I suggest you...

Set-OctopusVariable to support -IsSensitive flag

The Set-OctopusVariable (and its counterparts for other scripting languages) should support an -IsSensitive flag such that if a variable is marked as sensitive it will not leak into a log.

40 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    James Webster shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    3 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Tim May commented  ·   ·  Flag as inappropriate

        Agreed. Our organisation uses KeePass as a store for protected secrets (usually passwords, but also API keys and other similar sensitive values. While we could copy these in to OD, we prefer the ability to use the scripting API and OD service account permissions to pull the correct (latest) value from the KeePass source-of-truth at deployment time. The downside, is that setting variables in script can not be marked sensitive, so we risk the values leaking into log statements.

      • Mani commented  ·   ·  Flag as inappropriate

        has there been any more discussion in this area? Or is there another way to accomplish this?

        Thanks!

      Feedback and Knowledge Base