A NuGet repository is also beneficial when using Just Enough Administration. We saw in Chapter 8, Just Enough Administration, that a JEA endpoint consists of an endpoint configuration and multiple role capability files. We also mentioned that those role capability files are usually part of a PowerShell module. This means that they can be published in a gallery as well.
The general process for you should look like this: the endpoint configuration and its role capability files are developed and put into source control, such as Git. Now, every time you or your colleagues change the role capability files or the containing module and release this change by committing it to the master branch, an automated build process will take over. The build process can sign your role capabilities and the module and, more importantly, publish your module along with all role capabilities:
# JEA
# Find role capability by name
Find-RoleCapability -Name FirstLevelUserSupport
# Find modules with specific role capability
Find-Module -RoleCapability FirstLevelUserSupport
# Install modules with found psrc files to prepare for a JEA endpoint deployment
Find-Module -RoleCapability FirstLevelUserSupport |
Install-Module
# Register endpoint with freshly downloaded, production JEA psrc files
$parameters = @{
Path = '.JeaWithPowerShellGet.pssc'
RunAsVirtualAccount = $true
TranscriptDirectory = 'C:Transcripts'
SessionType = 'RestrictedRemoteServer'
LanguageMode = 'ConstrainedLanguage'
RoleDefinitions = @{'contosoFirstLevel' = @{RoleCapabilities = 'FirstLevelUserSupport'}}
}
# This would come from source control
New-PSSessionConfigurationFile @parameters
# This would be part of an automated rollout
Register-PSSessionConfiguration -Name SupportSession -Path .JeaWithPowerShellGet.pssc
With the options that PowerShellGet provides, it is now easy to find role capabilities inside the NuGet Gallery. There is even a cmdlet for it, called Find-RoleCapability, which looks through all published modules to look for role capabilities.