PowerShell/SecretStore PowerShell/SecretStore

  • Stars
    star
    155
  • Rank 240,864 (Top 5 %)
  • Language
    C#
  • License
    MIT License
  • Created over 4 years ago
  • Updated 5 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
PowerShell/SecretStore
github

PowerShell

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PowerShell SecretStore module

This module is an extension vault for the PowerShell SecretManagement module. It stores secrets locally on file for the current user account context, and uses .NET crypto APIs to encrypt file contents. Secrets remain encrypted in-memory, and are only decrypted when retrieved and passed to the user. This module works over all supported PowerShell platforms on Windows, Linux, and macOS. In the default configuration, a password is required to store and access secrets, and provides the strongest protection.

Secret metadata

Supporting secret metadata is optional for SecretManagement extension vaults. The SecretStore supports secret metadata through the optional Set-Secret vault command Metadata parameter, and the optional Set-SecretInfo vault command.

Configuration

The SecretStore module allows a number of configurations.

It can be configured to require a password to unlock the store, or operate without a password.
The no-password option still encrypts secrets on file and in memory. But the key for decryption is stored on file in the current user location, and is less secure.

SecretStore can also be configured to prompt the user for the password if needed. When a password is provided, it applies only to the current PowerShell session and only for a limited time. The password timeout time is also configurable and set to 15 minutes by default. Password prompting is useful when SecretStore is used interactively. For automation scenarios, password prompting can be disabled and will instead return an error.

If password prompting is disabled and a password is required to access secrets, a Microsoft.PowerShell.SecretStore.PasswordRequiredException will be thrown. In this case, the SecretStore can be unlocked using the Unlock-SecretStore cmdlet.

There is also a SecretStore Scope setting, but it is currently set to CurrentUser and cannot be changed.

The default configuration is set to for best security and interactive use.

Get-SecretStoreConfiguration

      Scope Authentication PasswordTimeout Interaction
      ----- -------------- --------------- -----------
CurrentUser       Password             900      Prompt

SecretStore cmdlets

The SecretStore exports five cmdlets for manipulating configuration and store state.

Get-SecretStoreConfiguration

This cmdlet displays the current configuration.

Set-SecretStoreConfiguration

This cmdlet sets configuration options for SecretStore. Individual configuration options can be set, or the store can be configured to default settings by using the -Default parameter switch.

Set-SecretStoreConfiguration -PasswordTimeout 30

      Scope Authentication PasswordTimeout Interaction
      ----- -------------- --------------- -----------
CurrentUser       Password              30      Prompt

Unlock-SecretStore

This cmdlet unlocks the SecretStore with the provided password. The password can be passed in as a SecureString type or in plain text.

Set-SecretStorePassword

This cmdlet changes the SecretStore password. It takes no parameters and can only be used interactively, as it prompts the user for old and new passwords.

Reset-SecretStore

This cmdlet deletes all data in the SecretStore, and updates the configuration. If no configuration parameters are specified, the default settings will be used.
This cmdlet is intended for cases where the password is forgotten, or store files become corrupt and SecretStore is unusable.

More Repositories

1

PowerShell

PowerShell for every system!
C#
45,459
star
2

Win32-OpenSSH

Win32 port of OpenSSH
7,290
star
3

PSReadLine

A bash inspired readline implementation for PowerShell
C#
3,700
star
4

PSScriptAnalyzer

Download ScriptAnalyzer from PowerShellGallery
C#
1,842
star
5

vscode-powershell

Provides PowerShell language and debugging support for Visual Studio Code
TypeScript
1,687
star
6

DscResources

Central repository for PowerShell Desired State Configuration (DSC) resources.
772
star
7

ConsoleGuiTools

Modules that mix PowerShell and GUIs/CUIs!
C#
772
star
8

platyPS

Write PowerShell External Help in Markdown
C#
765
star
9

PowerShellEditorServices

A common platform for PowerShell development support in any editor or application!
C#
623
star
10

Polaris

A cross-platform, minimalist web framework for PowerShell
PowerShell
507
star
11

PSResourceGet

PSResourceGet is the package manager for PowerShell
C#
483
star
12

PowerShellGetv2

PowerShellGet is the Package Manager for PowerShell
PowerShell
430
star
13

PowerShell-RFC

RFC (Request for Comments) documents for community feedback on design changes and improvements to PowerShell ecosystem
PowerShell
430
star
14

PowerShell-Docker

Repository for building PowerShell Docker images
Dockerfile
400
star
15

Crescendo

a module for wrapping native applications in a PowerShell function and module
PowerShell
397
star
16

SecretManagement

PowerShell module to consistent usage of secrets through different extension vaults
C#
321
star
17

JEA

Just Enough Administration
PowerShell
254
star
18

PowerShellGallery

PowerShell
228
star
19

Operation-Validation-Framework

PowerShell
223
star
20

DSC

This repo is for the DSC v3 project
Rust
192
star
21

SHiPS

Simple Hierarchy in PowerShell - developing PowerShell provider got so much easier
C#
188
star
22

PSSwagger

The cmdlet generator from OpenAPI (f.k.a Swagger) specification
PowerShell
164
star
23

PowerShellStandard

C#
157
star
24

PSPrivateGallery

DSC Resources and Configurations to deploy and manage Private PowerShell Gallery
PowerShell
148
star
25

CompletionPredictor

C#
145
star
26

GPRegistryPolicyParser

PowerShell
140
star
27

WindowsCompatibility

Module that allows Windows PowerShell Modules to be used from PSCore6
PowerShell
137
star
28

