Read a Password from a Secure File for use with the PowerShell SDK

Quick post on how to store and retrieve passwords to automate login to the Pure Storage FlashArray using the PowerShell SDK.

We will use the basis of a previous post,  Using the PSCredential Object with the Pure Storage PowerShell Toolkit, and extend support for retrieving from a secure file.

The following line of PowerShell has to be run one time to create and store a secure password that maps to the default pureuser account. Make sure that the password you are creating is indeed the password assigned to the pureuser account on the FlashArray.  This will use the Read-Host cmdlet to display a dialog to enter a password in the form of a secure string. The file in this example is stored in the C:\Temp folder in a file named Secure-Credentials.txt

Read-Host -AsSecureString | ConvertFrom-SecureString | Out-File 'C:\Temp\Secure-Credentials.txt'

read-host

If you open the Secure-Credentials.txt file you would see the following:

Secure-Credentials

Now the password has been stored securely. The only time that the Read-Host cmdlet would be required again is to update the secure password in the file.

Using the basis from the previous post noted above we use the same script except changing the $Pwd variable to be retrieved from the Secure-Credentials.txt file.

$Pwd = Get-Content ‘C:\Temp\Secure-Credentials.txt’ | ConvertTo-SecureString
$Creds = New-Object System.Management.Automation.PSCredential ("pureuser", $pwd)
$FlashArray = New-PfaArray -EndPoint 10.21.8.17 -Credentials $Creds –IgnoreCertificateError

Now you can automate any script using the Windows Task Scheduler or other orchestrations tools.

Cheers,
barkz