AWS Tools for PowerShell 6 E-Book

BIRMINGHAM - MUMBAI

AWS Tools for PowerShell 6

Copyright © 2017 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: August 2017

Production reference: 1020817

ISBN 978-1-78588-407-8

www.packtpub.com

Credits

Author

Ramesh Waghmare

Copy Editors

Yesha Gangani

Juliana Nair

Reviewer

Mark Andrews

Project Coordinator

Judie Jose

Commissioning Editor

Vijin Boricha

Proofreader

Safis Editing

Acquisition Editor

Shrilekha Inani

Indexer

Aishwarya Gangawane

Content Development Editor

Abhishek Jadhav

Graphics

Kirk D'Penha

Technical Editor

Aditya Khadye

Production Coordinator

Aparna Bhagat

About the Author

Ramesh Waghmare is a technology evangelist who has been in the IT industry for over 20 years and has extensively worked in ICT operations, software development, deployment, and critical systems production support. Throughout his IT career, he has had the opportunity to work in roles such as senior developer, senior database administrator, manager, and architect, which have helped him to build expertise in various IT solutions and implementations from the business perspective and its simplicity to use.

He is a strategic thinker, focusing always on quality delivery to the client ensuring satisfaction at both ends. He has experience of leading and managing a team of technical and non-technical team members. He is a natural leader who inspires, is curious, and is very self-aware. He has a strategic mindset with practical orientation that enables team growth and continuous improvement with a positive outlook. He has strong organizational, analytical, and problem-solving skills, with incredible attention to detail. He has successfully implemented solutions involving cross-functional/cross-geography teams.

He is a sound expert in database technologies such as Oracle, MYSQL, and SQL Server, and in operating systems such as Linux, UNIX, and Windows. In addition, he has a great understanding of open source databases. He is also a certified AWS solution architect and has helped a number of clients to move from their isolated data centers to the public/private cloud.

He has also published a Kindle version of the book called AWS for Oracle DBA and Architect.

Academically, he has completed his MBA in information system, backed by an engineering degree in computer science. He is also a certified AWS solution architect and DevOps engineer at a professional level, holding other several key industry standard certifications.

About the Reviewer

Mark Andrews' career in technology has been a varied one. Over the last 20 years, he has held several different positions, ranging from customer service to quality assurance. Throughout all of these positions, the responsibility of configuration and build management has always fallen either to Mark personally or to one of the groups that he managed. His "keeping a hand in" management style has kept him closely involved in the scripting and automation framework for this area. Creating scripted frameworks that intercommunicate across machine/operating system/domain boundaries is a passion for him.

He has also worked on the following books:

PowerShell 3.0 Advanced Administration Handbook

Windows PowerShell 4.0 for .NET Developers

PowerShell for SQL Server Essentials

Microsoft Exchange Server PowerShell Essentials

Microsoft Exchange Server PowerShell Cookbook (Third Edition)

www.PacktPub.com

For support files and downloads related to your book, please visit www.PacktPub.com.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

https://www.packtpub.com/mapt

Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Customer Feedback

Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review on this book's Amazon page at https://www.amazon.com/dp/1785884077.

If you'd like to join our team of regular reviewers, you can e-mail us at [email protected]. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products!

Table of Contents

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the color images of this book

Errata

Piracy

Questions

PowerShell Essentials

Why PowerShell?

