diff --git a/src/KeyVault/KeyVault/SecretManagementExtension/SecretManagementExtension.psd1 b/src/KeyVault/KeyVault/Az.KeyVault.Extension/Az.KeyVault.Extension.psd1
similarity index 72%
rename from src/KeyVault/KeyVault/SecretManagementExtension/SecretManagementExtension.psd1
rename to src/KeyVault/KeyVault/Az.KeyVault.Extension/Az.KeyVault.Extension.psd1
index 23af8ba0bae0..fd5e34c6e36d 100644
--- a/src/KeyVault/KeyVault/SecretManagementExtension/SecretManagementExtension.psd1
+++ b/src/KeyVault/KeyVault/Az.KeyVault.Extension/Az.KeyVault.Extension.psd1
@@ -1,5 +1,5 @@
@{
ModuleVersion = '1.0'
- RootModule = '.\SecretManagementExtension.psm1'
+ RootModule = '.\Az.KeyVault.Extension.psm1'
FunctionsToExport = @('Set-Secret','Get-Secret','Remove-Secret','Get-SecretInfo','Test-SecretVault')
}
diff --git a/src/KeyVault/KeyVault/Az.KeyVault.Extension/Az.KeyVault.Extension.psm1 b/src/KeyVault/KeyVault/Az.KeyVault.Extension/Az.KeyVault.Extension.psm1
new file mode 100644
index 000000000000..cea5688ee690
--- /dev/null
+++ b/src/KeyVault/KeyVault/Az.KeyVault.Extension/Az.KeyVault.Extension.psm1
@@ -0,0 +1,297 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+
+function Check-SubscriptionLogIn
+{
+ param (
+ [string] $SubscriptionId,
+ [string] $AzKVaultName
+ )
+
+ $azContext = Az.Accounts\Get-AzContext
+ if (($azContext -eq $null) -or ($azContext.Subscription.Id -ne $SubscriptionId))
+ {
+ try
+ {
+ Set-AzContext -SubscriptionId ${SubscriptionId} -ErrorAction Stop
+ }
+ catch
+ {
+ throw "To use ${AzKVaultName} Azure vault, the current user must be logged into Azure account subscription ${SubscriptionId}. Run 'Connect-AzAccount -SubscriptionId ${SubscriptionId}'."
+ }
+ }
+}
+
+function Get-Secret
+{
+ param (
+ [string] $Name,
+ [string] $VaultName,
+ [hashtable] $AdditionalParameters
+ )
+
+ Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
+
+ $secret = Az.KeyVault\Get-AzKeyVaultSecret -Name $Name -VaultName $AdditionalParameters.AZKVaultName
+ if ($secret -ne $null)
+ {
+ switch ($secret.ContentType) {
+ 'ByteArray'
+ {
+ $SecretValue = Get-ByteArray $Secret
+ }
+ 'String'
+ {
+ $SecretValue = Get-String $Secret
+ }
+
+ 'PSCredential'
+ {
+ Get-PSCredential $Secret
+ }
+ 'Hashtable'
+ {
+ Get-Hashtable $Secret
+ }
+ Default
+ {
+ $SecretValue = Get-SecureString $Secret
+ }
+ }
+ return $SecretValue
+ }
+}
+
+function Get-ByteArray
+{
+ param (
+ [Parameter(Mandatory=$true, Position=0)]
+ [object] $Secret
+ )
+ $secretValueText = Get-String $Secret
+ return [System.Text.Encoding]::ASCII.GetBytes($secretValueText)
+}
+
+function Get-String
+{
+ param (
+ [Parameter(Mandatory=$true, Position=0)]
+ [object] $Secret
+ )
+
+ $ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Secret.SecretValue)
+ try {
+ $secretValueText = [System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr)
+ } finally {
+ [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)
+ }
+ return $secretValueText
+}
+
+function Get-SecureString
+{
+ param (
+ [Parameter(Mandatory=$true, Position=0)]
+ [object] $Secret
+ )
+
+ return $Secret.SecretValue
+}
+
+function Get-PSCredential
+{
+ param (
+ [Parameter(Mandatory=$true, Position=0)]
+ [object] $Secret
+ )
+
+ $secretHashTable = Get-Hashtable $Secret
+ return [System.Management.Automation.PSCredential]::new($secretHashTable["UserName"], ($secretHashTable["Password"] | ConvertTo-SecureString -AsPlainText -Force))
