Hello there,
I hope you are doing good, here is a little post on security concerns you might have while scripting tools for managing… stuff with PowerShell 😎.
The options there are pretty simple, either you store your credentials in a file which is super bad ! or you can prompt the operator using your script to provide some. This is not viable for automated script launched from an Azure Functions or through a planned task.
In this article, I would like to take the old school path where you run scripts from a VM through a scheduled task. For credentials management in Azure Functions, here is a link for the best practices.
A very nice tool for managing credentials in a secure and automated manner is the Credentials Manager :
From PowerShell, you can install the CredentialManagement module and use the provided cmdLets to Create, Retrieve or remove Credentials. Here is the way to use it :
#Install the module : Install-Module -Name CredentialManager #Create Credentials Add-StoredCredentials -UserName-Password -Type GENERIC #Remove Credentials Remove-SotredCredential -Target ' ' #Retrieve Credentials $cred = Get-SotredCredential -Target ' '
With this tool, you can then run planned scripts and stored the required credentials in a variable. Just in case, here is the way to run Scripts from the tasks scheduler:
You need to tell to run Powershell :
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe in my case
To provide arguments containing the file you want to run :
-File “
I hope you took some of it, at least a page to refer while configuring scheduled scripts 😅. See you soon in the blog section !
