1. Rebooting...

    It has been a while since I published anything here. It has been a while since I spoke at conferences / user groups. What is going one with me? Well mostly the same as with everybody else of course. The pandemic hasn’t been good for my community life. No more traveling, no more in person conferences and user groups. It kind of put a full stop on my contributions. But this is not the whole story. …


  2. AWS Custom Config Rule backed by PowerShell

    AWS Config Rules allow you to evaluate the configuration settings of AWS resources during creation, update, deletions of such resources or on a schedule. They are used to audit resources for compliance with some defined policy. They don’t prevent you from deploying in-compliant resources as this is the realm of service control policies. A set of pre-defined (Managed) config rules exist which can easily be used, but these inbox rules might not cover the policy that needs to be evaluated. For this, AWS offers you to build your own custom config rules. A custom config rule is backed by a AWS Lambda function that contains the logic to handle the evaluation. A lot of examples can be found that use Java, Node or Python. There is also the RDK (Rule Development Kit) that can help you develop custom rules with Lambda functions in one of the, by the toolkit, supported languages (C#, Java, Node, Python). I was not able to find any example however to use PowerShell for the Lambda function. In this blog I’m providing an example to have the Lambda function use PowerShell as the language to do the evaluation with a sample use case to evaluate S3 bucket’s compliance with a naming convention. …


  3. Azure DevOps Agents as Container Instances

    The Microsoft provided hosted build agents for Azure DevOps might not suite all requirements. E.g. the Az PowerShell modules on the images provided by Microsoft are lagging behind. To compensate, in general, pipelines spend a lot of time installing dependencies to complete the job at hand. Having a custom build agent can resolves these issues as the dependencies are installed at image creation and available from there on, thus these images beter suite your needs (build for purpose). You can host build agents on any compute platform. For this solution we build docker images and host them on Azure Container Instances as it is relatively easy to create container images containing all the requirements compared to VMs. It is also far easier creating new versions as the creation of the image is fully automated. …


  4. Azure ARM Linked Templates and Complete mode

    Just a small blog post on Azure ARM Linked Template deployment and Complete mode since I couldn’t find a satisfying answer quickly enough via my favorite search engine.

    TL;DR: Linked Template resources together with the master template resources are deployed / kept / updated. Resources out of the cumulative result of master + linked templates are deleted.


  5. DSC Pull Server reloaded. Part 5: Containers!

    With Windows Server 2016, container support was introduced. Now that the Pull Server supports SQL, it felt naturally to me to try and see if the Pull Server could be containerized. A containerized Pull Server allows us to run a Pull Server anywhere where Windows Server Containers are supported (also on Windows 10!). Let’s investigate a prototype!

    On PSConfAsia and PSConfEU I demoed the Pull Server running in containers. Please see the video section for the session recordings.