Running PowerShell

Reading the PowerShell language

Getting and exploring help options

Discovering cmdlets and aliases

Learning cmdlets

Risk mitigation parameters

Working with output

Running PowerShell remotely

Building parameterized script

Comment-based help

Summary

The AWS Overview

Disruptive innovations - AWS Cloud

The benefits of AWS cloud computing

Common challenges of shifting to the cloud

The AWS global infrastructure

Security and compliance

AWS services

Virtual Private Cloud

Elastic Compute Cloud

Simple Storage Service

Glacier

CloudWatch

Simple Notification Service

Relational Database Service

CloudFormation

Identify and Access Management

CloudTrail

AWS Config

AWS Elastic Beanstalk

Laying out foundations

The AWS sign up

The organization provided AWS account

Get supported

Summary

Installing PowerShell Core and AWS Tools

AWS Tools for PowerShell

Installing PowerShell 6 On Windows

Installing PowerShell 6 on Linux

Prerequisites for AWS Tools

Downloading and installing AWS Tools

Enabling script execution

Finding the AWS Tool version

Updating AWS Tools for PowerShell

Summary

AWS Identity and Access Management

The AWS-shared responsibility model

Setting up AWS Tools for access

Managing AWS credentials

The AWS credential search order

Creating IAM users

Creating IAM groups

Accessing the AWS console

Accessing AWS via CLI

Removing a policy from the group

Revoking a policy from the user

What are IAM roles?

IAM policies

Dropping groups, roles, and users

Dropping PowerShell AWS profiles

The use case - access key rotation

Summary

AWS Virtual Private Cloud

Laying the foundation

Virtual Private Cloud

Internet Gateways

Route Tables

Subnets

NAT Gateway

Network Access List

Security Groups

Summary

AWS Elastic Compute Cloud

The characteristics of AWS EC2

The EC2 instance purchasing options

On-demand

Reserved

Spot

Dedicated

Understanding IP addresses on EC2

Storage options on EC2

Instance storage

Elastic Block Storage

Spinning up an EC2 instance

Accessing the EC2 instance

The EC2 instance metadata service

Stopping the EC2 instance

Starting the EC2 instance

The Elastic IP address

Terminating the EC2 instance

Placement Groups

Assigning an IAM role to the EC2 instance

The types of EBS

EBS SSD backed volumes

EBS HDD backed volumes

Amazon Machine Images

EBS snapshots

Summary

AWS Simple Storage Service

AWS Glacier

Storage classes on S3

The S3 bucket

Folders and objects

Downloading folders and objects from the S3 bucket

Managing S3 permissions

IAM policies

Bucket policies

Access Control Lists

Building S3 VPC endpoints

S3 Transfer Acceleration

S3 versioning

S3 lifecycle policies

Cross-region replication

Removing the S3 bucket

Summary

Elastic Load Balancer

Why load balancer?

Types of Elastic Load Balancers

Classic Load Balancer

Application Load Balancer

Application Load Balancer components

Creating Classic Load Balancer

Creating Application Load Balancer

Deleting Elastic Load Balancer

Summary

Auto Scaling

Auto Scaling components

Auto Scaling lifecycle

Fleet management

Dynamic scaling

Creating launch configuration

Creating an Auto Scaling Group

Increasing a fleet manually

Scaling-Out and Scaling-In dynamically

Scaling on schedule

Lifecycle hooks and cooldown

Termination policies

Termination protection

Suspending the Auto Scaling process

Standby mode

Deleting an Auto Scaling Group

Summary

Laying Foundation for RDS Databases

Database engines on RDS

Deployment consideration

DB instance classes

Multi-AZ and standby

Read replicas

Compliance

Data encryption

Database access and IAM

DB Security Groups

DB Subnet Groups

DB Parameter Groups

DB Option Groups

Summary

DB Instance Administration and Management

RDS storage type

Licensing models on RDS

Understanding maintenance windows

Spinning up RDS DB instances

Multi-AZ deployment

Enabling encryption on RDS

Connecting to an RDS instance with and without SSL

Stop, start, and restart of a DB instance

Adding space to a DB instance

RDS backup

RDS restore

Manual snapshot of the RDS instance

Deleting an RDS instance

Checking account limit and attributes

Summary

Working with RDS Read Replicas

Creating read replicas

Rebooting read replicas

Connecting to a read replica

Promoting read replicas to primary

Deleting read replicas

Use case - balancing traffic between read replicas

Summary

AWS Elastic Beanstalk

What is Elastic Beanstalk?

Elastic Beanstalk components

Environment types

Understanding deployment models on Elastic Beanstalk

Creating application

Creating a configuration template

Creating an environment

Deploying a popular WordPress application

Cloning an environment

Swapping an environment CNAME

Deleting an environment and application

Summary

AWS CloudFormation

What is CloudFormation?

