = 'medium'; 'IT' = null }
PS C:\\> $ContentType = 'txt'
PS C:\\> Set-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret' -SecretValue $Secret -Expires $Expires -NotBefore $NBF -ContentType
$ContentType -Disable $False -Tags $Tags
The first command converts a string into a secure string by using the ConvertTo-SecureString cmdlet, and then stores that string in the $Secret
variable. For more information, type `Get-Help ConvertTo-SecureString`.
The next commands define custom attributes for the expiry date, tags, and context type, and store the attributes in variables.
The final command modifies values of the secret named ITSecret in the key vault named Contoso, by using the values specified previously as
variables.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... aultsecret
Get-AzureKeyVaultSecret
Remove-AzureKeyVaultSecret