Protect your environment by storing your passwords securely inside a Hashicorp Vault Server. Issue temporary passwords, use short-term certificates for private keys and store any kind of secrets in an API-powered open-source cross-platform solution. Every time an ad-hoc Powershell script becomes a scheduled job, one faces a dilemma how to securely supply such a job with a proper set of credentials. And it is a big deal: historically, almost any automation in the operations world requires elevated permissions, and thus should be handled with extreme caution.
But the reality is, when it comes to storing such credentials, we all are facing the same set of concerns:
- How to make it work without exposing the password as plaintext?
- How to ensure the passwords are rotated without manual intervention?
- How to prevent other people from seeing the password?
- How to ensure that only designated service is using the credentials?
As you may have already guessed, there is a solution to this struggle. Hashicorp Vault is an open-source software product that ticks all the right boxes and ensures secure and safe storage and retrieval of the application secrets, such as passwords and private keys.
Vault supports generating new credentials on demand and can become an issuing CA for your infrastructure. It supports a multitude of authentication protocols, including LDAP and cloud providers. A hefty list of integrations ensures that most popular products are supported out-of-the-box, including:
- Active Directory credentials
- SSH keys
- Database credentials
- Simple Key/Value pairs
- and many more
- Getting started with Vault Server
- Authentication and authorization
- Creating a first secret engine: Key/Value store
- Requesting credentials using Powershell
- Using temporary credentials
- Rotating passwords
- Vault Agent and a sidecar pattern
Why are Jupyter Notebooks everywhere and why are people running them automatically? Can they run code in every language? Why on earth did the SQL Server Tools team create PowerShell Notebooks, not the PowerShell team? Answers to these questions and many more will be covered during this session.
Jupyter Notebooks are great for training. They allow you mix code and explanations together in one document. They are also great for documentation. They can show you how to configure things and how to verify the end result. But what if we could do more than that? Onboarding someone takes a lot of time. What if when you hired a someone, you could hand them an interactive notebook with everything for getting started? Everything they need to install. Everywhere they need to get their code. A list of servers they need to connect to. Everything.
Jupyter notebooks are now being used for more than just training and simple documentation. Some patterns you may not have heard of yet: Troubleshooting Guides, Workflow Steps, Collaboration, & Operationalization.
This session will cover some examples for environment setup, collaboration, troubleshooting, and operationalization scenarios. Before this session is over, you’ll probably be starting to build Notebooks to use in your own environment ?
Linux is extremely common in any organization that practices devops, but most client devices run Windows. WSL is a great tool for engineers who need to work with Linux, but can't run 2 different machines. This talk will look at best practices to work on Linux and Windows using PowerShell. A few years ago, Jeffery Snover talked about what he called a 'Cross-Stack' engineer. This is someone who could work across not only different languages and tools, but architectures as well. That's where the Windows Subsystem for Linux comes in.
WSL is one of the most useful features to come out of Microsoft in the last few years. It has a lot of tricks and features that are extremely useful to users, but not as well-known or used as they should be, such as running commands across Windows and Linux, using separate distributions for feature testing, and exporting the state of a WSL distro.
PowerShell has run from Windows since day one, but since 2015 itâ€™s also run on Linux systems. Now that Windows and Linux can run side by side using WSL, and they can each run PowerShell, how can we use it to make our lives easier?
In this talk, Iâ€™m going to cover using WSL and how we can use it and PowerShell effectively, including topics like:
- Writing cross-platform PowerShell code
- WSL best practices
- Exporting and versioning WSL distributions
- Passing WSL bash to PowerShell and back
This talk will include some intermediate PowerShell concepts and some basic Windows and Linux concepts, and is intended for anyone who wants to learn better ways to use, interact with or manage Linux.
“Identify, Simplify, Automate”
“Can I have access to?”, “I need this mailbox.”, “I need this software installed.”, “Can you please setup this new person?”, “David has left.”
These are common requests that IT Service Desks deal with every day. Wouldn’t it be cooler so that these requests could be automated? Well, it can!
To automate we need to focus on preparing your organization (“Identify” and “Simplify”) and infrastructure for automation.
Once completed, we can effectively start “Automate’ing”.
In this session, we will be using these three tenants to create a successful "serverless" IT Service Desk Portal that is built correctly from the ground up.
In this session will cover:
1. Identifying your business goals.
2. Identifying the Infrastructure and Roles.
3. Identifying the Challenges.
1. Simplify Active Directory for RBAC.
2. Simplify your File Servers.
3. Simplify Exchange / Office 365.
4. Preparing Hybrid Runbook Workers.
5. Simplify the Existing Processes.
- Intermission (5 mins)
1. Reviewing the Solution.
2. (Discussion) How can we take this further?