Authoring and template anatomy

Intrinsic functions

Cross stack references

Creating a base network using CloudFormation

Validating a base network template

Running a base network template

Creating an EC2 instance using CloudFormation

Nested stack

Stack policies

Helper scripts

Dropping the template

Summary

AWS CloudWatch

CloudWatch

Types of CloudWatch monitoring

CloudWatch alarm states

Simple Notification Service

Creating SNS topics

Subscribing to the topic

Monitoring EC2 instances

Creating an alarm for an EC2 instance

Custom monitoring for an EC2 instance

Monitoring RDS DB instances

CloudWatch logs

Summary

AWS Resource Auditing

Introduction to CloudTrail

Why CloudTrail?

CloudTrail events

Create CloudTrail

Enabling CloudTrail

AWS Config

Enabling Config

Removing the delivery channel and recorder

Summary

Preface

PowerShell, originally developed by Microsoft, is a popular scripting language. With the cloud infrastructure addition and the heterogonous environment, there is a high degree of complexity in the IT environment. Without automating your routine task, it is practically impossible to keep the required governance, compliance, and control in your IT shop. Though there are many scripting tools available on the market that you can make use of to automate your workload, PowerShell stands out from others. With increasing complexity in the IT environment, you need a tool that can provide you a single pane to work with multiple cloud and hybrid environments. PowerShell provides you with that unified experience. It is a command-line and scripting language. Most of the industry-leading product creators have a module for PowerShell that can work with their product, whereas this is not the case with other tools. PowerShell is object-based, and this gives the incredible flexibility to filter, sort, measure, group, compare, or take other actions on objects as they pass through the PowerShell pipeline. Last year, Microsoft announced that PowerShell 6 is open source and will support Linux, macOS, and other platforms in addition to Windows. That makes PowerShell an even stronger candidate for providing universal shell to work in multicloud, hybrid, and heterogeneous environments.

In this book, we will explore how you can interact and work with many AWS services via PowerShell. We will learn how we can build highly available and fault-tolerant applications using Elastic Load Balancer and Auto Scaling. In addition, we will learn how Elastic Beanstalk and CloudFormation will help you to deploy the AWS infrastructure and application. We will also touch upon the popular MySQL Relational Database Service and learn how to spin up and work with DB Instances. Finally, we will learn about built-in monitoring and auditing capabilities that you should always consider in your AWS infrastructure.

What this book covers

Chapter 1, PowerShell Essentials, introduces the PowerShell and its cmdlet structure, provides ways to get help on specific cmdlets, and helps you build parameterized scripts with your own built-in help. We will also cover risk mitigation parameters in PowerShell that are required to know when you work in a highly complex environment.

Chapter 2, The AWS Overview, introduces you with AWS Cloud and helps you to understand the several benefits that AWS Cloud brings to the table. It also walks you through the different services provided by AWS and the signing up process with AWS.

Chapter 3, Installing PowerShell Core and AWS Tools, walks you through the installation process of PowerShell 6 and AWS Tools for PowerShell 6. It also discusses the security aspects in PowerShell and updating the new versions of AWS Tools as and when available.

Chapter 4, AWS Identity and Access Management, focuses on creating the PowerShell profile for storing the AWS credential. In addition, you will learn how to create IAM users, groups, and roles.

Chapter 5, AWS Virtual Private Cloud, dives more into the foundational network that you can consider before deploying your AWS infrastructure. It discusses more about the various components around building your AWS private network.

Chapter 6, AWS Elastic Compute Cloud, explains the EC2 service and also discusses how you can spin up and work with virtual machines in the cloud. It also focuses on the storage that can be used while working with EC2.

Chapter 7, AWS Simple Storage Service, introduces you the object store provided by AWS and discusses the various storage classes used by S3. You will learn about creating buckets and managing bucket permissions.

Chapter 8, Elastic Load Balancer, discusses two types of load balancer that are available with AWS and provides insight on how both of them work.

Chapter 9, Auto Scaling, focuses on the core components of horizontal scaling on AWS. It will cover fleet management and dynamic scaling of your application infrastructure.

Chapter 10, Laying Foundation for RDS Databases, introduces you to various aspects of Relational Database Service and helps you build the foundation for your RDS database deployment.

