Gorelo.io -- Write BitLocker Recovery Keys to custom asset fields

🗝️Store-BitlockerRecoveryKey

$ErrorActionPreference = 'SilentlyContinue' 

# Get drives where BitLocker is "On" 
$BitlockerDrives = Get-BitLockerVolume | Where-Object ProtectionStatus -EQ "On" -ErrorAction SilentlyContinue

#Get FileSystem drives 
$Drives = Get-PSDrive -PSProvider FileSystem

#Create array of Drive Names with ":" added
$DrivesName = @()
$Drives |  foreach {$DrivesName += $_.name + ':' }

#If any Bitlockered drives exist
if($BitlockerDrives){

    #Foreach Drive
    Foreach ($DriveName in $DrivesName) {

        #Confirm is drive is bitlockered
        $BitlockerDrive = $BitlockerDrives | where { $DriveName -contains $_ }

        #If specific drive is bitlockered
        if ($BitlockerDrive){

            #Get RecoveryKey 
            $RecoveryKey = $BitlockerDrive.KeyProtector | Where-Object RecoveryPassword -NE "" | Select-Object -ExpandProperty RecoveryPassword -ErrorAction SilentlyContinue
      
            #Join if multiple with ; delimiter 
            $RecoveryKey = $RecoveryKey -join ";"

            #Add the drive letter to the output
            $RecoveryKey = "$($BitlockerDrive.mountpoint)$RecoveryKey"

            #Add to other drive keys (If exist)
            $RecoveryKeys += " $RecoveryKey "

        } else { $RecoveryKeys += $DriveName + "Not Enabled" }   
        
    }

    GoreloAction -SetCustomField -Name 'asset.bitlockerRecoveryKey' -Value $RecoveryKeys

#If no bitlockered drives found
}else { 
    
    Foreach ($DriveName in $DrivesName) { 
        
        $RecoveryKeys += $DriveName + "Not Enabled " 
        
    } 
    
    GoreloAction -SetCustomField -Name 'asset.bitlockerRecoveryKey' -Value $RecoveryKeys 
    
}