+}
+
+function Get-Hashtable
+{
+ param (
+ [Parameter(Mandatory=$true, Position=0)]
+ [object] $Secret
+ )
+
+ $jsonObject = Get-String $Secret | ConvertFrom-Json
+ $hashtable = @{}
+ $jsonObject.psobject.Properties | foreach { $hashtable[$_.Name] = $_.Value }
+ return $hashtable
+}
+
+function Set-Secret
+{
+ param (
+ [string] $Name,
+ [object] $Secret,
+ [string] $VaultName,
+ [hashtable] $AdditionalParameters
+ )
+
+ Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
+
+ switch ($Secret.GetType().Name) {
+ 'Byte[]'
+ {
+ Set-ByteArray -Name $Name -Secret $Secret -AZKVaultName $AdditionalParameters.AZKVaultName -ContentType 'ByteArray'
+ }
+ 'String'
+ {
+ Set-String -Name $Name -Secret $Secret -AZKVaultName $AdditionalParameters.AZKVaultName -ContentType 'String'
+ }
+ 'SecureString'
+ {
+ Set-SecureString -Name $Name -Secret $Secret -AZKVaultName $AdditionalParameters.AZKVaultName -ContentType 'SecureString'
+ }
+ 'PSCredential'
+ {
+ Set-PSCredential -Name $Name -Secret $Secret -AZKVaultName $AdditionalParameters.AZKVaultName -ContentType 'PSCredential'
+ }
+ 'Hashtable'
+ {
+ Set-Hashtable -Name $Name -Secret $Secret -AZKVaultName $AdditionalParameters.AZKVaultName -ContentType 'Hashtable'
+ }
+ Default
+ {
+ throw "Invalid type. Types supported: byte[], string, SecureString, PSCredential, Hashtable";
+ }
+ }
+
+ return $?
+}
+
+function Set-ByteArray
+{
+ param (
+ [string] $Name,
+ [Byte[]] $Secret,
+ [string] $AZKVaultName,
+ [string] $ContentType
+ )
+
+ $SecretString = [System.Text.Encoding]::ASCII.GetString($Secret)
+ Set-String -Name $Name -Secret $SecretString -AZKVaultName $AZKVaultName -ContentType $ContentType
+}
+
+function Set-String
+{
+ param (
+ [string] $Name,
+ [string] $Secret,
+ [string] $AZKVaultName,
+ [string] $ContentType
+ )
+ $SecureSecret = ConvertTo-SecureString -String $Secret -AsPlainText -Force
+ $null = Az.KeyVault\Set-AzKeyVaultSecret -Name $Name -SecretValue $SecureSecret -VaultName $AZKVaultName -ContentType $ContentType
+}
+
+function Set-SecureString
+{
+ param (
+ [string] $Name,
+ [SecureString] $Secret,
+ [string] $AZKVaultName,
+ [string] $ContentType
+ )
+
+ $null = Az.KeyVault\Set-AzKeyVaultSecret -Name $Name -SecretValue $Secret -VaultName $AZKVaultName -ContentType $ContentType
+}
+
+function Set-PSCredential
+{
+ param (
+ [string] $Name,
+ [PSCredential] $Secret,
+ [string] $AZKVaultName,
+ [string] $ContentType
+ )
+ $secretHashTable = @{"UserName" = $Secret.UserName; "Password" = $Secret.GetNetworkCredential().Password}
+ $SecretString = ConvertTo-Json $secretHashTable
+ Set-String -Name $Name -Secret $SecretString -AZKVaultName $AZKVaultName -ContentType $ContentType
+}
+
+function Set-Hashtable
+{
+ param (
+ [string] $Name,
+ [Hashtable] $Secret,
+ [string] $AZKVaultName,
+ [string] $ContentType
+ )
+ $SecretString = ConvertTo-Json $Secret
+ Set-String -Name $Name -Secret $SecretString -AZKVaultName $AZKVaultName -ContentType $ContentType
+}
+
+function Remove-Secret
+{
+ param (
+ [string] $Name,
+ [string] $VaultName,
+ [hashtable] $AdditionalParameters
+ )
+
+ Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
+
+ $null = Az.KeyVault\Remove-AzKeyVaultSecret -Name $Name -VaultName $AdditionalParameters.AZKVaultName -Force
+ return $?
