Skip to content

Commit 7fdda0c

Browse files
SQLDBAWithABeardSQLDBAWithABeard
committed
Shhh
1 parent 46e72d5 commit 7fdda0c

File tree

2 files changed

+147
-32
lines changed

2 files changed

+147
-32
lines changed

notebooks/dotNETNotebooks/Secrets/Secrets Management with PowerShell.ipynb renamed to notebooks/dotNETNotebooks/Secrets/Secrets_Management_with_PowerShell.ipynb

+1-1
Original file line numberDiff line numberDiff line change
@@ -186,7 +186,7 @@
186186
{
187187
"cell_type": "markdown",
188188
"source": [
189-
"## Retireving Secrets\r\n",
189+
"## Retrieving Secrets\r\n",
190190
"\r\n",
191191
"You can retrieve secrets with `Get-Secret`"
192192
],

notebooks/dotNETNotebooks/Secrets/Using Secrets Management for demos.ipynb

+146-31
Original file line numberDiff line numberDiff line change
@@ -18,56 +18,133 @@
1818
{
1919
"cell_type": "markdown",
2020
"source": [
21-
"# Storing Secrets for your labs\r\n",
21+
"# Storing and using Secrets for your labs and demos\r\n",
2222
"\r\n",
2323
"You can use the Microsoft.PowerShell.SecretManagement module introduced here to store and retrieve secrets with PowerShell.\r\n",
2424
"\r\n",
2525
"Installation\r\n",
26-
"You install it from the PowerShell Gallery using"
26+
"Follow this notebook [Secrets Management with PowerShell](Secrets_Management_with_PowerShell.ipynb) for installation instructions"
2727
],
2828
"metadata": {
2929
"azdata_cell_guid": "9536f2d9-53b8-4fa8-8e6a-3f1917e5ac40"
3030
}
3131
},
32+
{
33+
"cell_type": "markdown",
34+
"source": [
35+
"## Store your secrets\r\n",
36+
"\r\n",
37+
"We can use the built in local vault to store secrets for labs and demos. You can add your secrets using a couple of methods described in the first notebook"
38+
],
39+
"metadata": {
40+
"azdata_cell_guid": "5e8eb5ee-ce89-4eab-a00c-e7fa5e33b680"
41+
}
42+
},
3243
{
3344
"cell_type": "code",
3445
"source": [
35-
"Install-Module Microsoft.PowerShell.SecretManagement -AllowPrerelease"
46+
"Set-Secret -Name BeardLabSaAccount -Secret 'BeardsAreAwesome!'"
3647
],
3748
"metadata": {
38-
"azdata_cell_guid": "2e0b6025-b8ac-40f5-924b-6fb17da870ca"
49+
"azdata_cell_guid": "4e846ca5-d89a-4a91-a8b0-59505f7fd7f2"
3950
},
4051
"outputs": [],
41-
"execution_count": null
52+
"execution_count": 7
4253
},
4354
{
4455
"cell_type": "markdown",
4556
"source": [
46-
"You need to use the `-PreRelease` flag at the moment as it is in preview. \r\n",
47-
"\r\n",
48-
"## Local Vault\r\n",
57+
"Look at [Secrets Management with PowerShell](Secrets_Management_with_PowerShell.ipynb) notebook for more options"
58+
],
59+
"metadata": {
60+
"azdata_cell_guid": "ce796adc-24ac-477e-ba19-5dab887b508e"
61+
}
62+
},
63+
{
64+
"cell_type": "markdown",
65+
"source": [
66+
"## Using secrets in your code\r\n",
4967
"\r\n",
50-
"It will come with a built in local key vault for you to use. You can see this with `Get-SecretVault`"
68+
"Now you can use the secrets in your code. Lets create a docker container and use the SA password from the vault"
69+
],
70+
"metadata": {
71+
"azdata_cell_guid": "98bd2ac0-e7c2-4af4-8af7-793202715984"
72+
}
73+
},
74+
{
75+
"cell_type": "code",
76+
"source": [
77+
"$DockerSA = Get-Secret -Name BeardLabSaAccount -AsPlainText\r\n",
78+