Declarative DevOps Microframeworks is a holistic pattern for writing scalable DevOps codebases in PowerShell. We will first discuss core motivating DevOps/PowerShell programming concepts like declarative and functional programming, then implement a few practical Declarative DevOps Microframeworks. Declarative DevOps Microframeworks is a pattern for implementing maintainable and robust DevOps codebases in PowerShell. The pattern leverages the unique capabilities of idiomatic PowerShell to more easily tackle some of the greatest challenges in DevOps applications.
In the first half of the presentation, we will explore the core concepts that enable us to write maintainable PowerShell: Functional Programming in PowerShell and writing portable modules with clearn separation of concerns; as well as the DevOps concepts that motivate our declarative microframework pattern: Conway's Law and popular declarative DevOps tools.
In the second half, we will apply these concepts to implement our own Declarative DevOps Microframeworks. We will walk through designing an implementing a practical Declarative DevOps Microframeworks
* A **Declarative Configuration Management** microframework for optimally storing and easily querying complicated configurations spanning varying flighting rings, compliance zones, and cloud regions (datacenters), and clusters.
* A **Declarative Idempotency** microframework ([`Requirements`](https://github.com/microsoft/Requirements)) for applying the declarative Windows DSC programming paradigm to cross-platform PowerShell Core scripts.
* A **Declarative Work-Item Management** microframework for managing your work items in Azure Boards as declarative `# TODO` comments in your code.
Adapted from the series [Declarative DevOps Microframeworks](https://medium.com/@cjkuech/declarative-devops-microframeworks-9908c8d05332?source=friends_link&sk=4e361c6020912fb160e626994a6e5184).
Looking for a free solution to build a simple, serverless backend quickly? You can Google that (no, really)! This talk will cover creating a free REST API using Google Apps Script, along with leveraging Google Sheets as a simple database, message queue and logging solution and caveats involved.
Did you know that you can create simple, serverless backends with a free Gmail account? Combining Google Apps Script and Google Sheets opens up some free and fun opportunities to do just that! Building a REST API should be something that you can build and test against without worrying about shutting a server down or cleaning up resources after you are done using them for the day.
During this session, we will cover:
In this talk we will learn how to leverage PowerShell to connect to and work in REST API’s. Using PowerShell’s Invoke-RestMethod we can interact with directly with the GRAPH API.
Learn how to:
I currently serve as the CEO of the DevOps Collective INC, a nonprofit working in the technology education space. I help manage a $1M+ annual budget that includes multiple conferences and PowerShell Saturdays events across the US. The nonprofit is focused on PowerShell, automation, and DevOps, and also runs numerous free online resources including PowerShell.org. I joined the DevOps collective board in April of 2018 as the volunteer CFO and in became the CEO in July of 2019.
I am the recipient of the Microsoft MVP award in Cloud and Datacenter Management. I currently live in beautiful Chattanooga TN area with my amazing wife.
My passion lies with automation using PowerShell and all things Windows Server related and with almost a decade of experience as an infrastructure admin for a large enterprise helping to manage thousands of users and machines I have knowledge of broad range of products, from patch management, Active Directory, Group Policy, and the Windows Server operating system and much more.
Gday I’m Michael!
I’m “That Guy” who loves to ask “Why”? I like to make super cool things in PowerShell dreaming up outrageous ways to do automation.
The more outrageous the better! Battlefield 4 Aimbot in PowerShell? Why Not! Use PowerShell as a backend Webserver?
I work as a Senior Consultant at Insync Technology within the Identify and Automation team. I am super passionate about PowerShell and love working with people to level up their PowerShell skills.
I also host the Brisbane PowerShell User group, Stream regularly ongoing projects/ PowerShell lectures on Twitch and contributed to the PowerShell Conference Book.
You can catch me on twitter at @Powershellmich1 and on twitch.tv at PowerShellMichael.
Paul is a DevOps Engineer with a love of PowerShell, Automation, Chocolatey, Scottish single malt whisky and wireless earphones. He has given workshops and spoken at different events across the UK, Europe and the US. He has a real passion for passing on knowledge and loves to talk with aspiring techies.
He runs the Scottish PowerShell and DevOps User Group, is Lead Engineer on the Boxstarter and DSC cChoco Chocolatey projects and is an organiser of the DATA:Scotland event. His career has seen him work in many sectors for over 25 years. As somebody kindly put it, he's been about a bit.
In his spare time, he usually continues to stare at computer screens and works on his own or Chocolatey projects. But on those rare occasions, when he is not staring at computer screens and listening to a strange mix of music on his wireless earphones, you can find him relaxing with a nice single malt whisky and reading ... usually technical books.