Hi, I was just reading the documentation and noticed that cmdlets like the following do not work on PowerShell 7:
What are the alternatives to encrypting and storing the credentials to connect to a vCenter?
There are several options, depends a bit how secure you want the store to be and how much money you want to spend.
The simplest is to emulate what the ViCredentialStoreItem cmdlets were doing, use a local command or API.
On Linux crypt, gnuPG ... come to mind.
The basic issue with most of these is that you have to find a way to safely store your private key.
The DPAPI, on which the ViCredentialSToreItem cmdlets were based, used a key specifically for a user and computer.
If you have money to spend, you look at commercial products like HashiCorp's Vault (like Chip mentioned).
On the other hand, MSFT has announced that they are developing their Secret Management Module.
In my personal opinion, this would tie in more closely with PowerShell (and hence PowerCLI).
But I could be wrong :smileygrin:
In summary: this is kind of a moving target at the moment.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I'd probably involve Hashicorp Vault for that purpose for this and other needs.
There are several options, depends a bit how secure you want the store to be and how much money you want to spend.
The simplest is to emulate what the ViCredentialStoreItem cmdlets were doing, use a local command or API.
On Linux crypt, gnuPG ... come to mind.
The basic issue with most of these is that you have to find a way to safely store your private key.
The DPAPI, on which the ViCredentialSToreItem cmdlets were based, used a key specifically for a user and computer.
If you have money to spend, you look at commercial products like HashiCorp's Vault (like Chip mentioned).
On the other hand, MSFT has announced that they are developing their Secret Management Module.
In my personal opinion, this would tie in more closely with PowerShell (and hence PowerCLI).
But I could be wrong :smileygrin:
In summary: this is kind of a moving target at the moment.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
On a side note, with proxy functions, you can use your own code to change the ViCredentialStoreItem cmdlets.
I did a session on that at the PowerShell + DevOps Global Summit 2019.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference