Packer.Images/scripts/ADDS/payload/Provision-VaultPassword.ps1

[CmdletBinding()]
Param(
    [Parameter()]
    [string]$VaultAPIAddress,
    [Parameter()]
    [string]$VaultToken,
    [Parameter()]
    [string]$VaultPwPolicy,
    [Parameter(Mandatory)]
    [string]$Container,
    [Parameter(Mandatory)]
    [string]$Username
)

$InvokeWebRequestSplat = @{
    Uri     = "$($VaultAPIAddress)/sys/policies/password/$($VaultPasswordPolicy)/generate"
    Headers = @{'X-Vault-Token'="$VaultToken"} 
}
$NewPassword = (Invoke-WebRequest @InvokeWebRequestSplat | ConvertFrom-Json).data.password

$InvokeWebRequestSplat = @{
    Uri     = "$($VaultAPIAddress)/secret/data/$($Container)"
    Method  = 'POST'
    Headers = @{'X-Vault-Token'="$VaultToken"}
    Body    = @{
        data = @{
            "password.$($Username)" = $NewPassword
        }
    } | ConvertTo-Json
}
Invoke-WebRequest @InvokeWebRequestSplat

Return $NewPassword
Provision Vault passwords;Reorder group membership 2021-03-10 09:02:55 +00:00			`[CmdletBinding()]`
			`Param(`
			`[Parameter()]`
			`[string]$VaultAPIAddress,`
			`[Parameter()]`
			`[string]$VaultToken,`
			`[Parameter()]`
			`[string]$VaultPwPolicy,`
			`[Parameter(Mandatory)]`
			`[string]$Container,`
			`[Parameter(Mandatory)]`
			`[string]$Username`
			`)`

			`$InvokeWebRequestSplat = @{`
			`Uri = "$($VaultAPIAddress)/sys/policies/password/$($VaultPasswordPolicy)/generate"`
			`Headers = @{'X-Vault-Token'="$VaultToken"}`
			`}`
			`$NewPassword = (Invoke-WebRequest @InvokeWebRequestSplat \| ConvertFrom-Json).data.password`

			`$InvokeWebRequestSplat = @{`
			`Uri = "$($VaultAPIAddress)/secret/data/$($Container)"`
			`Method = 'POST'`
			`Headers = @{'X-Vault-Token'="$VaultToken"}`
			`Body = @{`
			`data = @{`
			`"password.$($Username)" = $NewPassword`
			`}`
			`} \| ConvertTo-Json`
			`}`
			`Invoke-WebRequest @InvokeWebRequestSplat`

			`Return $NewPassword`