+}
+
+function Get-SecretInfo
+{
+ param (
+ [string] $Filter,
+ [string] $VaultName,
+ [hashtable] $AdditionalParameters
+ )
+
+ Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
+
+ if ([string]::IsNullOrEmpty($Filter))
+ {
+ $Filter = "*"
+ }
+
+ $pattern = [WildcardPattern]::new($Filter)
+
+ $vaultSecretInfos = Az.KeyVault\Get-AzKeyVaultSecret -VaultName $AdditionalParameters.AZKVaultName
+
+ foreach ($vaultSecretInfo in $vaultSecretInfos)
+ {
+ if ($pattern.IsMatch($vaultSecretInfo.Name))
+ {
+ if($vaultSecretInfo.ContentType -eq $null)
+ {
+ $vaultSecretInfo.ContentType = 'Unknown'
+ }
+ Write-Output (
+ [Microsoft.PowerShell.SecretManagement.SecretInformation]::new(
+ $vaultSecretInfo.Name,
+ [System.Enum]::Parse([Microsoft.PowerShell.SecretManagement.SecretType], $vaultSecretInfo.ContentType),
+ $VaultName)
+ )
+ }
+ }
+}
+
+function Test-SecretVault
+{
+ param (
+ [string] $VaultName,
+ [hashtable] $AdditionalParameters
+ )
+
+ try
+ {
+ Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
+ }
+ catch
+ {
+ Write-Error $_
+ return $false
+ }
+
+ return $true
+}
\ No newline at end of file
diff --git a/src/KeyVault/KeyVault/Az.KeyVault.psd1 b/src/KeyVault/KeyVault/Az.KeyVault.psd1
index 61c790648026..34519f43e505 100644
--- a/src/KeyVault/KeyVault/Az.KeyVault.psd1
+++ b/src/KeyVault/KeyVault/Az.KeyVault.psd1
@@ -73,7 +73,7 @@ RequiredAssemblies = 'Microsoft.Azure.KeyVault.dll',
FormatsToProcess = 'KeyVault.format.ps1xml'
# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess
-NestedModules = @('Microsoft.Azure.PowerShell.Cmdlets.KeyVault.dll')
+NestedModules = @('Microsoft.Azure.PowerShell.Cmdlets.KeyVault.dll', '.\Az.KeyVault.Extension')
# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.
FunctionsToExport = @()
diff --git a/src/KeyVault/KeyVault/ChangeLog.md b/src/KeyVault/KeyVault/ChangeLog.md
index 4021c26a70b9..d2f516e70a1e 100644
--- a/src/KeyVault/KeyVault/ChangeLog.md
+++ b/src/KeyVault/KeyVault/ChangeLog.md
@@ -18,6 +18,8 @@
- Additional information about change #1
-->
## Upcoming Release
+* Supported new version of SecretManagement module [#13366]
+* Supported ByteArray, String, PSCredential and Hashtable for `SecretValue` in SecretManagementModule [#12190]
## Version 3.0.0
* [Breaking Change] Deprecated parameter DisableSoftDelete in `New-AzKeyVault` and EnableSoftDelete in `Update-AzKeyVault`
diff --git a/src/KeyVault/KeyVault/KeyVault.csproj b/src/KeyVault/KeyVault/KeyVault.csproj
index 08c173c1e4d1..99a9c0c66dba 100644
--- a/src/KeyVault/KeyVault/KeyVault.csproj
+++ b/src/KeyVault/KeyVault/KeyVault.csproj
@@ -28,7 +28,7 @@
-
+
diff --git a/src/KeyVault/KeyVault/SecretManagementExtension/SecretManagementExtension.psm1 b/src/KeyVault/KeyVault/SecretManagementExtension/SecretManagementExtension.psm1
deleted file mode 100644
index 4b3770006fc1..000000000000
--- a/src/KeyVault/KeyVault/SecretManagementExtension/SecretManagementExtension.psm1
+++ /dev/null
@@ -1,123 +0,0 @@
-# Copyright (c) Microsoft Corporation. All rights reserved.
-# Licensed under the MIT License.
