vCROCS
About Posts Tags Categories - Links - Pics - Twitter Disclaimer
vCROCS

Contents

One way to do Automation in a Zero Trust Environment

Dale Hassinger included in vRealize Automation
   462 words   3 minutes 
/automation-zero-trust/featured-image.png
Contents

Automation with Zero Trust

PowerShell Code

There are two PowerCLI commands that have become my best friends in a Zero Trust Environment.

  • Invoke-VMScript - Use to run scripts on VMs.
  • Copy-VMGuestFile - Use to copy files to/from VMs.

In this example you can use Invoke-VMScript to run commands on a VM to install Trend Deep Security. All commands run with VM in a zero trust state.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21

$VMName = 'VM Name'

#Copy file to the VM
$PSText = 'wget https://server01.vCrocs.info/software/agent/Ubuntu_18.04/x86_64/agent.deb'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

#Run the install of the agent that was copied.
$PSText = 'sudo -S <<< "Password1" sudo apt install ./agent.deb'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

#Run command to reset the agent
$PSText = 'sudo -S <<< "Password1" sudo /opt/ds_agent/dsa_control -r'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

#Run command to config the agent
$PSText = 'sudo -S <<< "Password1" sudo /opt/ds_agent/dsa_control -a dsm://server01.vCrocs.info:4120/'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

#Run command to get service staus.
$PSText = 'service ds_agent status'
$DeepSecurityServiceStatus = Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

In this example you can use Copy-VMGuestFile to copy a file to a VM and use invoke-VMScript to run commands on a VM to install agent. All commands run with VM in a zero trust state.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

$VMName = 'VM Name'

Copy-VMGuestFile -Source G:\splunkforwarder-8.0.1-6db836e2fb9e-linux-2.6-amd64.deb -Destination /home/vcrocsadmin -VM $VMNAME -LocalToGuest -GuestCredential $SSHcredsmadmin

#Run the install of the agent that was copied.
$PSText = 'sudo -S <<< "Password1" sudo apt install ./splunkforwarder-8.0.1-6db836e2fb9e-linux-2.6-amd64.deb'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

#Run command to config the agent
$PSText = 'sudo -S <<< "Password1" sudo /opt/splunkforwarder/bin/splunk enable boot-start --accept-license --answer-yes --no-prompt --seed-passwd Password1'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

#Run command to config the agent
$PSText = 'sudo -S <<< "Password1" sudo /opt/splunkforwarder/bin/splunk set deploy-poll server01.vCrocs.info:8089'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput

#Run command to get service staus.
$PSText = 'sudo -S <<< "Password1" service splunkd status'
Invoke-VMScript -VM $VMName -ScriptType Bash -ScriptText $PSText -GuestCredential $SSHcred | Select-Object -ExpandProperty ScriptOutput
  • If you like wearing Crocs and want to get a pair like I wear, follow this link to Amazon: My Favorite Crocs
  • If you found this Blog article useful and it helped you, Buy me a coffee to start my day.
Updated on 2023-10-17
Read Markdown
 PowerCLIPowerShellvRANSXvRealize AutomationVMware Aria
Back | Home