When reading out MyCertificate.PrivateKeyPem, it is not handled as a sensitive variable and gets printed out in the log. Shouldn’t the PrivateKeyPem be handled as a sensitive variable, as this is a private key?
Thanks for getting in touch!
We make the best effort to hide sensitive variables within the task log but this isn’t entirely foolproof. The main intention is preventing sensitive variables from being accidentally exposed, but there are times that some values may appear that you wish to remain hidden.
It is necessary to ensure correct user permission limits and scoping of variables and certificates to protect against this kind of situation.