Signing Custom PowerShell Scripts

Document created by rich_patterson Employee on Feb 24, 2017
Version 1Show Document
  • View in full screen mode

Windows based Run Time engines ( Atom/Molecule/Cloud ), require the use of PS1 / Powershell scripts for restart and other capabilities.

 

Often times, depending on the security policy within your organization, these scripts may need to be digitally signed by your security admins before they will run correctly.

 

For example, in a molecule or cloud scenario, where the powershell scripts reside on a network file system, security policy may not allow them to run, from the remote system.

 

These scripts are pushed out during each one of our AtomSphere releases, therefore it is not sufficient to simply sign the default scripts.  ( Even if the content does not change, the time stamp will ).

 

The correct approach, is to define "CUSTOM" versions of the procrunner, procworker, and restart scripts by following the procedure in the ref articles below.  Essentially:

  • In the <install>/bin directory, make copies of the three scripts
    • procrunner-<CUSTOM>.ps1
    • procworker-<CUSTOM>.ps1
    • restart-<CUSTOM>.ps1
  • Have the security team sign these "CUSTOM" scripts
  • In Atom Management ( or directly in the container.properties file )
    • Set the values for the three associated properties, to match the name of the files above (<CUSTOM>)
      • Customized Procrunner Script File Name
      • Customized Procworker Script File Name
      • Customized Restart Script File Name
    • Restart the instance

 

Note: Once you have created custom versions of any of the AtomSphere scripts, regardless of the reason, you should pay close attention to the Release Notes and other Boomi release correspondence.  You should look for potential updates that we might make to these scripts, so that you can retrofit the changes into your CUSTOM versions.

 

Related:

Preservationof custom scripts for Molecules and Atom Clouds 

CustomizingMolecule or Atom Cloud script files 

Setting a containerproperty for customized script files 

Attachments

    Outcomes