Book Image

Learn PowerShell Core 6.0

By : David das Neves, Jan-Hendrik Peters
Book Image

Learn PowerShell Core 6.0

By: David das Neves, Jan-Hendrik Peters

Overview of this book

Beginning with an overview of the different versions of PowerShell, Learn PowerShell Core 6.0 introduces you to VSCode and then dives into helping you understand the basic techniques in PowerShell scripting. You will cover advanced coding techniques, learn how to write reusable code as well as store and load data with PowerShell. This book will help you understand PowerShell security and Just Enough Administration, enabling you to create your own PowerShell repository. The last set of chapters will guide you in setting up, configuring, and working with Release Pipelines in VSCode and VSTS, and help you understand PowerShell DSC. In addition to this, you will learn how to use PowerShell with Windows, Azure, Microsoft Online Services, SCCM, and SQL Server. The final chapter will provide you with some use cases and pro tips. By the end of this book, you will be able to create professional reusable code using security insight and knowledge of working with PowerShell Core 6.0 and its most important capabilities.
Table of Contents (26 chapters)
Title Page
Dedication
Packt Upsell
Contributors
Preface
Index

Security


When it comes to security, you need to consider DSC as well. Not only do your configurations contain all your sensitive operational data, passwords, connection strings, and infrastructure; Desired State Configuration is also an excellent attack vector to quickly and reliably spread malware and create general mayhem.

Securing your pull server and controlling who may push configurations to your systems is one thing you can do to secure your configurations. This can be done by employing JEA, authentication policies and silos, group policies, and in other ways. The following screenshot shows why security is very important. Notice the two plaintext credentials here for a highly privileged account.

In addition to securing your pull or build server, you need to encrypt your configurations. The only way this can be accomplished is by using certificates. The pull server needs to know all of the public keys of its nodes, and each node needs its own document encryption certificate to receive...