-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinstall.ps1
74 lines (56 loc) · 2.41 KB
/
install.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<#
.SYNOPSIS
Custom VM Extension script for Prisma Cloud Compute Defender installation on Windows hosts.
.DESCRIPTION
Custom VM Extension script for Prisma Cloud Compute Defender installation on Windows hosts.
.EXAMPLE
./install.ps1 -url europe-west3.cloud.twistlock.com -tenant eu-123456 -bearer XXXX"
.PARAMETER bearer
Mandatory parameter which contains the bearer/api token.
.PARAMETER url
Mandatory parameter which contains the url where the console is located.
.PARAMETER tenant
Mandatory parameter which contains the url where the console is located.
.PARAMETER tenant
Mandatory parameter which contains the url where the console is located.
.PARAMETER proxyFQDN
Optional parameter specifying the proxy i.e. test.proxy.net:8080
.PARAMETER proxyUser
Optional parameter specifying the proxy username if applicable.
.PARAMETER proxyPassword
Optional parameter specifying the proxy password if applicable.
#>
# Version 0.2 (2021-08-13)
# This version is modified for public publication.
param ( [parameter(Mandatory = $true)][string]$bearer,
[parameter(Mandatory = $true)][string]$url,
[parameter(Mandatory = $true)][string]$tenant,
[string]$proxyFQDN = "",
[string]$proxyUser = "",
[string]$proxyPassword = "")
$bodyContent = ""
if ($proxyFQDN) {
$bodyContent = @{
"proxy" = @{
"httpProxy" = $proxyFQDN;
"user" = $proxyUser;
"password" = $proxyPassword;
};
};
}
$parameters = @{
Uri = "https://$url/$tenant/api/v1/scripts/defender.ps1";
Method = "Post";
Headers = @{
"authorization" = "Bearer $bearer" };
OutFile = "defender.ps1";
Body = $bodyContent;
};
if ($PSEdition -eq 'Desktop') {
add-type " using System.Net; using System.Security.Cryptography.X509Certificates; public class TrustAllCertsPolicy : ICertificatePolicy{ public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { return true; } } ";
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy;
} else {
$parameters.SkipCertificateCheck = $true;
}
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
Invoke-WebRequest @parameters; .\defender.ps1 -type serverWindows -consoleCN $url -install