Chapter 11, DB Instance Administration and Management, introduces you to RDS storage types, licensing on RDS, maintenance windows, and working with DB instances. You will also learn multi-AZ deployment and running backups on RDS.

Chapter 12, Working with RDS Read Replicas, discusses MySQL read replica and how we can balance the traffic between multiple read replicas.

Chapter 13, AWS Elastic Beanstalk, focuses on deploying the application using Elastic Beanstalk. You will learn various deployment strategies that you can use while deploying your application on Elastic Beanstalk.

Chapter 14, AWS CloudFormation, discusses how you can build a CloudFormation template to deploy your AWS infrastructure. You will learn about the CloudFormation template YAML format and the structuring around it. We will also discuss submitting the template and tracking events generated by the stack creation process.

Chapter 15, AWS CloudWatch, introduces you to the in-built monitoring service and explains how we can create metrics and alarms using CloudWatch. It also focuses on CloudWatch Logs, which can be used for monitoring your application and server log files.

Chapter 16, AWS Resource Auditing, discusses the two most important management services, CloudTrail and Config. We will learn how you can enable CloudTrail and Config in your AWS account.

What you need for this book

You need an AWS account and basic knowledge of cloud computing. If you have some scripting experience using PowerShell, it would be a big plus. In addition, if you have any other cloud experience, that will help you to understand the concepts very easily.

In this book, you will need the following software:

PowerShell 6

AWS Tools for the PowerShell.NetCore module

Internet connectivity is required to install both the modules mentioned.

Who this book is for

This book is for all the cloud professionals who want to know the working of PowerShell with the AWS Cloud. If you are new to AWS, you can always refer to https://aws.amazon.com/ and read about various services provided by AWS. Mostly, DevOps cloud engineers will benefit the most from this book as it demonstrates command-line capability of doing many things via PowerShell.

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning. Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Once you start PowerShell, you can mostly use get-host or $PSVersionTable to check the version of PowerShell."

A block of code is set as follows:

{ "Id": "key-consolepolicy-3", "Version": "2012-10-17", "Statement": [ { "Sid": "Enable IAM User Permissions", "Effect": "Allow", "Principal": { "AWS": [ "arn:aws:iam::072316406132:root" ] },

Any command-line input or output is written as follows:

PS C:\>Get-Service

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "You can start an ISE environment by clicking on Windows PowerShell ISE."

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of. To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the color images of this book

We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/AWSToolsforPowerShell6_ColorImages.pdf.

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title. To view the previously submitted errata, go to https://www.packtpub.com/books/content/support, and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy. Please contact us at [email protected] with a link to the suspected pirated material. We appreciate your help in protecting our authors and our ability to bring you valuable content.

Questions

If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.

PowerShell Essentials

PowerShell is marching toward one of the greatest scripting and automation tools of all time. It is increasingly important to learn PowerShell if you are working with Microsoft products and surrounding ecosystems. Considering various limitations on the command-line management exposed using MS-DOS, Microsoft started to develop a new approach to the command-line management way back in 2002 and introduced a shell called Monad. It was September 2006 when Microsoft renamed Monad to PowerShell Version 1. Since then, there have been several versions released, and the current stable version is PowerShell 5. Last year, in 2016, Microsoft announced PowerShell Core 6 on GitHub, being not only open source but also cross-platform. This is what will make PowerShell more popular because of its capability to automate things on Linux as well as macOS.

So, where is PowerShell heading from here on? What is the future of PowerShell? Microsoft is aware of the fact that every business will have a cloud-first strategy and a complex infrastructure to manage. Microsoft's initial intention was to ease the Windows-based server administration and maintenance, but now they are strategically moving ahead to make PowerShell as a standard scripting platform for customers so that it can be used on Windows, Linux, and macOS. The open source nature of PowerShell will fuel the PowerShell growth and will help to build the trusted artifact gallery quickly. Businesses will adopt the multi-cloud strategy and there is no single answer of how to best manage multi-cloud. Management is absolutely the secret ingredient for multi-cloud, and there is no common API that is available to manage multi-cloud effectively. Over a period of time, PowerShell will become a mature scripting language to manage the multi-cloud and hybrid environment. And this is one of the biggest intentions of Microsoft, making it cross-platform in the PowerShell Core.

In this chapter, we will learn about the PowerShell cmdlet and how to get help on each cmdlet. We will also touch base on how PowerShell cmdlets are structured. In addition, we will learn about risk mitigation parameters and building your own help for the scripts that you create.

Why PowerShell?

If you are an IT admin or a developer, you will want to learn PowerShell. Learning PowerShell will enhance your ability to manage your entire IT infrastructure. It is a very rich scripting environment, but I do not want you to limit your thinking that it is just a scripting language. First, it can perform the same task on thousands of servers without logging in and help IT admins or developers to keep all the work consistent on all the servers. This is amazing, isn't it? Second, it is also used for task automation. When we think about the server configuration or deployment, we can use PowerShell to do all kinds of things that we want in our environment. Third, it is also object oriented. What I mean here is that everything we do inside of PowerShell is treated like an object, even if the object is a service, process, or just a server. Because of its object-oriented capability, many developers started using PowerShell even though it traditionally looks like an IT admin tool.

Microsoft is putting its full weight behind PowerShell. PowerShell is not going away; it is rather creating a big footprint in the task automation area, as Microsoft announced its intention to make PowerShell open sourced. They know that customers are really having heterogeneous environment in their IT shops, and this is why they thought to make PowerShell available to the community so that it becomes standard for IT automation in data centers. Microsoft also made it mandatory to have a PowerShell support for each product they released. Other vendors such as NetApp, IBM, VMWare, Dell, AWS, and several others have strong support for PowerShell. So, PowerShell is going to stay, and your reward for learning PowerShell is the improved ability to control and automate many technologies that it integrates and works with.

Running PowerShell

Different versions of Windows come with different version of PowerShell. For example, Windows 8 and Windows Server 2013 have PowerShell 3.0, whereas Windows 8.1 comes with PowerShell 4.0 by default. On Windows 10 and later, you see PowerShell 5 installed by default. For now, we will just focus on running PowerShell on your Windows desktop. I am running Windows 10 at the time of writing this book; thus I will use Windows 10 to demonstrate the concept to know more about PowerShell. At the same time, this chapter is not intended to make you an expert in PowerShell scripting; it is rather to help you know the very basics of the PowerShell environment so that you are all set for the journey that you are planning in this book to learn AWS Tools for PowerShell Core. This would help if you are new to PowerShell. You do not need to be an expert, but understanding the basic commands in PowerShell will help you. If you are keen to learn more about PowerShell, my suggestion is to consider buying other PowerShell-related books or take some online training to gain more insight into this beautiful scripting language.

You only need to type the first few letters of the word PowerShell on the start screen. As we discussed earlier, Microsoft announced PowerShell Core 6, which is still in beta at the time of writing this book. So, I have downloaded the PowerShell Core 6 beta version from the GitHub repository. I will be using PowerShell Core 6 on Windows 10 as we move forward. You may want to pin PowerShell into your taskbar rather than starting this way, by typing in the start screen window every time you run PowerShell:

There are four options that you will see in most of the Windows PowerShell environment. If you see (x86) in the options, such as Windows PowerShell (x86) or Windows PowerShell ISE (x86), it means that it is 32-bit binaries for PowerShell, and without (x86) they are 64-bit binaries available for PowerShell. Windows PowerShell ISE is a nice GUI and an Integrated Scripting Environment (ISE). You can start an ISE environment by clicking on Windows PowerShell ISE ;or by just running the ise command inside PowerShell. The best thing about ISE is that it has a lot of advantages to it. Not only can you see the scripting pane at the top, which allows you to write rich and robust scripts, but you can also have error checks and debugging built into it, so you can step through the script one at a time if you want to do so.

Once you start PowerShell, you can mostly use get-host or $PSVersionTable to check the version of PowerShell. get-host works in all versions of PowerShell, whereas $PSVersionTable works in PowerShell version 2 and later.