-
-function Check-SubscriptionLogIn
-{
- param (
- [string] $SubscriptionId,
- [string] $AzKVaultName
- )
-
- Import-Module -Name Az.Accounts
-
- $azContext = Az.Accounts\Get-AzContext
- if (($azContext -eq $null) -or ($azContext.Subscription.Id -ne $SubscriptionId))
- {
- throw "To use ${AzKVaultName} Azure vault, the current user must be logged into Azure account subscription ${SubscriptionId}. Run 'Connect-AzAccount -SubscriptionId ${SubscriptionId}'."
- }
-}
-
-function Get-Secret
-{
- param (
- [string] $Name,
- [string] $VaultName,
- [hashtable] $AdditionalParameters
- )
-
- Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
-
- Import-Module -Name Az.KeyVault
-
- $secret = Az.KeyVault\Get-AzKeyVaultSecret -Name $Name -VaultName $AdditionalParameters.AZKVaultName
- if ($secret -ne $null)
- {
- return $secret.SecretValue
- }
-}
-
-function Set-Secret
-{
- param (
- [string] $Name,
- [object] $Secret,
- [string] $VaultName,
- [hashtable] $AdditionalParameters
- )
-
- Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
-
- Import-Module -Name Az.KeyVault
-
- $null = Az.KeyVault\Set-AzKeyVaultSecret -Name $Name -SecretValue $Secret -VaultName $AdditionalParameters.AZKVaultName
- return $?
-}
-
-function Remove-Secret
-{
- param (
- [string] $Name,
- [string] $VaultName,
- [hashtable] $AdditionalParameters
- )
-
- Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
-
- Import-Module -Name Az.KeyVault
-
- $null = Az.KeyVault\Remove-AzKeyVaultSecret -Name $Name -VaultName $AdditionalParameters.AZKVaultName -Force
- return $?
-}
-
-function Get-SecretInfo
-{
- param (
- [string] $Filter,
- [string] $VaultName,
- [hashtable] $AdditionalParameters
- )
-
- Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
-
- Import-Module -Name Az.KeyVault
-
- if ([string]::IsNullOrEmpty($Filter))
- {
- $Filter = "*"
- }
-
- $pattern = [WildcardPattern]::new($Filter)
- $vaultSecretInfos = Az.KeyVault\Get-AzKeyVaultSecret -VaultName $AdditionalParameters.AZKVaultName
- foreach ($vaultSecretInfo in $vaultSecretInfos)
- {
- if ($pattern.IsMatch($vaultSecretInfo.Name))
- {
- Write-Output (
- [Microsoft.PowerShell.SecretManagement.SecretInformation]::new(
- $vaultSecretInfo.Name,
- [Microsoft.PowerShell.SecretManagement.SecretType]::SecureString,
- $VaultName)
- )
- }
- }
-}
-
-function Test-SecretVault
-{
- param (
- [string] $VaultName,
- [hashtable] $AdditionalParameters
- )
-
- try
- {
- Check-SubscriptionLogIn $AdditionalParameters.SubscriptionId $AdditionalParameters.AZKVaultName
- }
- catch
- {
- Write-Error $_
- return $false
- }
-
- return $true
-}
diff --git a/tools/CleanupBuild.ps1 b/tools/CleanupBuild.ps1
index aa5f8eb13e95..90b1f7c907be 100644
--- a/tools/CleanupBuild.ps1
+++ b/tools/CleanupBuild.ps1
@@ -77,7 +77,7 @@ foreach($RMPath in $resourceManagerPaths)
Write-Host "Removing scripts and psd1 in $($RMFolder.FullName)"
$exludedPsd1 = @(
"PsSwaggerUtility*.psd1",
- "SecretManagementExtension.psd1"
+ "Az.KeyVault.Extension.psd1"
)
$removedPsd1 = Get-ChildItem -Path "$($RMFolder.FullName)" -Include "*.psd1" -Exclude $exludedPsd1 -Recurse | where { $_.FullName -ne "$($RMFolder.FullName)$([IO.Path]::DirectorySeparatorChar)$($RMFolder.Name).psd1" }
$removedPsd1 | % { Write-Host "Removing $($_.FullName)"; Remove-Item $_.FullName -Force }
