Edit

Share via

New-AzDataFactoryEncryptValue

Module:
Az.DataFactory Module

Encrypts sensitive data.

Syntax

ByFactoryName (Default) 

New-AzDataFactoryEncryptValue
    [-DataFactoryName] <String>
    [[-Value] <SecureString>]
    [-GatewayName] <String>
    [[-Credential] <PSCredential>]
    [[-Type] <String>]
    [[-NonCredentialValue] <String>]
    [[-AuthenticationType] <String>]
    [[-Server] <String>]
    [[-Database] <String>]
    [-ResourceGroupName] <String>
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

ByFactoryObject 

New-AzDataFactoryEncryptValue
    [-DataFactory] <PSDataFactory>
    [[-Value] <SecureString>]
    [-GatewayName] <String>
    [[-Credential] <PSCredential>]
    [[-Type] <String>]
    [[-NonCredentialValue] <String>]
    [[-AuthenticationType] <String>]
    [[-Server] <String>]
    [[-Database] <String>]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

Description

The New-AzDataFactoryEncryptValue cmdlet encrypts sensitive data, such as a password or a Microsoft SQL Server connection string, and returns an encrypted value.

Examples

Example 1: Encrypt a non-ODBC connection string

$Value = ConvertTo-SecureString 'Data Source=ContosoServer;Initial Catalog=catalog;user id =user123;password=******' -AsPlainText -Force
New-AzDataFactoryEncryptValue -GatewayName "WikiGateway" -DataFactoryName "WikiAdf" -Value $value -ResourceGroupName "ADF" -Type OnPremisesSqlLinkedService

The first command uses the ConvertTo-SecureString cmdlet to convert the specified connection string to a SecureString object, and then stores that object in the $Value variable. For more information, type Get-Help ConvertTo-SecureString. Allowed values: SQL Server or Oracle connection string. The second command creates an encrypted value for the object stored in $Value for the specified data factory, gateway, resource group, and linked service type.

Example 2: Encrypt a non-ODBC connection string that uses Windows authentication.

$Value = ConvertTo-SecureString -String 'Data Source=ContosoServer;Initial Catalog=catalog;Integrated Security=True' -AsPlainText -Force
$Credential = Get-Credential
New-AzDataFactoryEncryptValue -DataFactoryName "WikiADF" -GatewayName "WikiGateway" -ResourceGroupName "ADF" -Value $Value -Credential $Credential -Type OnPremisesSqlLinkedService

The first command uses ConvertTo-SecureString to convert the specified connection string to a secure string object, and then stores that object in the $Value variable. The second command uses the Get-Credential cmdlet to collect the windows authentication (user name and password), and then stores that PSCredential object in the $Credential variable. For more information, type Get-Help Get-Credential. The third command creates an encrypted value for the object stored in $Value and $Credential for the specified data factory, gateway, resource group, and linked service type.

Example 3: Encrypt server name and credentials for File system linked service

$Value = ConvertTo-SecureString "******" -AsPlainText -Force
$Credential = Get-Credential
New-AzDataFactoryEncryptValue -DataFactoryName "WikiADF" -GatewayName "WikiGateway" -ResourceGroupName "ADF" -Value $Value -Credential $Credential -Type OnPremisesFileSystemLinkedService

The first command uses ConvertTo-SecureString to convert the specified string to a secure string, and then stores that object in the $Value variable. The second command uses Get-Credential to collect the Windows authentication (user name and password), and then stores that PSCredential object in the $Credential variable. The third command creates an encrypted value for the object stored in $Value and $Credential for the specified data factory, gateway, resource group, and linked service type.

Example 4: Encrypt credentials for HDFS linked service

$UserName = ConvertTo-SecureString "******" -AsPlainText -Force
$Password = ConvertTo-SecureString "******" -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ($UserName, $Password)
New-AzDataFactoryEncryptValue -DataFactoryName "MyDataFactory" -ResourceGroupName "MyResourceGroup" -GatewayName "MyDataManagementGateway" -Type HdfsLinkedService -AuthenticationType Windows -Credential $Credential -NonCredentialValue "http://server01.com:50070/webhdfs/v1/user/username"

The ConvertTo-SecureString command converts the specified string to a secure string. The New-Object command creates a PSCredential object using the secure username and password strings. Instead, you could use the Get-Credential command to collect Windows authentication (user name and password), and then store the returned PSCredential object in the $credential variable as shown in previous examples. The New-AzDataFactoryEncryptValue command creates an encrypted value for the object stored in $Credential for the specified data factory, gateway, resource group, and linked service type.