Reading the PowerShell language

PowerShell is a natural language that you can learn quickly. There are four types of commands that PowerShell can run. Those are windows native, aliases, scripts, and cmdlet. Many people think that the only thing that PowerShell can do is run cmdlet, but that's not all true. Certainly, cmdlets are more popular, but in addition, you can run Windows native commands, aliases, and scripts. Cmdlets have a unique structure. There are thousands of cmdlet provided by AWS for managing the AWS infrastructure. Almost all the cmdlets work in a similar way, and this simplifies the scripting. All cmdlets have two parts. The first part is a verb and the second part is a noun. Usually, the verb indicates an action for the command, and the noun indicates a specific service or program. Set, get, add, and remove are some of the most popular verbs that you will see in PowerShell.

General syntax for cmdlet is:

Cmdlet structure: <verb> - <noun>

Dash (-) in between the verb and noun completes the Windows PowerShell command. It is also a PowerShell convention to use singular nouns. While it is not universally applied, if you are not sure whether a noun is singular or plural, go with singular. Let's say, if you want to see list of services running on Windows, then Get-Service is the cmdlet that you can use and not Get-Services:

PS C:\>Get-Service

Note that PowerShell cmdlets are not case sensitive, so if you type Get-Service or get-service in the PowerShell command prompt, both of them are going to yield the same result. You can get the list of common verbs used by PowerShell by running the following:

PS C:\>Get-Verb

This will give you an idea of how many verbs that PowerShell uses.

Getting and exploring help options

Microsoft has designed PowerShell in such a way that it is easy to use for complex scripting and automation tasks, and it is also easy to use for an interactive command. The standard naming convention used for a PowerShell cmdlet will assist you in figuring out how to accomplish certain tasks. Understanding the help system capability in PowerShell will help you to write the complex scripting cases in a large infrastructure setup, and the help system in PowerShell will become your most important resource. On some Windows systems, in case you do not find the help system installed, you can update it using the update-Help cmdlet:

PS C:\>Update-Help -Force

Force with Update-Help indicates that the Update-Help cmdlet does not follow the once-per-day limitation; it skips version checking and downloads files that exceed the 1 GB limit. Also, you need to ensure that you started PowerShell as an administrator before attempting to run this command.

The Get-Help cmdlet displays information about the necessary help for any other cmdlet that you need the information for. You can seek help on any cmdlet using Get-Help. For example, if you want to seek information on the Get-Process cmdlet, then you can use the following command:

PS C:\>Get-Help Get-Process

The output shows the help for Get-Process. I would encourage you to check the following commonly used variant of the Get-Help cmdlet, which would feed you more detailed information on the specific cmdlet. This is what will help you to understand the command usage in detail when you start scripting:

PS C:\>Get-Help Get-Process -ShowWindow

PS C:\>Get-Help Get-Process -Detailed

PS C:\>Get-Help Get-Process -Full

PS C:\>Get-Help Get-Process -Online

Discovering cmdlets and aliases

If you are new to PowerShell, you must be excited to know about all the cmdlets and aliases available. It is an easy language to read and learn. You might want to know how many cmdlets and aliases are out there that you can use in your scripting language. Wait, that's very simple. You can unleash the list of all cmdlets and aliases just using a couple of commands. Get-Command is the cmdlet that will list you all the available cmdlets:

PS C:\>Get-Command

You can further narrow down the discovery using some keyword, and this is major plus point, which lets you quickly search and use the appropriate cmdlet in your script. You do not need to remember any cmdlet; just think of a specific action or service that you want to do, and pass it on to theGet-Commandcmdlet to further refine the search. If you want to list all the process-related cmdlets, then you can use this:

PS C:\>Get-Command *process*

Once you see the available list, you can pick up the most appropriate one and get help using the Get-Help cmdlet. This is the best way to learn about various cmdlets. There is nothing like a fixed set of cmdlets available. This list is growing everyday. As and when you add a module, a new set of cmdlets associated with the service or product will be added in the list. Moving further, when we install AWS Tools for PowerShell, a new set of cmdlets will be added, and we will be making use of this new set of cmdlets to work with AWS Cloud.

