SecretManagement icon indicating copy to clipboard operation
SecretManagement copied to clipboard

Published 20 hours ago verified publisher icon PowerShell

Set-Secret deletes secrets unexpectedly

Open danikuci1 opened this issue 6 months ago • 3 comments

Prerequisites

  • [X] Write a descriptive title.
  • [X] Make sure you are able to repro it on the latest released version
  • [X] Search the existing issues.

Steps to reproduce

I am trying to leverage the secrets management module to manage secrets in Azure KeyVault and want to update some metadata when a password is updated. This works fine in the AKV but fails when doing it with the module.

Expected behavior

PS> Set-Secret -Name "SomeSecret" -SecureStringSecret $NewPasswordSecureString -Vault MyVault -Metadata @{Expiration = (Get-Date).AddMonth(1)}

Congrats! Your secret was updated and has all is well! Yay!

Actual behavior

PS> Set-Secret -Name "SomeSecret" -SecureStringSecret $NewPasswordSecureString -Vault MyVault -Metadata @{Expiration = (Get-Date).AddMonth(1)}

Set-Secret: Cannot add secret metadata 'SomeSecret' to vault 'MyVault': The vault does not support the Set-SecretInfo function.

Yet this works fine if I specify the same metadata with Set-AzKeyVaultSecret or do it manually through the portal

Error details

Exception             :
    Type        : System.Management.Automation.PSNotSupportedException
    ErrorRecord :
        Exception             :
            Type    : System.Management.Automation.ParentContainsErrorRecordException
            Message : Cannot add secret metadata '...' to vault '...: The vault does not support the
Set-SecretInfo function.
            HResult : -2146233087
        CategoryInfo          : NotImplemented: (:) [], ParentContainsErrorRecordException
        FullyQualifiedErrorId : NotSupported
    Message     : Cannot add secret metadata '...' to vault '...: The vault does not support the
Set-SecretInfo function.
    HResult     : -2146233067
TargetObject          : Microsoft.PowerShell.SecretManagement.ExtensionVaultModule
CategoryInfo          : NotImplemented: (Microsoft.PowerShel…xtensionVaultModule:ExtensionVaultModule) [Set-Secret],
PSNotSupportedException
FullyQualifiedErrorId : SetSecretMetadataCommandNotSupported,Microsoft.PowerShell.SecretManagement.SetSecretCommand
InvocationInfo        :
    MyCommand        : Set-Secret
    ScriptLineNumber : 1
    OffsetInLine     : 1
    HistoryId        : 48
    Line             : Set-Secret -Name "..." -SecureStringSecret $(New-Password -SecureString) -Vault
...-Metadata @{Expiration = (Get-Date).AddDays(100)} -Debug
    PositionMessage  : At line:1 char:1
                       + Set-Secret -Name "..." -SecureStringSecret $(New-Password -Sec …
                       + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    InvocationName   : Set-Secret
    CommandOrigin    : Internal
ScriptStackTrace      : at <ScriptBlock>, <No file>: line 1
PipelineIterationInfo :

Environment data

Name                           Value
----                           -----
PSVersion                      7.4.4
PSEdition                      Core
GitCommitId                    7.4.4
OS                             Microsoft Windows 10.0.20348
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Version

im not using cresendo

Visuals

No response

danikuci1 avatar Aug 16 '24 21:08 danikuci1