I want to be able to securely operate on an IIS website's connection strings using PowerShell. How can I do this safely? I do not want to expose any password information. For example, does the following script have any concerns if you were a security expert?
Import-Module WebAdministration
$destination = 'NewSql'
$sitePath = 'Default Web Site'
$connectionStringList = ( get-webconfiguration $sitePath -filter "connectionStrings/add" -ErrorAction SilentlyContinue ).Where( { $_.connectionString -match 'Initial Catalog *=|Database *=' } )
foreach($string in $connectionStringList){
$cs = New-Object System.Data.SqlClient.SqlConnectionStringBuilder $string.connectionString -ErrorAction SilentlyContinue
if ($null -ne $cs)
{
Copy-DbaDatabase -Source $cs.DataSource -Destination $destination -Database $cs.InitialCatalog
}
}