Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Azure CLI quickstart or Azure PowerShell quickstart demonstrate how to store a single-line secret. You can also use Key Vault to store a multi-line secret, such as a JSON file or RSA private key.
Multi-line secrets cannot be passed to the Azure CLI az keyvault secret set command or the Azure PowerShell Set-AzKeyVaultSecret cmdlet through the commandline. Instead, you must first store the multi-line secret as a text file.
For example, you could create a text file called "secretfile.txt" containing the following lines:
This is my
multi-line
secret
Set the secret using Azure CLI
You can then pass this file to the Azure CLI az keyvault secret set command using the --file
parameter.
az keyvault secret set --vault-name "<your-unique-keyvault-name>" --name "MultilineSecret" --file "secretfile.txt"
You can then view the stored secret using the Azure CLI az keyvault secret show command.
az keyvault secret show --name "MultilineSecret" --vault-name "<your-unique-keyvault-name>" --query "value"
The secret will be returned with \n
in place of newline:
"This is\nmy multi-line\nsecret"
The \n
above is a \
and n
character, not the newline character. Quotes "
are included in the string.
Set the secret using Azure Powershell
With Azure PowerShell, you must first read in the file using the Get-Content cmdlet, then convert it to a secure string using ConvertTo-SecureString.
$RawSecret = Get-Content "secretfile.txt" -Raw
$SecureSecret = ConvertTo-SecureString -String $RawSecret -AsPlainText -Force
Lastly, you store the secret using the Set-AzKeyVaultSecret cmdlet.
$secret = Set-AzKeyVaultSecret -VaultName "<your-unique-keyvault-name>" -Name "MultilineSecret" -SecretValue $SecureSecret
You can then view the stored secret using the Azure CLI az keyvault secret show command or the Azure PowerShell Get-AzKeyVaultSecret cmdlet.
az keyvault secret show --name "MultilineSecret" --vault-name "<your-unique-keyvault-name>" --query "value"
The secret will be returned with \n
in place of newline:
"This is\nmy multi-line\nsecret"
The \n
above is a \
and n
character, not the newline character. Quotes "
are included in the string.
Next steps
- Read an Overview of Azure Key Vault
- See the Azure CLI quickstart
- See the Azure CLI az keyvault commands
- See the Azure PowerShell quickstart
- See the Azure PowerShell Az.KeyVault cmdlets