PowerShell-Tests

Pester based tests for testing PowerShell
PowerShell
130
star
29

PowerShell-IoT

Interact with I2C, SPI & GPIO devices using PowerShell Core!
C#
130
star
30

PSDscResources

PowerShell
129
star
31

EditorSyntax

PowerShell syntax highlighting for editors (VS Code, Atom, SublimeText, TextMate, etc.) and GitHub!
PowerShell
127
star
32

Modules

C#
111
star
33

Phosphor

A library and PowerShell module for generating user interfaces from PowerShell modules
TypeScript
109
star
34

GPRegistryPolicy

PowerShell
102
star
35

Community-Blog

Submissions for posts to the PowerShell Community Blog -https://devblogs.microsoft.com/powershell-community
102
star
36

psl-omi-provider

PSRP Linux support library
C
100
star
37

Microsoft.PowerShell.Archive

Archive PowerShell module contains cmdlets for working with ZIP archives
C#
93
star
38

PSArm

PSArm is a PowerShell module that provides a PowerShell-embedded domain-specific language (DSL) for Azure Resource Manager (ARM) templates
C#
77
star
39

Remotely

Enable remote execution of scripts. Works with Pester.
PowerShell
74
star
40

TextUtility

Microsoft.PowerShell.TextUtility module
C#
64
star
41

PSDesiredStateConfiguration

Source for https://www.powershellgallery.com/packages/PSDesiredStateConfiguration module
PowerShell
59
star
42

ProjectMercury

An interactive shell to work with AI-powered assistance providers
C#
56
star
43

Demo_CI

PowerShell
55
star
44

PowerShellGet

This module provide functions used with PowerShellGet v3 to provide compatibility with scripts expecting PowerShellGet v2
PowerShell
55
star
45

DscResource.Tests

Common meta tests for PowerShell DSC resources repositories.
PowerShell
51
star
46

PowerShell-Native

C++
48
star
47

Whitepapers

Staging area for new documents and whitepapers
46
star
48

AzurePSDrive

Navigate Azure Resources Just like A FileSystem
PowerShell
41
star
49

ContainerProvider

ContainerImageProvider
PowerShell
38
star
50

PrivateCloud.DiagnosticInfo

PowerShell
38
star
51

PackageManagementProviderResource

Modules with DSC resources for the PackageManagement(aka OneGet) providers.
PowerShell
37
star
52

Pager

Project for console pager, which is published as a NuGet package Microsoft.PowerShell.Pager
C#
34
star
53

MarkdownRender

C#
32
star
54

DSC-Samples

Samples and tutorials for DSC v3
Go
29
star
55

PlasterBuild

Provides common build tasks for PowerShell module projects
PowerShell
29
star
56

PowerShell-Snap

PowerShell
28
star
57

SelfSignedCertificate

A module for generating self-signed certificates in PowerShell Core
PowerShell
27
star
58

CimPSDrive

SHiPS based provider to navigate CIM classes and namespaces
PowerShell
27
star
59

DscConfigurations

PowerShell
27
star
60

tree-sitter-PowerShell

JavaScript
25
star
61

GitHub-Actions

PowerShell
25
star
62

MMI

C#
24
star
63

Microsoft.PowerShell.Kubectl

PowerShell module to manage Kubernetes
PowerShell
23
star
64

LibreSSL

C
22
star
65

ODataUtils

PowerShell Module to generate cmdlets from an OData endpoint
PowerShell
22
star
66

ThreadJob

PowerShell
22
star
67

WmiNamespaceSecurityDsc

This module contains DSC resources to manage WMI Namespace Security.
PowerShell
21
star
68

FileUtility

C#
21
star
69

UnixCompleters

C#
20
star
70

Homebrew-Tap

Ruby
19
star
71

underhanded-powershell

Underhanded PowerShell Contest Repository
PowerShell
18
star
72

Hardware-Management-Module

PowerShell
17
star
73

generator-powershell

Create PowerShell modules and scripts using Yeoman!
JavaScript
16
star
74

Announcements

PowerShell Team Announcements
15
star
75

JsonAdapter

C#
14
star
76

PowerShellModuleCoverage

Track issues related to using Windows PowerShell modules with PowerShell
13
star
77

whatsnew

PowerShell
13
star
78

PSRelease

PowerShell
11
star
79

AwsDscToolkit

AWS DSC Toolkit
PowerShell
10
star
80

DscResource.Template

PowerShell
10
star
81

command-not-found

C#
10
star
82

TemplateConfig

Provides template for organizing DSC configuration scripts and supporting modules
PowerShell
10
star
83

SystemLocaleDsc

DSC Resource for configuring Windows System Locale
PowerShell
9
star
84

SmartPackageProvider

A PackageManagement provider to find and install packages using search engines
C#
9
star
85

xDisk

PowerShell
8
star
86

psl-pester

Fork of Pester for compatibility with PowerShell on Linux.
PowerShell
8
star
87

PowerShell-Blog-Samples

Samples for the PowerShell blog
PowerShell
8
star
88

ZLib

C
7
star
89

AWSBootStrapper

PowerShell
6
star
90

WSAProvider

A PackageManagement provider to find and install packages for Appx based packaging format
PowerShell
6
star
91

PowerShellGetDsc

DSCResources for the PowerShellGet module
PowerShell
5
star
92

DscConfiguration.Tests

Test automation scripts for evaluating the quality of DSC Configurations using Azure virtual machines and Azure Automation DSC.
PowerShell
5
star
93

SILDeploymentHelper

PowerShell
4
star
94

vscode-powershellise-keybindings

A Visual Studio Code extension that configures PowerShell ISE keybindings.
TypeScript
4
star
95

PSPackageProject

PowerShell
4
star
96

Compliance

3
star
97

.github

3
star
98

ISEAddOnExamples

3
star
99

pscore-docs-dotnet

PowerShell
2
star
100

JsonAdapterFeedbackPredictor

1
star