diff --git a/tools/NewHelpIndex.ps1 b/tools/NewHelpIndex.ps1
index 556e9e4838dc..08e4a66eb094 100644
--- a/tools/NewHelpIndex.ps1
+++ b/tools/NewHelpIndex.ps1
@@ -69,7 +69,7 @@ $HelpFolders = @()
$resourceManagerPath = "$PSScriptRoot/../artifacts/$BuildConfig/"
$RMpsd1s += Get-ChildItem -Path $resourceManagerPath -Depth 2 | Where-Object {
- $_.Name -like "*.psd1" -and $_.FullName -notlike "*dll-Help*" -and $_.Name -ne "SecretManagementExtension.psd1"
+ $_.Name -like "*.psd1" -and $_.FullName -notlike "*dll-Help*" -and $_.Name -ne "Az.KeyVault.Extension.psd1"
}
.($PSScriptRoot + "\PreloadToolDll.ps1")
diff --git a/tools/NewOutputTypeIndex.ps1 b/tools/NewOutputTypeIndex.ps1
index ee22892526f9..2dfe41688cd3 100644
--- a/tools/NewOutputTypeIndex.ps1
+++ b/tools/NewOutputTypeIndex.ps1
@@ -22,6 +22,10 @@ $psd1Files | ForEach {
Import-LocalizedData -BindingVariable "psd1File" -BaseDirectory $_.DirectoryName -FileName $_.Name
foreach ($nestedModule in $psd1File.NestedModules)
{
+ if('.dll' -ne [System.IO.Path]::GetExtension($nestedModule))
+ {
+ continue;
+ }
$dllPath = Join-Path -Path $_.DirectoryName -ChildPath $nestedModule
$Assembly = [Reflection.Assembly]::LoadFrom($dllPath)
$exportedTypes = $Assembly.GetTypes()
diff --git a/tools/PublishModules.psm1 b/tools/PublishModules.psm1
index d6c9e0ba7427..f790c2994c74 100644
--- a/tools/PublishModules.psm1
+++ b/tools/PublishModules.psm1
@@ -323,7 +323,22 @@ function Remove-ModuleDependencies {
$regex = New-Object System.Text.RegularExpressions.Regex "NestedModules\s*=\s*@\([^\)]+\)"
$content = (Get-Content -Path $Path) -join "`r`n"
- $text = $regex.Replace($content, "NestedModules = @()")
+
+ $file = Get-Item $Path
+ Import-LocalizedData -BindingVariable ModuleMetadata -BaseDirectory $file.DirectoryName -FileName $file.Name
+ $ReplacedNestedModules = ""
+ foreach ($nestedModule in $ModuleMetadata.NestedModules)
+ {
+ if('.dll' -ne [System.IO.Path]::GetExtension($nestedModule))
+ {
+ $ReplacedNestedModules += "'$nestedModule', ";
+ }
+ }
+ if("" -ne $ReplacedNestedModules){
+ $ReplacedNestedModules = $ReplacedNestedModules.Substring(0, $ReplacedNestedModules.Length - 2)
+ }
+
+ $text = $regex.Replace($content, "NestedModules = @($ReplacedNestedModules)")
Out-FileNoBom -File $Path -Text $text
}
}
@@ -684,7 +699,7 @@ function Add-Module {
}
Write-Output "Removing module manifest dependencies for $unzippedManifest"
- Remove-ModuleDependencies -Path (Join-Path $TempRepoPath $unzippedManifest)
+ Remove-ModuleDependencies -Path (Join-Path $TempRepoPath $unzippedManifest -Resolve)
Remove-Item -Path $zipPath -Force
diff --git a/tools/UpdateModules.psm1 b/tools/UpdateModules.psm1
index d2b60a2ae1c6..84c20b3e9b7e 100644
--- a/tools/UpdateModules.psm1
+++ b/tools/UpdateModules.psm1
@@ -157,6 +157,10 @@ function Get-Cmdlets {
$nestedModules = $ModuleMetadata.NestedModules
$cmdlets = @()
foreach ($module in $nestedModules) {
+ if('.dll' -ne [System.IO.Path]::GetExtension($module))
+ {
+ continue;
+ }
$dllPath = Join-Path -Path $ModulePath -ChildPath $module
$Assembly = [Reflection.Assembly]::LoadFrom($dllPath)
$dllCmdlets = $Assembly.GetTypes() | Where-Object {$_.CustomAttributes.AttributeType.Name -contains "CmdletAttribute"}