Skip to content

JeaRoles.adoc

Latest commit

 

History

History
109 lines (90 loc) · 2.53 KB

JeaRoles.adoc

File metadata and controls

109 lines (90 loc) · 2.53 KB

DSC Resource 'JeaRoles'

JeaRoles defines Just Enough Administration (JEA) role capabilities specifying allowed commands and functions.

When to use 'JeaRoles'

Use this resource when you need to define what PowerShell cmdlets, functions, and scripts a JEA role can execute. Role capabilities are the building blocks of JEA, defining the precise set of commands available to users connecting through JEA endpoints configured by JeaEndpoints.

Source

DSC Resource

Documentation
Table 1. Attributes of category 'JeaRoles'
Parameter Attribute DataType Description Allowed Values

Roles

Mandatory

Hashtable[]

set of JEA roles
Table 2. Attributes of category 'JeaRoles/Roles'
Parameter Attribute DataType Description Allowed Values
Example
JeaRoles:
  Roles:
    - Path: C:\Program Files\WindowsPowerShell\Modules\Test\RoleCapabilities\Test1.psrc
      VisibleFunctions:
        - F1
        - F2
        - F3
      FunctionDefinitions:
        - Name: F1
          ScriptBlock: |
            Get-Date
            Write-Host Hello World
        - Name: F2
          ScriptBlock: |
            Get-Process | Where-Object { $_.WS -gt 100MB }
            Dir C:\
        - Name: F3
          FilePath: C:\Temp\JeaRoleTest.ps1
      VisibleCmdlets:
        - Get-Date
        - Name: Get-Process
          Parameters:
            - Name: Name
              ValidatePattern: a*
      VisibleExternalCommands:
        - C:\Windows\System32\whoami.exe
        - C:\Windows\System32\ipconfig.exe

    - Path: C:\Program Files\WindowsPowerShell\Modules\Test\RoleCapabilities\Test2.psrc
      VisibleFunctions:
        - F3
      FunctionDefinitions:
        - Name: F3
          ScriptBlock: |
            Get-Date
            Write-Host Hello World
See also