Skip to content

Instantly share code, notes, and snippets.

@stephenlauck
Last active May 1, 2024 20:38
Show Gist options
  • Save stephenlauck/51b964684cf66ac52befaaa8b83a5ab6 to your computer and use it in GitHub Desktop.
Save stephenlauck/51b964684cf66ac52befaaa8b83a5ab6 to your computer and use it in GitHub Desktop.
Spellcaster Azure Example
`Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://away.spellcaster.sh/spells/silk-flex-azure?format=powershell'))`
@stephenlauck
Copy link
Author

az vm delete -g spell-resource-group -n spell-vm-01 --yes; az group delete -n spell-resource-group --yes

@stephenlauck
Copy link
Author

az role definition list --name "Silk Flex" --output json --query '[].permissions[0].actions'
az role definition create --role-definition .\silk-flex.json

@stephenlauck
Copy link
Author

(get-date $(az account get-access-token --query "expiresOn")) -lt (get-date)

for token expiration

@stephenlauck
Copy link
Author

stephenlauck commented Apr 25, 2024

[bool](select-string -path ./silk-flex-role.json -pattern $(az account subscription list --query '[0].id'))

(get-content .\silk-flex-role.json).replace('/subscriptions/', $(az account subscription list --query '[0].id' --output tsv)) | set-content .\silk-flex-role.json

@stephenlauck
Copy link
Author

  Id CommandLine
  -- -----------
   1 cd ~
   2 ls
   3 cd .\silk\
   4 ls
   5 code .
   6 (get-content .\silk-flex.json).replace('/subscriptions/', "/subscriptions/$(az account subscription list --query '[0].id')") | set-con...
   7 (get-content .\silk-flex.json).replace('/subscriptions/', "$(az account subscription list --query '[0].id')") | set-content .\silk-fle...
   8 (get-content .\silk-flex.json).replace('/subscriptions/', $(az account subscription list --query '[0].id')) | set-content .\silk-flex....
   9 (get-content .\silk-flex.json).replace('/subscriptions/', $(az account subscription list --query '[0].id' --output tsv)) | set-content...
  10 curl
  11 test-path .\silk-flex.json
  12 ls
  13 rm .\silk-flex.json
  14 `Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManage...
  15 `Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManage...
  16 select-string -path ./silk-flex-role.json -pattern $(az account subscription list --query '[0].id')
  17 [bool](select-string -path ./silk-flex-role.json -pattern $(az account subscription list --query '[0].id'))
  18 (get-content .\silk-flex.json).replace('/subscriptions/', $(az account subscription list --query '[0].id' --output tsv)) | set-content...
  19 ls
  20 (get-content .\silk-flex-role.json).replace('/subscriptions/', $(az account subscription list --query '[0].id' --output tsv)) | set-co...
  21 [bool](select-string -path ./silk-flex-role.json -pattern $(az account subscription list --query '[0].id'))
  22 `Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManage...
  23 `Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManage...
  24 New-Object System.Net.WebClient).DownloadString('https://away.spellcaster.sh/spells/azure-windows?format=powershell')
  25 [bool](select-string -path ./silk-flex-role.json -pattern $(az account subscription list --query '[0].id'))
  26 rm .\silk-flex-role.json
  27 `Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManage...
  28 cat .\silk-flex-role.json
  29 `Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManage...
  30 az role definition list --name "Silk Flex" --output json
  31 az role definition create --role-definition .\silk-flex-role.json
  32 rm .\silk-flex-role.json
  33 curl -o ./silk-flex-role.json https://gist.githubusercontent.com/stephenlauck/55e1c9db525f25f79f3342be147c2a45/raw/000b5202910d5cf9de9...
  34 (get-content .\silk-flex-role.json).replace('"/subscriptions/"', $(az account subscription list --query '[0].id' --output tsv)) | set-...
  35 (get-content .\silk-flex-role.json).replace('"/subscriptions/"', $(az account subscription list --query '[0].id')) | set-content .\sil...
  36 rm .\silk-flex-role.json
  37 `Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManage...
  38 az role definition list --name "Silk Flex" --output json
  39 az role definition list --custom-role-only true --output json --query '[].{roleName:roleName, roleType:roleType}'
  40 az role definition create --role-definition .\silk-flex-role.json
  41 az role definition create --role-definition .\silk-flex-role.json

@stephenlauck
Copy link
Author

stephenlauck commented Apr 29, 2024

az storage account create --name silkstorageaccount --resource-group spell-resource-group --location westus2 --sku Standard_ZRS --encryption-services blob

az storage account list

az storage account delete -n silkstorageaccount -g spell-resource-group -y

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment