Register-SecretVault
Registers a SecretManagement extension vault module for the current user.
Syntax
Default (Default)
Register-SecretVault
[-ModuleName] <String>
[[-Name] <String>]
[-VaultParameters <Hashtable>]
[-DefaultVault]
[-AllowClobber]
[-PassThru]
[-Description <String>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Important
The PowerShell team has decided that Secret modules are is feature complete and will no longer be actively developed. The modules will continue to be supported for security and critical bug fixes. The code repository will be archived.
The latest versions published are:
The nature of secrets has fundamentally changed since this project was designed. Passwordless authentication methods such as passkeys, single sign-on, and federated credential systems such as Microsoft Entra ID, biometrics, and hardware security keys are the future.
This cmdlet adds a SecretManagement extension vault to the current user's vault registry. An extension vault is a PowerShell module that conforms to the required extension vault format. This cmdlet verifies that the specified module meets conformance requirements before adding it to the extension vault registry. Extension vaults are registered to the current user and don't affect other user vault registrations.
The first vault registered with this cmdlet is automatically defined as the default vault even if the DefaultVault parameter isn't specified.
Examples
Example 1
Register-SecretVault -Name LocalStore -ModuleName Microsoft.PowerShell.SecretStore -DefaultVault
Get-SecretVault
VaultName ModuleName IsDefaultVault
--------- ---------- --------------
CredMan Microsoft.PowerShell.CredManStore False
LocalStore Microsoft.PowerShell.SecretStore True
This example registers a Microsoft.PowerShell.SecretStore extension vault for the current user.
It uses the DefaultVault parameter to make the registered vault the default vault for the user.
Get-SecretVault lists all registered vaults for the user, verifying the vault was registered and
set as the default vault.
Example 2
$parameters = @{
Name = 'Azure'
ModuleName = 'Az.KeyVault'
VaultParameters = @{
AZKVaultName = 'AzureKeyVault'
SubscriptionId = (Get-AzContext).Subscription.Id
}
DefaultVault = $true
}
Register-SecretVault @parameters
Get-SecretVault
Name ModuleName IsDefaultVault
---- ---------- --------------
Azure Az.KeyVault True
This example registers an Az.KeyVault extension vault for the current user. The Az.KeyVault module needs to be installed on prior. For the VaultParameters:
AZKVaultNamespecifies the name of the Key Vault on AzureSubscriptionIdspecifies the ID of the subscription where the Key Vault is created in
Parameters
-AllowClobber
If specified, allows the cmdlet to overwrite an existing registered extension vault with the same name.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DefaultVault
If specified, sets the new extension vault as the default vault for the current user.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Description
Describes the vault. This value is included in the vault registry information.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ModuleName
Specifies the name of the PowerShell module that implements the extension vault. Enter the name of a module or the path to the module. If you specify a name, PowerShell searches for it in the known module paths. If you specify a path, PowerShell searches that path for the module.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Name
Specifies the name of the extension vault. If no name is specified, the module name is used as the vault name.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 0 |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PassThru
Indicates that the cmdlet should return the SecretVaultInfo object for the successfully registered extension vault. By default this cmdlet doesn't return any output.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-VaultParameters
Specifies a Hashtable object containing optional key-value pairs used as parameters by the extension vault. These parameters are optional. Consult the documentation of the vault extension module to see what values are required.
Parameter properties
| Type: | Hashtable |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet isn't run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.