I am wondering if anyone has worked with cmdlets that take a SharedKey parameter in VBR PowerShell, and noticed that some do not take SecureString as a parameter. I’ve identified *-VBRAzureBlobAccount but it seems that Amazon and Google are in a similar situation. However, I’ve also compared to VBO cmdlets, and the equivalent VBOAzureBlobAccount does take SecureString for the SharedKey parameter.
By comparison, the *-VBRCredentials cmdlets permit either a clear text string for Password or a PSCredential object (which by the way uses a SecureString for the password). While SecureString has known limitations, it seems a little odd for these *-VBR*Account cmdlets to not use SecureString for the SharedKey. It seems to limit the ability to securely prompt a user running an install script for the key from the cloud storage provider via Read-Host -AsSecureString and have it seamlessly pass to the cmdlets.
Is there a way I’m missing? Or does anyone have a sample for how to securely handle the process as is? Would there be other options if a REST API call was built for handling the creation of the AzureBlobAccount (I don’t have much experience with the VBR REST API but understand the general concepts).
