Some of my PowerShell scripts callout out to things like the Amazon API
How are people tackling keeping usernames/passwords/keys secret for these scripts?
For example, they can be exported in an encrypted form to a companion file (that JC also delivers)
Interested to hear what others have found works well (and what doesn't)
This is a good start.
Basically, create an encrypted credential file (as a bonus, place it in a location that only admins can get to), then use the get-credential commandlet to set your credential variables, then use those variables in the script to have it dynamically place the logins at runtime where you need them.
Here's a couple of example links and such:
Interesting, do you find the file-thing works, the first comment on the article you linked says "it must be created on the PC on which the script will be run." which in a jumpcloud running it across multiple-machines will not be the case?