Use the attached module to encrypt and decrypt using Azure Key Vault. A more in depth explanation is described here in my other blog. This module can be uploaded as is in Azure Automation by importing it in the Azure Automation Modules. Otherwise, you can use this in local PowerShell as well by extracting the zip file in one of the PSModulePath in PowerShell.

Sample PowerShell code to use this module in Azure Automation:

 

PowerShell
Edit|Remove
[System.Reflection.Assembly]::LoadFrom(“C:\Modules\User\KeyVaultDecryptor\KeyVaultDecryptor.dll”) | Out-Null ##For Azure Automation that is the path where modules get uploaded 
 
$VaultAddress=”https://****.vault.azure.net” 
 
$ClientId=”99b*****************1cb91d” 
 
$ClientSecret=”Cjl*****************yfTJes0U=” 
 
$KeyVaultClient = New-Object KeyVaultDecryptor.KeyVaultDecryptor -argumentlist $VaultAddress$ClientId$ClientSecret 
 
$encrypt = $KeyVaultClient.EncryptText(“Administrator@123”) 
 
$decrypt = $KeyVaultClient.DecryptText($encrypt)