-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing PSWSman module in the custom runtime #22
Comments
To confirm, you say you were trying to use Are you able to post a sample of your code so we can see and aim to reproduce what you were trying to do? |
Sorry, I was using invoke-command.
PS> Invoke-Command -ScriptBlock { hostname } -ComputerName WEBSRV1 WEBSRV1
Copy
I am using something like this.
…On Wed, Jul 26, 2023 at 4:56 PM Andrew Pearce ***@***.***> wrote:
To confirm, you say you were trying to use Invoke-WebRequest, did you
mean Invoke-Command?
Are you able to post a sample of your code so we can see and aim to
reproduce what you were trying to do?
—
Reply to this email directly, view it on GitHub
<#22 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AMSZVRWZGGAELKESQSBG53DXSGOA7ANCNFSM6AAAAAA2ZEXAZI>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
@austoonz, did you get a chance to look at the sample code? |
I haven't had time to deep dive into this recently, however the previous guidance I've given is to focus on using Systems Manager Run Command (ie In previous testing (a few years back), no matter what I tried I was unable to make this work as I'd expect it to, or want it do. |
@austoonz is correct to use Systems Manager Run Command (ie ssm:SendCommand) rather than trying to use Invoke-Command. |
SSM is not sufficient for everything because it does not provide a way to have fine-grained control in the OS in a way that allows for delegation of permission. You can set the SSM agent to run as a specific user in the OS, but it does not offer the level of control that you could get with JEA, which is my use case. FWIW I have gotten PowerShell remoting and JEA working from Lambda to Windows, using this runtime as a base.
Since it requires system components, I am using it as a container-based Lambda only; I'm not sure if it's feasible to do it with layers and ZIP-based. |
@briantist very cool! |
@austoonz sure, I've put up a PR with more information :) |
I tied using the sample code and modified it to run some commands in the remote computer using invoke-web request. Test Inoke throws the following error
{
"errorType": "PSRemotingTransportException",
"errorMessage": "This parameter set requires WSMan, and no supported WSMan client library was found. WSMan is either not installed or unavailable for this system."
}
I tried a workaround following this post https://blueleader07.medium.com/lambda-powershell-layer-15c0ec6f6d4a to replace the PSWSMan library libmi.so. I still get the same error. Does the custom runtime have all commands available like the regular Powershell version?
@julianwood @austoonz
Thanks for looking into the issue.
The text was updated successfully, but these errors were encountered: