Index syndication
comment syndication

AWS PowerShell Lambda Build Environment for Docker

If you’re deploying an AWS PowerShell Lambda (which is PowerShell Core 6.0) in a build pipeline, you’ll likely come across the fact that the older PowerShell docker images don’t have Dotnet Core installed.

The .NET Core 3.0 .NET Core 3.0 SDK Docker images now contain PowerShell Core, but since AWS still uses .NET Core 2.1 which is in Long Term Support, you’re out of luck.

Therefore if you’re deploying your lambda from your CI pipeline using docker, then you need a build environment which has:

  • PowerShell Core 6
  • .NET Core 2.1
  • AWS Tools for PowerShell

You’ve come to the right place. Here is a DockerFile you can use to build your Lambda deployment environment. Make sure you choose the AWS PowerShell Tools module you need in the last line:

An example of how you can build and use this image in a pipeline is below. I use Buildkite, so YMMV:

Launch Windows Server 2016 Nano in AWS with Powershell

Amazon Web Services yesterday announced they now have Amazon Machine images available for Windows Server 2016. This includes Nano Server, a perfect solution for a roll your own IaaS server to host your .NET Core APIs.

Windows Server 2016 Nano Server -A cloud-native, minimal install that takes up a modest amount of disk space and boots more swiftly than the Datacenter version, while leaving more system resources (memory, storage, and CPU) available to run apps and services.

One of the interesting things about Nano for existing Windows server users, is you can only access it via PowerShell/WinRM for managment of the server. You can quickly spin up a new instance of nano in your PowerShell console (already configured for AWS):

Once the instance has started up, you can get the Admin credentials using your EC2 Key, and establish a remote PowerShell session:

This leaves you with an established PowerShell session to the remote server, which can be shown as follows:
C:\> $session
Id Name ComputerName ComputerType State ConfigurationName Availability
-- ---- ------------ ------------ ----- ----------------- ------------
2 Session2 172.19.1.67 RemoteMachine Opened Microsoft.PowerShell Available

 

You are now able to invoke remote commands on your Nano server:
C:\> Invoke-Command -Session $session -ScriptBlock { Get-Process | Select ProcessName, Id |ft }
ProcessName Id
----------- --
amazon-ssm-agent 1792
csrss 496
EMT 1088
Idle 0
LiteAgent 828
lsass 556
services 544
smss 360
svchost 648
svchost 692
svchost 768
System 4
wininit 520
WmiPrvSE 1236
wsmprovhost 1468

 

If you just want to jump onto the remote server, you can Enter the Session:
C:\> Enter-PSSession -Session $session
[172.19.1.67]: PS C:\Users\Administrator\Documents> $StartTime = (Get-Date) - (New-TimeSpan -Day 1)
[172.19.1.67]: PS C:\Users\Administrator\Documents> Get-WinEvent -FilterHashTable @{LogName='System'; Level=2; StartTime=$StartTime}
| select TimeCreated, Message
TimeCreated Message
----------- -------
10/21/2016 2:36:36 AM Task Scheduler service failed to start Task Compatibility module. Tasks m...
10/21/2016 2:36:15 AM The Virtualization Based Security enablement policy check at phase 6 fail...
10/21/2016 2:36:15 AM The Virtualization Based Security enablement policy check at phase 0 fail...
10/20/2016 4:18:55 AM Task Scheduler service failed to start Task Compatibility module. Tasks m...
10/20/2016 4:18:48 AM The Virtualization Based Security enablement policy check at phase 6 fail...
10/20/2016 4:18:48 AM The Virtualization Based Security enablement policy check at phase 0 fail...
10/20/2016 4:14:42 AM Task Scheduler service failed to start Task Compatibility module. Tasks m...
10/20/2016 4:14:11 AM The Virtualization Based Security enablement policy check at phase 6 fail...
10/20/2016 4:14:11 AM The Virtualization Based Security enablement policy check at phase 0 fail...
10/20/2016 11:12:05 AM The Virtualization Based Security enablement policy check at phase 6 fail...
10/20/2016 11:12:05 AM The Virtualization Based Security enablement policy check at phase 0 fail...

[172.19.1.67]: PS C:\Users\Administrator\Documents> Exit-PSSession

 

Don’t forget once you are finished to remove the session:
Remove-PSSession -Session $session
 

Given that this instance has no local console, you will have to maintain and access it fully using PowerShell. Time to skill up on your PowerShell skills. If you would like to read more on remotely managing the instance, Microsoft have documented how to manage Nano Server. It’s a good next step to read.

Powershell: AWS and IAM policy retrieval

I’ve recently been working more day to day on Amazon Web Services, and I found it a little unwieldy to navigate around policy documents assigned to IAM groups.

Sometimes you just want to have a local copy of the policies to edit/play with/look at.

Therefore, I came up with a quick script to solve this. Enjoy…
Of course, the AWS SDK for Powershell is required.

PowerShell to Configure BizTalk Server 2013 Host and Host Instances

Everyone loves automated processes.

With BizTalk 2013 if you want to provide a repeatable install; you need automation. PowerShell is where it’s at.
Lucky for me, other very skilled people already have written PowerShell scripts providing the capability to create hosts and host instances. Sandro Pereira has written and published a PowerShell script to create your BizTalk host instances based upon the best practice of host separation. However, it’s only written for BizTalk 2010.

I’ve gone and modified it for BizTalk 2013. It provides the exact same capability, with BizTalk 2013 capabilities.
This includes new Receive Port Handlers:

  • SB-Messaging
  • SFTP
  • WCF-BasicHttpRelay
  • WCF-NetTcpRelay

And New Send Port Handlers:

  • SB-Messaging
  • SFTP
  • WCF-BasicHttpRelay
  • WCF-NetTcpRelay
  • WCF-WebHttp (the new adapter supporting REST)

The diff to the BTS2010 version from Sandro is:

You can grab my updated BizTalk 2013 script over at my BizTalk 2013 GitHub repository.