Protect-ShieldingDataFile

Protect-ShieldingDataFile

Creates a shielding data file.

Syntax

Parameter Set: ExistingVMParameterSet
Protect-ShieldingDataFile [-ShieldingDataFilePath] <String> [-Owner] <Guardian> [[-Guardian] <Guardian[]> ] [-Force] [-InformationAction <ActionPreference> {SilentlyContinue | Stop | Continue | Inquire | Ignore | Suspend} ] [-InformationVariable <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: ShieldedTemplateParameterSet
Protect-ShieldingDataFile [-ShieldingDataFilePath] <String> [-Owner] <Guardian> [-VolumeIDQualifier] <VolumeIDQualifier[]> [-WindowsUnattendFile] <NamedFileContent> [[-OtherFile] <NamedFileContent[]> ] [[-Guardian] <Guardian[]> ] [-Force] [-InformationAction <ActionPreference> {SilentlyContinue | Stop | Continue | Inquire | Ignore | Suspend} ] [-InformationVariable <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Detailed Description

The Protect-ShieldingDataFile cmdlet creates a shielding data file. Use the shielding data file in the process of deploying a hardened virtual machine.

Parameters

-Force

Forces the command to run without asking for user confirmation.

-Guardian<Guardian[]>

Specifies an array of Guardian objects for the shielding data.

-InformationAction<ActionPreference>

Specifies how this cmdlet responds to an information event. The acceptable values for this parameter are:

-- SilentlyContinue
-- Stop
-- Continue
-- Inquire
-- Ignore
-- Suspend

-InformationVariable<String>

Specifies a variable in which to store an information event message.

-OtherFile<NamedFileContent[]>

Specifies an array of files that the fabric administrator includes in the shielding process.

-Owner<Guardian>

Specifies the Guardian object that owns the shielding data.

-ShieldingDataFilePath<String>

Specifies the path of the shielding data file to create.

-VolumeIDQualifier<VolumeIDQualifier[]>

Specifies an array of VolumeIDQualifier objects. An ID defines which volumes match the shielding data.

-WindowsUnattendFile<NamedFileContent>

Specifies the Path of a valid unattend.xml file to provision virtual machines.

-Confirm

Prompts you for confirmation before running the cmdlet.

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

<CommonParameters>

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see    about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

• Guardian, Guardian[], NamedFileContent, NamedFileContent[], String, VolumeIDQualifier[]

Outputs

The output type is the type of the objects that the cmdlet emits.

Examples

Example 1: Create a shielding data file

The first command gets the Guardian object for the owner of the shielding data, and then stores that object in the $Owner variable.

The second command uses the New-VolumeIDQualifier cmdlet to create a volume ID qualifier, and then stores that object in the $VolumeIDQualifier variable.

The final command creates a shielding data file at the path specified by the ShieldingDataFilePath parameter. The command uses the values stored in $Owner and $VolumeIDQualifier. The command specifies a local unattend file.

PS C:\> $Owner = Get-HgsGuardian -FriendlyName "DefaultOwner"
PS C:\> $VolumeIDQualifier = @(New-VolumeIDQualifier -VolumeSignatureCatalogFilePath "VolumeSignatureCatalog.vsc" -VersionRule Equals)
PS C:\> Protect-ShieldingDataFile -ShieldingDataFilePath "ShieldingDataFile07.pdk" -Owner $Owner -VolumeIDQualifiers $VolumeIDQualifier -WindowsUnattendFile "unattend.xml"

Related topics

Import-ShieldingDataFile

New-VolumeIDQualifier