Warning about Breaking changes in the cmdlet 'Get-AzKeyVaultSecret' SecretValueText deprecated Az4.6.1

This can be done with:

Get the secret with:

$secret = Get-AzKeyVaultSecret -VaultName {YourVaultName} -Name {YourSecret}
$pass = $secret.SecretValue | ConvertFrom-SecureString -AsPlainText

This is the same as $secret.SecretValueText

Well, even if the SecretValueText will be deprecated, there is a way that will always work.

Just use $secret.SecretValue, it is a System.Security.SecureString, we just need to convert it to String, the $Password below is what you want.

$secret = Get-AzKeyVaultSecret -VaultName joykeyvault -Name mySecret123
$SecurePassword = $secret.SecretValue
$Password = [System.Net.NetworkCredential]::new("", $SecurePassword).Password

Microsoft documentation has now been updated This example is taken from the latest docs

$secret = Get-AzKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret'
$secretValueText = '';
$ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secret.SecretValue)
try {
    $secretValueText = [System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr)
} finally {
    [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)
}
Write-Host "Secret Value is:" $secretValueText

Secret Value is: P@ssw0rd