Another way you can work with commands inside PowerShell is via aliases. Aliases are how you can bridge your knowledge about cmdlets, where you are coming from to where you want to go inside of PowerShell. For example, Get-ChildItem is the cmdlet used for listing all the items in the present working directory, or you can specify the location. If you are a Windows guy, using dir for quite a long time, you may prefer to continue to use this instead of using Get-ChildItem. If you are a Linux guy, then you may prefer to use ls. So, if you type dir, ls, or gci at the command prompt, then all of them will lead to the same result as thrown by Get-ChildItem. Are dir, ls, and gci different commands? The answer is NO. dir, ls, and gci are the aliases for Get-ChildItem. So, if you type Get-Alias in the command prompt, it will list you all the aliases defined in the PowerShell. You can also create your own aliases using Set-Alias. To get the list of existing alias, you can run the following command:

PS C:\>Get-Alias

You can specify the name of the alias with Get-Alias to know the parent cmdlet; for example:

PS C:\>Get-Alias

dir

PS C:\>Get-Alias

ls

PS C:\>Get-Alias

gci

Learning cmdlets

There are thousands of cmdlets available. Don't worry. It's not very scary. Don't think that you need to remember all those cmdlets to be a good IT admin or a developer. I do not know anybody who claims that he knows all the cmdlets. As I said earlier, the number of cmdlets are increasing day by day; what is important to know is how to get help on those cmdlets, discover the cmdlets, and learn the properties associated with specific cmdlets. Let's dive a little deeper into one cmdlet called Get-Service. Now, if you run this cmdlet in the PowerShell command prompt, you find that it returned just three columns.

Does that mean that it has just got three columns? The answer is NO. There are methods and properties associated with each cmdlet. You can learn more about those methods and properties using the Get-Member cmdlet with Get-Service.

This way you can learn about the cmdlet that you plan to use in your scripting. You can now see that there are several properties and methods that you can make use of instead of the default output. Usually, if you are a developer, you will love to know more about the methods so that you can interact with the service using code.

Let's assume that you are interested in Name, Status, and StartType. You can tweak the output now using Format-List or Format-Table cmdlet as follows:

PS C:\>Get-Service | Format-List Name, Status, StartTypePS C:\>Get-Service | Format-Table Name, Status, StartType

Risk mitigation parameters

PowerShell has two risk mitigation parameters called WhatIf and Confirm. They are very useful for testing complicated scripts without risking the code running amok. By appending WhatIf and Confirm, you get a preview of what could have happened without risking the damage. Let's take a real-life example of a file deletion using a wildcard. Consider that there are some files, and you plan to delete them. But you want to ensure that you are deleting the right set of files that you intend to delete. Because you are using a wildcard, the consequences could be very serious. Hence, it is always prudent to ensure that you are not risking the run of the command. Lets assume that you want to remove file*.txt files from some directory; you can use WhatIf something like following:

PS C:\>Get-Childitem C:\somedata\file*.txt -Recurse | Remove-Item -WhatIf

In the example, we used file*.txt (with a wildcard), and the command did not make any permanent change when you appended the command with WhatIf. The command run is just letting us know that if you run it without WhatIf, it is going to delete all those five files. Likewise, you can use Confirm by appending at the end of the command to get a confirmation if the specific file can be deleted or not:

PS C:\>Get-Childitem C:\somedata\file*.txt -Recurse | Remove-Item -Confirm

These two risk mitigation parameters are really powerful when you start rolling out the script to hundreds of servers, and it will help to ease your anxiety a little bit.

Working with output

As you work with PowerShell, sending out output and controlling the formatting of the output is very easy. Redirecting output is also a common use of the Pipe (|) operator that you find in PowerShell. There are different ways to deal with the output of the commands. As highlighted earlier, you can use the Format-List and Format-Table cmdlet to get the required properties in the output. In case you want to save the output to the file, you can use the out-file or export-csv parameter with the cmdlet. For example, let's say you want to save the services output to the file, then you simply use this:

PS C:\>Get-Service | out-file C:\services.txt

Or you use this:

