How to handle company-specific data in a Powershell module?

Hello,

This is my very first post on the forums, I’ve started using Powershell since a few months and it’s really captivating!

In the last few years my job has been installing and configuring my company’s proprietary software, a .NET application suite with some Windows services, ASP.NET web layer, SQL database layer and so on. Since this kind of activity would require a lot of manual “Windows clicking”, I found in Powershell the right automation tool. I started writing a Powershell module to install, deploy, configure and monitor all the components of our software - and right now I’m quite satisfied with the result, although it still needs a lot of improvement.

Specifically, the first version of my module included a lot of private company data (such as internal files, connection strings, services names, network paths and so on), something I was quite uncomfortable with. Therefore I collected all the sensitive data into a JSON file, that is loaded into the module as a global variable by the .psm1 script.

The module is designed to accept any JSON file with similar structure, so that it can be used as an automation tool for any .NET application suite with a similar architecture.

My question is: would this approach be considered a suitable one? Or are there any better options to deal with company data within a Powershell module?

Any help would be highly appreciated!

PS: pardon me for any mistake in my English, as it’s not my native language.

In my experience it’s not a good idea to ask others for their opinion on particular technical processes. Especially when it’s about code and you don’t show your code. :wink: In the end it depends on the opinion of you and the people who are using your module.

Quite often there are already modules or frameworks availabe for special purposses like installing. PSAppDeployToolkit for example. If you question is only about your decission for JSON files for configuration data. I’d consider JSON format made for computers. I think they are hard to read or maintain when you have to do it by hand. I used to prefer Powershell data files or YAML files. Here some more stuff to read about: http://ramblingcookiemonster.github.io/PowerShell-Configuration-Data

I agree with Olaf, and let me add one more thing.

Your script should not contain sensitive information, unless its at least encrypted, a very simple example here https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

The powerShell script is 99% of them are in clear text

Share some samples of what you want to do and we can help.