Set-SecretInfo
Adds or replaces additional secret metadata to a secret currently stored in a vault.
Syntax
Set-SecretInfo
[-Name] <String>
-SecureStringSecret <SecureString>
[[-Vault] <String>]
[[-Metadata] <Hashtable>]
[-NoClobber]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-SecretInfo
[-Name] <String>
-Secret <Object>
[[-Vault] <String>]
[[-Metadata] <Hashtable>]
[-NoClobber]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-SecretInfo
-SecretInfo <SecretInformation>
[-Vault] <String>
[-NoClobber]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
This cmdlet adds additional metadata information to a stored secret. Metadata support is an optional feature for an extension vault. If a vault does not support secret metadata, the cmdlet returns an error.
Metadata is not stored securely in a vault. Metadata should not contain sensitive information.
Examples
Example 1
Set-SecretInfo -Name Secret1 -Vault Vault1 -Metadata @{ Expiration = ([datetime]::new(2022, 5, 1)) }
Get-SecretInfo -Name Secret1 -Vault Vault1 | Select-Object Name,Metadata
Name Metadata
---- --------
Secret1 {[Expiration, 5/1/2022 12:00:00 AM]}This example adds metadata to the Secret1 secret stored in Vault1 vault. Get-SecretInfo
retrieves the metadata for Secret1 to show the added metadata.
Example 2
Set-SecretInfo -Name Secret2 -Vault Vault2 -Metadata @{ Expiration = ([datetime]::new(2022, 5, 1)) }
Set-SecretInfo: Cannot set secret metadata Secret2. Vault Vault2 does not support secret metadata.This example adds metadata to the Secret2 secret stored in Vault2 vault. However, Vault2 does
not support metadata. The command fails and returns an error.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Metadata
Specifies a Hashtable containing key-value pairs to associate with the secret in the vault. The specified extension vault may not support secret metadata. If the vault does not support metadata, the operation fails and returns an error. The values of any metadata in the hashtable must be one of the following types:
- string
- int
- DateTime
Metadata is not stored securely in a vault. Metadata should not contain sensitive information.
| Type: | Hashtable |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Specifies the name of the secret to add metadata to. Wildcard characters (*) are not permitted.
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-NoClobber
Indicates that the command should error if a secret with the same name already exists in the vault. By default, this cmdlet updates the secret with the new value if it already exists.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Secret
Specifies the value of the secret. The object type must be one of the supported types:
- Byte[]
- String
- SecureString
- PSCredential
- Hashtable
| Type: | Object |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SecretInfo
Specifies a SecretInformation object describing a stored secret returned by Get-SecretInfo.
This enables copying secrets from one extension vault to another.
| Type: | SecretInformation |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SecureStringSecret
Specifies the value of the secret as a SecretString object.
| Type: | SecureString |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Vault
Specifies the name of the vault containing the secret to add or update the metadata for. Wildcard
characters (*) are not permitted. By default, this cmdlet looks for the secret in the current
user's default vault.
| Type: | String |
| Position: | 2 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Outputs
None