PS C:\>Get-Service | export-csv C:\services.txt

One of the best things that you can find in PowerShell is called a grid view. It allows you to output the data to the GUI where you can work with it a little bit easier, especially when you are looking to manipulate data and get a quick peek on what's going on in a particular server or what's happening with a particular cmdlet. Out-GridView offers a great alternative instead of trying to figure out how to output to a file or a different table:

PS C:\>Get-Service | Out-GridView

This will just display the default properties into the grid view and not all the properties. But wait, you cannot combine Out-GridView with the Format-List and Format-Table commands. If you want to control what parameters go into the grid view, then the Select-Object cmdlet is what comes to the rescue:

PS C:\>Get-Service | Select-Object DisplayName,Status | Out-GridView

If you want all the parameters to send to the grid view, then you can use this:

PS C:\>Get-Service | Select-Object * | Out-GridView

If you are looking to get the quick details, then the grid view is the way to go.

Running PowerShell remotely

One of the advantages of PowerShell is accessing the remote servers. Running commands on remote servers is called PowerShell remoting, and this is not something new. Many IT admins run PowerShell on their client-side desktops and access servers located in different data centers to ease the administrative effort. In the cmdlets, there is a ComputerName parameter that you can use to run the command on the remote server. You just need to ensure that the ComputerName parameter specified is seen on the network and has a remoting option enabled. Let's say you want to run the Get-Service cmdlet on the server called apps1, then you can run this:

PS C:\>Get-Service -ComputerName apps1

So, all the cmdlets that you run locally can be run on the remote server just by specifying the ComputerName parameter with it.

PowerShell is locked down by default. In order to enable remoting, you have to run the Enable-PsRemoting cmdlet:

PS C:\> Enable-PsRemoting -Force

This command starts the Windows Remote Management (WinRM) service, sets it to start automatically with your system, and creates a firewall rule that allows incoming connections. The Force part of the command tells PowerShell to perform these actions without prompting you for each step. You should restart the WinRM service so that new settings can take effect:

PS C:\Restart-Service WinRM

For testing the connection, you can use this:

PS C:\Test-WsMan <RemoteComputer>

PS C:\Enter-PsSession -ComputerName <RemoteComputer>

Or you can run any other cmdlet with ComputerName parameter.

Building parameterized script

When you start building script for automation that can be used by yourself and others repeatedly for doing some task, building parameterized script is the key. In PowerShell, it is very easy to build the parameterized script using just a simple param keyword in the script file. You may have solved the problem using individual cmdlets, and you now want that one to be used repeatedly for building an automation. Let's review the following script for a better understanding of using parameters:

I created a file called DiskInfo.ps1 in the D:\scripts directory. This script provides you with free GB available on the drive that you pass to this script. I am using Get-CimInstance to get me the computer name and free GB. The param keyword at the top of the script can be seen. You might just need to get a feeling of writing that syntax and nothing more. To make the drive letter mandatory, I used a keyword called Mandatory=$true. Once you saved the file, the script can be run as follows:

PS :\D>.\DiskInfo.ps1 -Drive C:

The beauty of the script is that when you start hitting the tab after the script name on the command prompt, it starts displaying you the parameters that can be passed to the script, which is amazing. This is the way you start building a new set of cmdlets for you. There is nothing else that needs to be done to build your own cmdlets.

Comment-based help

Another very important thing in PowerShell that you must know is that you can build the script with in-built help. There are no separate files that you need to maintain for your script. This is an amazing capability. There are two ways that you can write help lines in your PowerShell Script. You can either use a hash (#) in the line to indicate it's a help, or you can make use of the <#..#> block level comment. Let's use the following script to continue the discussion:

I specified a block level comment in <#..#> with some other interesting things. Once the parsing engine sees the block of lines inside <#..#>, it starts ignoring the text and knows that it is help comment. But pay special attention to the lines inside that block, which are started with a dot (.). It has a special meaning in PowerShell. PowerShell starts building your help file once it sees this dot. This is extremely helpful in PowerShell when you build a complex script that can be used by others. There is no need to maintain a separate help file. It is just like the help you seek for any other cmdlet available in PowerShell. You can simply now type the following and see the magic:

PS C:\>Get-Help .\PS_Comment.ps1 -detailed

So, you just built a help file that looks like the cmdlet help.

Summary