"docker run -e \"ACCEPT_EULA=Y\" -e \"SA_PASSWORD=$DockerSA\" -p 15999:1433 --name beardcontainer -d mcr.microsoft.com/mssql/server:2019-latest"
79+
],
80+
"metadata": {
81+
"azdata_cell_guid": "0257a2ed-7e1f-4a44-8421-2d49f9f87b8b"
82+
},
83+
"outputs": [
84+
{
85+
"name": "stdout",
86+
"text": "1903468df1adcd740b405d97e23c26678219a49f0302fcf10341bd2e4cbf02bf\r\n",
87+
"output_type": "stream"
88+
}
89+
],
90+
"execution_count": 13
91+
},
92+
{
93+
"cell_type": "markdown",
94+
"source": [
95+
"Now we can query the container with dbatools by retrieving the password from the vault and creating a credential object "
5196
],
5297
"metadata": {
53-
"azdata_cell_guid": "9805b9c4-b61d-4f81-9bc7-89df70c5f3fe"
98+
"azdata_cell_guid": "bfcce585-544c-4cac-ba2a-409cbd708bac"
5499
}
55100
},
56101
{
57102
"cell_type": "code",
58103
"source": [
59-
"Get-SecretVault"
104+
"$DockerSaCred = New-Object System.Management.Automation.PSCredential ('sa',(Get-Secret -Name BeardLabSaAccount))\r\n",
105+
"$ContainerSQL = Connect-DbaInstance -SqlInstance 'localhost,15999' -SqlCredential $DockerSaCred\r\n",
106+
"\r\n",
107+
"Get-DbaDatabase -SqlInstance $containersql |Format-Table\r\n",
108+
"Get-DbaLogin -SqlInstance $containersql | Format-Table"
60109
],
61110
"metadata": {
62-
"azdata_cell_guid": "c56718a1-6a3e-45f2-b9c8-334ded6c5f84"
111+
"azdata_cell_guid": "bbf81c01-22a0-4728-95a4-6a3753f41c09"
63112
},
64113
"outputs": [
65114
{
66-
"data": {
67-
"text/html": "<script type=\"text/javascript\">#!javascript\r\nif ((typeof(requirejs) !== typeof(Function)) || (typeof(requirejs.config) !== typeof(Function))) { \r\n let script = document.createElement(\"script\"); \r\n script.setAttribute(\"src\", \"https://cdnjs.cloudflare.com/ajax/libs/require.js/2.3.6/require.min.js\"); \r\n script.onload = function(){\r\n loadDotnetInteractiveApi();\r\n };\r\n document.getElementsByTagName(\"head\")[0].appendChild(script); \r\n}\r\nelse {\r\n loadDotnetInteractiveApi();\r\n}\r\n\r\nfunction loadDotnetInteractiveApi(){\r\n let apiRequire = requirejs.config({context:\"dotnet-interactive.23580.54265\",paths:{dotnetInteractive:\"http://localhost:54265/resources/dotnet-interactive\"}});\r\n apiRequire(['dotnetInteractive'], \r\n function(api) { \r\n api.createDotnetInteractiveClient(\"http://localhost:54265/\", window);\r\n },\r\n function(error){\r\n console.log(error);\r\n });\r\n}</script>"
68-
},
69-
"metadata": {},
70-
"output_type": "display_data"
115+
"name": "stdout",
116+
"text": "\r\n",
117+
"output_type": "stream"
118+
},
119+
{
120+
"name": "stdout",
121+
"text": "ComputerName InstanceName SqlInstance Name Status IsAccessible RecoveryModel LogReuseWaitStatus\r\n",
122+
"output_type": "stream"
123+
},
124+
{
125+
"name": "stdout",
126+
"text": "------------ ------------ ----------- ---- ------ ------------ ------------- ------------------\r\n",
127+
"output_type": "stream"
128+
},
129+
{
130+
"name": "stdout",
131+
"text": "localhost MSSQLSERVER 135b32b4a432 master Normal True Simple Transaction\r\n",
132+
"output_type": "stream"
133+
},
134+
{
135+
"name": "stdout",
136+
"text": "localhost MSSQLSERVER 135b32b4a432 tempdb Normal True Simple Nothing\r\n",
137+
"output_type": "stream"
138+
},
139+
{
140+
"name": "stdout",
141+
"text": "localhost MSSQLSERVER 135b32b4a432 model Normal True Full Nothing\r\n",
