Powershell related code snippets

Azure’s YAML provisioning templates

Azure’s ARM templates have been a rite of passage for all Azure engineers.  No one who has been working with the cloud at any depth will be without late-night stories of frustration.  The Azure Resource Manager is a service that accepts specially constructed JSON templates and uses those templates to provision each object represented within.

Programmatically retrieving ‘latest’ Azure REST API versions

Every object in Azure is identified by a unique, hierarchy-based Resource ID.

Every object type has an associated range of different API versions that act as different schemas for that object type.

Enabling Azure Point-to-site-VPN

Using Azure's Point-to-site vpn avoids having to expose ssh or winrm ports to the internet to get onto the systems.

Before a Point-to-site VPN can be established, a Virtual Network Gateway must be created.  This will be associated with the Virtual Network that will be accessible.

Access to the network will be controlled by certificates.

Create an Azure Application & SPN with Certificate Authentication

This PowerShell code snippet creates an Azure AD application registration with an associated SPN and self-signed certificate for Azure authentication.

I've used this for generating certificates that Virtual Machines can use for authenticating to Azure as an alternative to Managed Identities.

Using Azure Automation to generate a certificate

Some time back I had cause to demonstrate the possibility of using Azure Automation in generating time limited certificates for use with Azure.  It turned out to be more difficult than I thought as certificate creation on a local server or desktop uses the COM based CryptoAPI... which isnt available for use with Automation Runbooks.

This example script used the brilliant "Bouncy Castle" library for creating certificates.

SCCM Application Objects - Enhanced Registry Detection

Over the years I've posted a number of atricles related to using PowerShell with SCCM.  The most read of these was about creating SCCM Applications with Enhanced Detection methods - specifically for File Based Detection.  A number of people have asked for an example of the same script using Registry based detection for installed applications.

Not to go over old ground - the earlier blogs that may be of interest are found here:

PowerShell DSC - using an IP address to Configure a Workgroup Machine


PowerShell’s Desired State Configuration is becoming a core component of Windows and is included with the installation of PowerShell 5.

Earlier I wrote about enabling WinRM using a self-signed certificate (http://www.laurierhodes.info/?q=node/115).   Use those instructions to configure WinRM on a newly built machine.

Using Azure Automation with only REST API’s

Azure Automation is the next step in Microsoft’s Orchestration path.  Using predefined workflows / with REST/Odata/WebAPI has been a core component of Orchestrator, Service Management Automation and the Cloud based Azure Automation.

Hardware Reporting with PowerShell

WMI is easy to use and great for querying information about remote machines.  It’s the obvious choice for reporting on hardware usage – especially for scoping EC2 instances.  What is a little more interesting is using the retrieved information to construct a report.

Enabling Windows Remote Management (WinRM) with HTTPS

Windows Remote Management is a core technology for the remote management and configuration of Windows machines.  WinRM is essential for automating complex Azure and AWS tasks.  This guide will outline how to establish WinRM using SSH and a self-signed certificate.  A certificate issued from a Certificate Authority would be preferable but for the purpose of establishing a test environment, the steps below are enough to get the technology working.

This demonstration is in three parts.


Subscribe to RSS - PowerShell