Example 5: Encrypt credentials for ODBC linked service

$Content = ConvertTo-SecureString "UID=username@contoso;PWD=******;" -AsPlainText -Force
New-AzDataFactoryEncryptValue -ResourceGroupName $RGName -DataFactoryName $DFName -GatewayName $Gateway -Type OnPremisesOdbcLinkedService -AuthenticationType Basic -NonCredentialValue "Driver={SQL Server};Server=server01.database.contoso.net; Database=HDISScenarioTest;" -Value $content

The ConvertTo-SecureString command converts the specified string to a secure string. The New-AzDataFactoryEncryptValue command creates an encrypted value for the object stored in $Value for the specified data factory, gateway, resource group, and linked service type.

Parameters

-AuthenticationType

Specifies the type of authentication to be used to connect to the data source. The acceptable values for this parameter are:

  • Windows
  • Basic
  • Anonymous.

Parameter properties

Type:String
Default value:None
Accepted values:Windows, Basic, Anonymous
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:6
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Credential

Specifies the Windows authentication credentials (user name and password) to be used. This cmdlet encrypts the credential data you specify here.

Parameter properties

Type:PSCredential
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:3
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Database

Specifies the database name of the linked service.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:8
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DataFactory

Specifies a PSDataFactory object. This cmdlet encrypts data for the data factory that this parameter specifies.

Parameter properties

Type:PSDataFactory
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

ByFactoryObject
Position:0
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-DataFactoryName

Specifies the name of a data factory. This cmdlet encrypts data for the data factory that this parameter specifies.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

ByFactoryName
Position:1
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Parameter properties

Type:IAzureContextContainer
Default value:None
Supports wildcards:False
DontShow:False
Aliases:AzContext, AzureRmContext, AzureCredential

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-GatewayName

Specifies the name of the gateway. This cmdlet encrypts data for the gateway that this parameter specifies.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:2
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-NonCredentialValue

Specifies the non-credential part of the Open Database Connectivity (ODBC) connection string. This parameter is applicable only for the ODBC linked service.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:5
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ResourceGroupName

Specifies the name of an Azure resource group. This cmdlet encrypts data for the group that this parameter specifies.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

ByFactoryName
Position:0
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-Server

Specifies the server name of the linked service.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:7
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Type

Specifies the linked service type. This cmdlet encrypts data for the linked service type that this parameter specifies. The acceptable values for this parameter are:

  • OnPremisesSqlLinkedService
  • OnPremisesFileSystemLinkedService
  • OnPremisesOracleLinkedService
  • OnPremisesOdbcLinkedService
  • OnPremisesPostgreSqlLinkedService
  • OnPremisesTeradataLinkedService
  • OnPremisesMySQLLinkedService
  • OnPremisesDB2LinkedService
  • OnPremisesSybaseLinkedService

Parameter properties

Type:String
Default value:None
Accepted values:OnPremisesSqlLinkedService, OnPremisesFileSystemLinkedService, OnPremisesOracleLinkedService, OnPremisesOdbcLinkedService, OnPremisesPostgreSqlLinkedService, OnPremisesTeradataLinkedService, OnPremisesMySQLLinkedService, OnPremisesDB2LinkedService, OnPremisesSybaseLinkedService, HdfsLinkedService
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:4
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Value

Specifies the value to encrypt. For an on-premises SQL Server linked service and an on-premises Oracle linked service, use a connection string. For an on-premises ODBC linked service, use the credential part of the connection string. For on premises file system linked service, if the file system is local to the gateway computer, use Local or localhost, and if the file system is on a server different from the gateway computer, use \\servername.

Parameter properties

Type:SecureString
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:1
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

PSDataFactory

String

Outputs

String

Notes

  • Keywords: azure, azurerm, arm, resource, management, manager, data, factories