142+
"output_type": "stream"
143+
},
144+
{
145+
"name": "stdout",
146+
"text": "localhost MSSQLSERVER 135b32b4a432 msdb Normal True Simple Nothing\r\n",
147+
"output_type": "stream"
71148
},
72149
{
73150
"name": "stdout",
@@ -76,17 +153,47 @@
76153
},
77154
{
78155
"name": "stdout",
79-
"text": "Name ModuleName ImplementingType\r\n",
156+
"text": "\r\n",
157+
"output_type": "stream"
158+
},
159+
{
160+
"name": "stdout",
161+
"text": "ComputerName InstanceName SqlInstance Name LoginType CreateDate\r\n",
162+
"output_type": "stream"
163+
},
164+
{
165+
"name": "stdout",
166+
"text": "------------ ------------ ----------- ---- --------- ---------- \r\n",
167+
"output_type": "stream"
168+
},
169+
{
170+
"name": "stdout",
171+
"text": "localhost MSSQLSERVER 135b32b4a432 ##MS_PolicyEventProcessingLogin## SqlLogin 10/06/2020 1…\r\n",
172+
"output_type": "stream"
173+
},
174+
{
175+
"name": "stdout",
176+
"text": "localhost MSSQLSERVER 135b32b4a432 ##MS_PolicyTsqlExecutionLogin## SqlLogin 10/06/2020 1…\r\n",
177+
"output_type": "stream"
178+
},
179+
{
180+
"name": "stdout",
181+
"text": "localhost MSSQLSERVER 135b32b4a432 BUILTIN\\Administrators WindowsGroup 10/06/2020 1…\r\n",
80182
"output_type": "stream"
81183
},
82184
{
83185
"name": "stdout",
84-
"text": "---- ---------- ----------------\r\n",
186+
"text": "localhost MSSQLSERVER 135b32b4a432 NT AUTHORITY\\NETWORK SERVICE WindowsUser 18/07/2020 0…\r\n",
85187
"output_type": "stream"
86188
},
87189
{
88190
"name": "stdout",
89-
"text": "BuiltInLocalVault \r\n",
191+
"text": "localhost MSSQLSERVER 135b32b4a432 NT AUTHORITY\\SYSTEM WindowsUser 18/07/2020 0…\r\n",
192+
"output_type": "stream"
193+
},
194+
{
195+
"name": "stdout",
196+
"text": "localhost MSSQLSERVER 135b32b4a432 sa SqlLogin 08/04/2003 0…\r\n",
90197
"output_type": "stream"
91198
},
92199
{
@@ -95,31 +202,39 @@
95202
"output_type": "stream"
96203
}
97204
],
98-
"execution_count": 1
205+
"execution_count": 19
99206
},
100207
{
101208
"cell_type": "markdown",
102209
"source": [
103-
"## Store your secrets\r\n",
104-
"\r\n",
105-
"This is a great place to store your secrets for your demos. You can add your secrets using a couple of methods\r\n",
106-
"\r\n",
107-
"- It's just your lab, just type them in to `Get-Secret`"
210+
"## Remove the container"
108211
],
109212
"metadata": {
110-
"azdata_cell_guid": "5e8eb5ee-ce89-4eab-a00c-e7fa5e33b680"
213+
"azdata_cell_guid": "50d22ba7-c42d-498a-b40e-d8804c1518e1"
111214
}
112215
},
113216
{
114217
"cell_type": "code",
115218
"source": [
116-
"Set-Secret -Name BeardLabSaAccount -Secret 'BeardsAreAwesome'"
219+
"docker rm beardcontainer --force\r\n",
220+
"docker ps -a"
117221
],
118222
"metadata": {
119-
"azdata_cell_guid": "4e846ca5-d89a-4a91-a8b0-59505f7fd7f2"
223+
"azdata_cell_guid": "8bfe4cf8-6962-45ab-aecf-ece3e448fe6b"
120224
},
121-
"outputs": [],
122-
"execution_count": 2
225+
"outputs": [
226+
{
227+
"name": "stdout",
228+
"text": "beardcontainer\r\n",
229+
"output_type": "stream"
230+
},
231+
{
232+
"name": "stdout",
233+
"text": "CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\r\n",
234+
"output_type": "stream"
235+
}
236+
],
237+
"execution_count": 12
123238
}
124239
]
125240
}

0 commit comments

Comments
 (0)