Microsoft Makes Progress on PowerShell Secrets Management Module
Microsoft recently opened up about its upcoming PowerShell Secrets Management Module, which is designed to give organizations a better way to secure and share PowerShell scripts.
The module was released late last month as an alpha test version in the PowerShell Gallery. It's currently just available for testing on Windows systems and isn't recommended for use in production environments. Support for Linux and macOS systems is planned, but not available.
General availability of the PowerShell Secret Management Module is targeted for "late spring/early summer 2020," according to Sydney Smith, a program manager with the PowerShell team, in a blog post this week.
The idea behind the module is that it has been difficult for organizations to manage secrets securely, especially when running scripts across heterogeneous cloud environments.
Developers writing scripts want them to run across different platforms, but that might involve handling multiple secrets and multiple secrets types. The team sees PowerShell serving as a connection point between different systems. Consequently, it built an abstraction layer in PowerShell that can be used to manage secrets, both with local vaults and remote vaults, Smith explained in a November Ignite talk.
The module helps manage local and remote secrets in unified way, Smith added. It might be used to run a script in various environments, where just the vault parameter would need to be changed. Scripts could be shared across an organization, and it wouldn't be necessary to know the local vaults of the various users. Keys could be shared with users in test environments, but deployment keys could be individualized. It would be less necessary to hard-code secrets into scripts.
The PowerShell Secret Management Module is being designed to work with various vault extensions. Microsoft is "leaving it up to the vault owners/users to help us build out that ecosystem." More information on this vault extension development work will get outlined in future PowerShell blog posts, Smith indicated.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.