SecretManagement and SecretStore Updates

Sydney Smith

Two updated preview releases are now available on the PowerShell Gallery:

Please note that these preview releases contain breaking changes. This version of SecretStore is incompatible with previous versions because the configuration format has changed. The previous file store cannot be read by the new version and you will need to reset the store Reset-SecretStore after installing the new version. Be sure to save your current stored secrets before upgrading so they can be re-added after you Reset your SecretStore.

To install these updates run the following commands:

Install-Module Microsoft.PowerShell.SecretManagement -AllowPrerelease 
Install-Module Microsoft.PowerShell.SecretStore -AllowPrerelease 

If you see an error indicating the a dependency of SecretStore cannot be installed, please uninstall all previously installed versions of SecretManagement and try again (this is due to an issue in PowerShellGet with prerelease modules).

SecretManagement Preview 4 Updates

This update to SecretManagement addresses a bug blocking vault registration on Windows PowerShell, adds additional pipeline support, and makes several changes to improve the vault developer experience. Read the full list of changes below:

  • Fixes issue with registering extension vaults on Windows PowerShell (Error: Cannot bind argument to parameter ‘Path’ …)
  • Changes SecretVaultInfo VaultName property to Name, for consistency
  • Changes Test-SecretVault -Vault parameter changed to -Name for consistency
  • Adds -AllowClobber parameter switch to Register-SecretVault, to allow overwriting existing vault
  • Register-SecretVault uses module name as the friendly name if the -Name parameter is not used
  • Unregister-SecretVault now supports Name parameter argument from pipeline
  • Set-DefaultVault now supports Name and SecretVaultVaultInfo parameter arguments from pipeline
  • Set-Secret now supports SecretInfo objects from the pipeline
  • Adds -WhatIf support to Secret-Secret
  • Adds -WhatIf support to Remove-Secret

SecretStore Preview 2 Updates

This update to SecretStore includes updates to the cmdlet interface based on user feedback and desire to conform to PowerShell best practices. This update also updates error messaging to provide a clarified user experience. Read the full list of changes below:

  • Set-SecretStoreConfiguration now supports -Authentication and -Interaction parameters instead of -PasswordRequired and -DoNotPrompt switches
  • Update-SecretStorePassword has been renamed to Set-SecretStorePassword
  • Unlock-SecretStore no longer supports plain text passwords
  • Set-SecretStoreConfiguration now throws an error if called with no parameters
  • Added ProjectUri and “SecretManagement” tag to manifest file
  • Reset-SecretStore now defaults to ‘No’ when prompting to continue.

If you are publishing an extension vault to the PowerShell Gallery we ask that you add the tag “SecretManagement” to the module manifest. This will the vault to be more discoverable for SecretManagement users.

Feedback and Support

As we approach General Availability for these modules now is the time to test the modules against your scenarios to request changes (especially breaking ones) and discover bugs. To file issues or get support for the SecretManagement interface or vault development experience please use the SecretManagement repository. For issues which pertain specifically to the SecretStore and its cmdlet interface please use the SecretStore repository.

Sydney Smith

PowerShell Team



Discussion is closed. Login to edit/delete existing comments.

  • Kavanagh, John (US - Ohio) 0

    Install-Module SecretManagement -Force -AllowPrerelease should read?
    Install-Module -Name Microsoft.PowerShell.SecretManagement -AllowPrerelease

    • Sydney SmithMicrosoft employee 0

      Thanks–updating now….not sure how that slipped through the reviews 🙂

  • Bis Matrimony 0

    Great post, thanks for sharing. Picked up some good and valuable insight 😉 Bis kerala matrimony

Feedback usabilla icon