Private/Remove-SensitiveData.ps1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 |
function Remove-SensitiveData { <# .SYNOPSIS Redact sensitive property values. .DESCRIPTION Redact sensitive property values prior to printing to the console. .INPUTS System.Object[] .INPUTS System.Object .NOTES - Troy Lindsay - Twitter: @troylindsay42 - GitHub: tlindsay42 .EXAMPLE Remove-SensitiveData -InputObject [PSCustomObject] @{ IncomingWebhookUri = $incomingWebhookUri } Returns the input object with the value of the IncomingWebhookUri key set to '[REDACTED]', unless the $Script:PSRyver.ForceVerbose PSRyver module configuration parameter is set to $true, in which case the value would not be masked. .EXAMPLE [PSCustomObject] @{ PlainText = 'do not display' } | Remove-SensitiveData -SensitiveProperties 'PlainText' Returns the object input via the pipeline with the value of the 'PlainText' key set to '[REDACTED]', because the SensitiveProperties parameter specified this key as sensitive. .EXAMPLE Remove-SensitiveData -InputObject [PSCustomObject] @{ Authorization = $authorization } -ForceVerbose Returns the input object with the value of the Authorization key intact regardless of whether or not the $Script:PSRyver.ForceVerbose PSRyver module configuration parameter is set to $true, because the ForceVerbose parameter mandated this. .EXAMPLE Remove-SensitiveData [PSCustomObject] @{ Authorization = $authorization } Uses a positional parameter Returns the hashtable with the Uri value set to '[REDACTED]'. .LINK https://tlindsay42.github.io/PSRyver/Private/Remove-SensitiveData/ .LINK https://github.com/tlindsay42/PSRyver/blob/master/PSRyver/Private/Remove-SensitiveData.ps1 .FUNCTIONALITY PowerShell Language #> [CmdletBinding( HelpUri = 'https://tlindsay42.github.io/PSRyver/Private/Remove-SensitiveData/' )] [OutputType( [Object[]] )] [OutputType( [Object] )] param ( # Specifies the objects to evaluate for sensitive property keys. [Parameter( Mandatory = $true, Position = 0, ValueFromPipeline = $true )] [ValidateNotNull()] [Object[]] $InputObject, # Specifies the properties that should be redacted. [Parameter( Position = 1 )] [ValidateNotNullOrEmpty()] [String[]] $SensitiveProperties = @( 'Credential', 'Authorization', 'IncomingWebhookUri', 'Token' ), <# Prevents sensitive property values from being redacted for troubleshooting purposes. *** WARNING *** This will expose your sensitive property values. #> [Parameter( Position = 2 )] [Switch] $ForceVerbose = $false ) begin { $function = $MyInvocation.MyCommand.Name Write-Verbose -Message "Beginning: '${function}'." if ( $PSBoundParameters.ContainsKey( 'ForceVerbose' ) -eq $false -and $Script:PSRyver.ForceVerbose -in $true, $false ) { $ForceVerbose = $Script:PSRyver.ForceVerbose } } process { Write-Verbose -Message ( "Processing: '${function}' with ParameterSetName '$( $PSCmdlet.ParameterSetName )' and Parameters: " + ( $PSBoundParameters | Format-Table -AutoSize | Out-String ) ) if ( $ForceVerbose -eq $true ) { $InputObject } else { if ( $InputObject -is [Hashtable] -or ( $InputObject.Keys.Count -gt 0 -and $InputObject.Values.Count -gt 0 ) ) { $return = [Hashtable] $( $InputObject.PSObject.Copy() ) foreach ( $sensitiveProperty in $SensitiveProperties ) { if ( $InputObject.ContainsKey( $sensitiveProperty ) ) { $return[$sensitiveProperty] = '[REDACTED]' } } $return } else { $InputObject | Select-Object -Property '*' -ExcludeProperty $SensitiveProperties } } } end { Write-Verbose -Message "Ending: '${function}'." } } |