-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature]: Invoke-AzKeyVaultKeyOperation allow plain text input for the -value parameter #24943
Comments
/unresolve |
Hello Team, I'm sorry if I shouldn't have reopened this but its the first time I'm using this feature request and I don't really understand how it works. You closed the request telling me that it has been address. Does it mean that it will be implemented? If yes is there a timeline? Does it mean that the feature already exists? If yes is there a tutorial on how to use it? |
Hi @risksoft-atacana , we introduced a parameter called ByteArrayValue in Invoke-AzKeyVaultKeyOperation in Az.KeyVault >= 5.1.0, which supports operating byte array without conversion to secure string. If you have a plain text and won't/can't convert it to secure string, try following method: # Encrypts plain text using an encryption key
$plainText = "test"
$byteArray = [system.Text.Encoding]::UTF8.GetBytes($plainText)
$encryptedData = Invoke-AzKeyVaultKeyOperation -Operation Encrypt -Algorithm RSA1_5 -VaultName test-kv -Name test-key -ByteArrayValue $byteArray
$encryptedData
# Decrypt encrypted data to plain text
$decryptedData = Invoke-AzKeyVaultKeyOperation -Operation Decrypt -Algorithm RSA1_5 -VaultName test-kv -Name test-key -ByteArrayValue $encryptedData.RawResult
$plainText = [system.Text.Encoding]::UTF8.GetString($decryptedData.RawResult)
$plainText UTF8 may not be best way to encode plain text to bytes, you can try any way you want to use. Please let me know if you need further assistance. |
Hi @risksoft-atacana. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text “ |
Hi @risksoft-atacana, since you haven't asked that we " |
Description of the new feature
Hello Team,
I hava a use case where I encrypt something using a key vault key using power automate and then run an azure automation runbook via webhook and send that encrypted data. Because the value Invoke-AzKeyVaultKeyOperation requires a secure.string i cannot decrypt the payload as converting that payload to secure.string will change the payload and the decryption operation in the runbook will fail.
Proposed implementation details (optional)
Allow [string] types to -value parameter
The text was updated successfully, but these errors were encountered: