Showing all posts tagged: 'PowerShell'

A 15-post collection

Enforcing TLS version on Azure WebApps with Resource Manager Policies

Azure Policies are an amazing, albeit well-hidden, feature that allow subscription administrators to define and enforce specific rules on how Azure Resources should be deployed. [Azure Policies](https://docs.microsoft.com/en-us/azure/azure-policy/azure-policy-introduction" target="_blank) have been around for a long time, however they only became a first-class feature on Azure recently by getting a dedicated section in the portal. Therefore, when working with Azure Policies in the portal these days, you can now see all the definitions and assignments in one central place, making it easier to manage infrastructure and set explicit rules to enforce …[read more]

Restrict public access to your Azure Web Apps with the IPSecurityRestrictions option

This is a little unknown gem that I've used a few times as I help customers secure access to their Azure Web Apps.. Traditionally, if one wants to restrict access to a website running on a VM (i.e IaaS) then they can make use of Firewalls to ensure that everything goes through a single endpoint and access is restricted. However, as we move to the cloud and further up the stack (PaaS or FaaS) we give lose some of that tight control for the benefit of using a managed service! But what if you wanted to run your website …[read more]

A new Powershell experience with Visual Studio Code

PowerShell is an amazing tool used heavily to manage a plethora of Windows and Microsoft services. With the release of the latest PowerShell as a cross-platform tool, this experience has been extended to Linux and MacOS as well. You can use PowerShell to do pretty much anything, from managing Windows OS features, to configuring SharePoint and SQL to executing maintenance tasks and even run code (.NET). Yes, that's right. Because PowerShell was built with code execution and extensibility in mind, you can easily import any .NET Framework APIs and work directly with them embedding C# code inside your scripts. In …[read more]

List all RBAC permissions for all resources in Azure

I wanted to figure out how to obtain a list of all Resource Based Access Control[RBAC](https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-control-configure" target="_blank) permissions for all the resources in one of my Azure subscription. This is a great way for Azure administrators to run reports that can quickly identify any issues with wrongly assigned permissions. To do this quickly and efficiently while automating the whole process I'll use PowerShell. The PoSH script is fairly straightforward and only requires a few steps: Login to Azure Select the right subscription (optional, if more than one) Retrieve …[read more]

Run SSH with PowerShell

I'm currently working on a somewhat restricted environment where we have to run SSH commands on a Windows Server. The commands are needed to configure certain settings on a Linux machine running [Puppet](https://puppet.com/product/capabilities/orchestration" target="_blank) (the orchestration tool). This is the first time I had to use this setup so, as with everything else, I had to work out how to do it - and then blog about it! For the purpose of this post, I provisioned a small Ubuntu VM on Azure in order to be able to SSH into it …[read more]

Automate login for Azure Powershell scripts with Service Principals

Automation is great. It's the bedrock of any successful IT department and the default solution for any task that has to be repeated more than once. I'm a big proponent of automation and, since I spend most of my time in Azure, I try to automate as many tasks as I can. Today, I'll explain how to automate your Azure login in order to allow your scripts to run without any supervision. Disclaimer: many of these tasks should be running using the [Azure Automation service](https://azure.microsoft.com/en-us/services/automation/" target="_blank) because of better integration …[read more]

Configure a RunOnce task on Windows

Today was one of these days. Faced with a new problem I've never come across before. I was trying to configure a task to run once and only once on the server was provisioned for the first time. Something like a bootstrap script. In my quest to solve that problem, I came across a thing called Run and RunOnce registry keys! What are Run(Once) registry keys? Who knew that these things even existed, but here we are. So what do these keys really do? Let's grab the definition from the official documentation on [MSDN](https://msdn.microsoft.com/en-us/ …[read more]

PowerShell for the Gui People or FTGP

Yes seriously, that's the title of this post. And I'll explain why. Many of us use PowerShell (PoSH) for automation. If you are working on Windows and you don't use PoSH for automating and scripting basic tasks then you're missing out big. PoSH, which started as one of the first Open Source projects in Microsoft, is deeply ingrained into Windows. Both on the server and the client. It's a beautiful and powerful scripting language that allows you to not only manage you Windows OS but services such as BizTalk, SQL Server, IIS etc. The list is big. Microsoft Azure also …[read more]