functions/Disable-TssSecret.ps1

function Disable-TssSecret {
    <#
    .SYNOPSIS
    Disable a secret from Secret Server
 
    .DESCRIPTION
    Disables a secret from Secret Server
 
    .PARAMETER TssSession
    TssSession object created by New-TssSession
 
    .PARAMETER Id
    Secret ID to disable (mark inactive)
 
    .PARAMETER Raw
    Output the raw response from the REST API endpoint
 
    .EXAMPLE
    PS C:\> $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
    PS C:\> Disable-TssSecret -Id 93
 
    Disables secret 93
 
    .NOTES
    Requires TssSession object returned by New-TssSession
    #>

    [cmdletbinding(SupportsShouldProcess)]
    param(
        # TssSession object passed for auth info
        [Parameter(Mandatory,ValueFromPipeline)]
        [TssSession]$TssSession,

        # Delete only specific Secret, Secret Id
        [Parameter(Mandatory,ValueFromPipelineByPropertyName)]
        [Alias("SecretId")]
        [int[]]
        $Id,

        # output the raw response from the API endpoint
        [switch]
        $Raw
    )
    begin {
        $tssParams = . $GetParams $PSBoundParameters 'Disable-TssSecret'
        $invokeParams = @{ }
    }

    process {
        if ($tssParams.Contains('TssSession') -and $TssSession.IsValidSession()) {

            foreach ($secret in $Id) {
                $uri = $TssSession.SecretServer + ($TssSession.ApiVersion, "secrets", $secret.ToString() -join '/')

                $invokeParams.Uri = $Uri
                $invokeParams.PersonalAccessToken = $TssSession.AccessToken
                $invokeParams.Method = 'DELETE'

                if (-not $PSCmdlet.ShouldProcess("$($invokeParams.Method) $uri")) { return }
                try {
                    $restResponse = Invoke-TssRestApi @invokeParams -ErrorAction Stop -ErrorVariable err
                } catch {
                    $apiError = $err | ConvertFrom-Json
                    if ($apiError.errorCode) {
                        throw "$($apiError.errorCode): $($apiError.message)"
                    } elseif ($apiError.message) {
                        throw $apiError.message
                    } else {
                        throw $err
                    }
                }

                if ($Raw) {
                    $restResponse
                }
                if (-not $Raw) {
                    [PSCustomObject]@{
                        Id         = $restResponse.id
                        ObjectType = $restResponse.objectType
                    }
                }
            }
        } else {
            Write-Warning "No valid session found"
        }
    }
}