Tobias Weltner started the last part of the Summit with a session on AST – Abstract Syntax Tree – and the PowerShell parser.
You can access the tokens used by the parser for instance to create a variable inventory.
AST takes you beyond the parser tokens and enables to do wonderful things to your scripts such as applying code formatting standards and expanding alias to the full
cmdlet and parameter names.
The second session was delivered by Jeff Wouters – Securing Remoting. How do you secure remoting across the Internet? How do you authenticate users?
Jeff showed us the issues around credentials and how to manage authentication – especially how to manage passwords.
The third session was a Best Practice discussion lead by Don Jones.
Code – If you don’t understand it don’t run it
PowerShell gallery – trusting the code? Who wrote it? Feedback on code. Code should have ratings.
Module storage – where and why?
What are your thoughts?
Jeffrey Snover closed the Summit with a look at Just Enough Admin – RBAC through PowerShell.
Admins are part of the attack surface.
Need to Incrementally reduce admin exposure
JEA controls admin actions through PowerShell constrained endpoints and proxy functions.
JEA toolkit available for download through DSC resource kit
Use DSC for endpoint configuration – makes it simpler and easier
Example – allow access to manage file system but not view contents of files
The last morning started with me covering OMI (WMI) and DSC on Linux. OMI can be set up but wed need more classes; DSC on Linux works in push mode and integrates very nicely with DSC for Windows.
The second session consisted of Lee Holmes and Jim Truher introducing the Await module which provides Expect type functionality for PowerShell.
They demonstrated using FTP through ISE; automating Vi and automating SSH.
I can think of lots of uses for this.
Final session of the morning was Bartosz Bielawski on dynamic parameters
Dynamic parameters only work in context – the provider context
After demonstrating using dynamic parameters Bartek then showed how to add dynamic parameters to your code – and the hoops you have to go through to get them to work
Two quotes that stuck in my mind for the future of IT:
“DSC is last chance for click next admins”
“If you can just click you’re not a professional”
Mike Pfeiffer kicked off the afternoon talking about DSC in the AWS cloud. Using DSC to bootstrap new machines and configuration scripts to complete configuration. This works in push mode but pull servers being experimented with.
Second session was Jim Truher, a founder member of the PowerShell team, talking about Testing Frameworks.
Testing frameworks are essential. Pester is a an excellent test framework for Test Driven Development. Pester is extensible as its a script module.
Our third session was Mike Marin speaking about PowerShell, devops and Windows Azure.
The final session was Lee Holmes – What Goes Bump in the Night? – looking at auditing to see what PowerShell is doing on your system
Security boundaries – once attackers get access to your machine its not your machine. Post exploitation.
Compromising administrators – means need just enough admin – don’t give unfettered access
Event forwarding great for detecting intrusions.
Forwarding occurs over WSMAN
Two days down and more good stuff to come
No not a typo. We, at PowerShell.org, will be repeating the European Summit next year. Location hasn’t been finalised but will be Northern Europe. The Summit will occur at about the same time of year. Look to PowerShell.org later in the year for more information. We are hoping to be able to put on a larger event though that has yet to be confirmed.
Your support is critical to determining the size of the event, and ensuring the future of the event.
Look forward to seeing you next year
After a very successful DSC hackathon on Monday evening we reconvened on Tuesday morning with Steve Murawski delivering his second session on DSC.
A brief discussion on devops lead into looking at DSC configurations:
- Configuration names can’t be hyphenated
- Circular dependencies are detected
- Partial named configurations allow multiple configurations working against same machine
The morning’s second session was me talking about creating cmdlets from the CIM StdRegProv class using a CDXML approach. The talk started with using a single method and demonstrated how to add validation, simplify parameter input by the use of enumerations and how CDXML modules are used within PowerShell.
Dan Harman closed the morning session by talking about classes written in PowerShell – this functionality was introduced in the September preview of WMF 5
You can already define a class and load it with Add-Type but you have to write the class in C# or another .NET language. Now you can write the class in PowerShell
Classes can have overloaded constructors and methods. All class members are public by default.
Enums are possible. Scoping is lexical not dynamic as in PowerShell
Mike Pfeiffer started the Monday afternoon session with a demonstration of using PowerShell to manage Amazon Web Services.
Dan Harman, from the PowerShell team, followed with PowerShell Repositories Unleashed. Oneget is a software package manager
Oneget has PowerShell cmdlets; a C# API and a WMI provider may follow. Originally released against a Chocolately provider – others will follow. Dan showed a nuget provider being installed
PowerShellGet is overlays OneGet and provides the ability t0 install and manage PowerShell modules
Package providers aren’t trusted by default. You can configure repositories to be trusetd – especially useful if you create your own
The third session of the afternoon was supplied by Tobias Weltner on Sophisticated Techniques of Plain Text Parsing.
PowerShell is based on text but often need to work with unstructured text data. He started with using –split and lead into using regular expressions.
Can force into CSV format by supplying headers
Experience based learning enables more sophisticated processing
Select-string can also be used to parse textual data
The final Monday session was Do custom objects dream about ETS? by Bartosz Bielawski
Bartek showed how to create custom objects and set its type. Once you have that done you can create formatting and type data to control how the data is displayed.
The Summit started with a walk through the Monad Manifesto by Jeffrey Snover. This covered the history of PowerShell, where it came from, why it came about and the features introduced with the subsequent versions.
A few highlights:
- DSC is a huge area and will expand
- ISE will be able to edit files on remote machines
- DSC resource kit now at wave 7 and more are in the pipeline
- Classes can be created in PowerShell
The futures section included the intriguing possibility that eventually there may be an open source version of PowerShell. Please note this is a possibility not a guarantee.
Second up was Steve Murawski talking about the creation of DSC resources ahead of our evening DSC resource hackathon.
Steve showed the structure of a resource and some of the gotchas such as versioning and the need to match parameter sets across the get/test/set-resource functions.
Infrastructure as code – ignore individual machines. Destroy & rebuild if there are problems
Final session of the morning was Jeff Wouters speaking on Speedy PowerShell
After explaining the pipeline Jeff started showed the impact of filtering on performance including how the new where and foreach syntax introduced in PowerShell v4 works.
He also covered how loops and workflows can impact performance
The PowerShell Summit Europe 2014 began unofficially this eveing with an informal gathering for drinks and converstation – no prizes for guessing the main topic of conversation!!
One of the greatest things about these Summits is the ability to talk to other people about what they are doing with PowerShell and to discover new ways to do things and new things to do with PowerShell.
The conversations continued over dinner and will no doubt continue through the next 3 days.
The final agenda for the PowerShell Summit is available at http://eventmgr.azurewebsites.net/event/home/PSEU14
Circumstances beyond the control of PowerShell.org have meant we’ve had to make a few changes to the agenda from that previously published