If you need to connect to Microsoft Azure frequently, it might be useful to store your tenant information. Why? It brings comfort while giving up security. It’s your choice. In this blog post I will show you a walkthrough how to connect to Azure with stored credentials. The credentials are encryptet with a certificate. Let’s move on.
Create the Certificate
In order to store your credentials in an encrypted form you need to create a certificate for data encipherment. Select a DnsName of your choosing.
New-SelfSignedCertificate -DnsName pewa2303 -CertStoreLocation "Cert:\CurrentUser\My" ` -KeyUsage KeyEncipherment,DataEncipherment,KeyAgreement -Type DocumentEncryptionCert
Create the Password File
In this step you need to create an empty text file we will need later on.
New-Item -ItemType File -Path C:\Temp\pwd.txt
Encrypt the plain text Password
Now we use the Protect-CmsMessage cmdlet to encrypt the plain text password and save it in our newly created empty file pwd.txt. Have an eye on the -To parameter, you have to fill in your dns name of the certificate.
'123user!' | Protect-CmsMessage -To cn=pewa2303 -OutFile C:\Temp\pwd.txt
Create the Credential Object and connect to Azure
Now we come to the final part where we create the credential object for further processing. Provide your username here.
$password = ConvertTo-SecureString (Unprotect-CmsMessage -Path C:\Temp\pwd.txt) -AsPlainText -Force $cred= New-Object System.Management.Automation.PSCredential ('firstname.lastname@example.org', $password)
Now let’s do the magic.
Connect-AzAccount -Credential $cred
Wow, that rocks!