Skip to content

Commit d2da3d7

Browse files
authoredApr 1, 2024
Reorganize security content (MicrosoftDocs#10991)
* Reorganize security content * Fix wording
1 parent 89a9e4a commit d2da3d7

23 files changed

+243
-56
lines changed
 

‎.openpublishing.redirection.json

+95-5
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,95 @@
11
{
22
"redirections": [
3+
{
4+
"redirect_document_id": true,
5+
"redirect_url": "/powershell/scripting/security/preventing-script-injection",
6+
"source_path": "reference/docs-conceptual/dev-cross-plat/security/preventing-script-injection.md"
7+
},
8+
{
9+
"redirect_document_id": true,
10+
"redirect_url": "/powershell/scripting/security/securing-restricted-sessions",
11+
"source_path": "reference/docs-conceptual/dev-cross-plat/security/securing-restricted-sessions.md"
12+
},
13+
{
14+
"redirect_document_id": true,
15+
"redirect_url": "/powershell/scripting/security/application-control",
16+
"source_path": "reference/docs-conceptual/learn/application-control.md"
17+
},
18+
{
19+
"redirect_document_id": true,
20+
"redirect_url": "/powershell/scripting/security/remoting/ps-remoting-second-hop",
21+
"source_path": "reference/docs-conceptual/learn/remoting/PS-remoting-second-hop.md"
22+
},
23+
{
24+
"redirect_document_id": true,
25+
"redirect_url": "/powershell/scripting/security/remoting/running-remote-commands",
26+
"source_path": "reference/docs-conceptual/learn/remoting/Running-Remote-Commands.md"
27+
},
28+
{
29+
"redirect_document_id": true,
30+
"redirect_url": "/powershell/scripting/security/remoting/ssh-remoting-in-powershell",
31+
"source_path": "reference/docs-conceptual/learn/remoting/SSH-Remoting-in-PowerShell.md"
32+
},
33+
{
34+
"redirect_document_id": true,
35+
"redirect_url": "/powershell/scripting/security/remoting/wsman-remoting-in-powershell",
36+
"source_path": "reference/docs-conceptual/learn/remoting/WSMan-Remoting-in-PowerShell.md"
37+
},
38+
{
39+
"redirect_document_id": true,
40+
"redirect_url": "/powershell/scripting/security/remoting/winrm-security",
41+
"source_path": "reference/docs-conceptual/learn/remoting/WinRMSecurity.md"
42+
},
43+
{
44+
"redirect_document_id": true,
45+
"redirect_url": "/powershell/scripting/security/remoting/jea/audit-and-report",
46+
"source_path": "reference/docs-conceptual/learn/remoting/jea/audit-and-report.md"
47+
},
48+
{
49+
"redirect_document_id": true,
50+
"redirect_url": "/powershell/scripting/security/remoting/jea/overview",
51+
"source_path": "reference/docs-conceptual/learn/remoting/jea/overview.md"
52+
},
53+
{
54+
"redirect_document_id": true,
55+
"redirect_url": "/powershell/scripting/security/remoting/jea/prerequisites",
56+
"source_path": "reference/docs-conceptual/learn/remoting/jea/prerequisites.md"
57+
},
58+
{
59+
"redirect_document_id": true,
60+
"redirect_url": "/powershell/scripting/security/remoting/jea/register-jea",
61+
"source_path": "reference/docs-conceptual/learn/remoting/jea/register-jea.md"
62+
},
63+
{
64+
"redirect_document_id": true,
65+
"redirect_url": "/powershell/scripting/security/remoting/jea/role-capabilities",
66+
"source_path": "reference/docs-conceptual/learn/remoting/jea/role-capabilities.md"
67+
},
68+
{
69+
"redirect_document_id": true,
70+
"redirect_url": "/powershell/scripting/security/remoting/jea/security-considerations",
71+
"source_path": "reference/docs-conceptual/learn/remoting/jea/security-considerations.md"
72+
},
73+
{
74+
"redirect_document_id": true,
75+
"redirect_url": "/powershell/scripting/security/remoting/jea/session-configurations",
76+
"source_path": "reference/docs-conceptual/learn/remoting/jea/session-configurations.md"
77+
},
78+
{
79+
"redirect_document_id": true,
80+
"redirect_url": "/powershell/scripting/security/remoting/jea/using-jea",
81+
"source_path": "reference/docs-conceptual/learn/remoting/jea/using-jea.md"
82+
},
83+
{
84+
"redirect_document_id": true,
85+
"redirect_url": "/powershell/scripting/security/remoting/powershell-remoting-faq",
86+
"source_path": "reference/docs-conceptual/learn/remoting/powershell-remoting-faq.yml"
87+
},
88+
{
89+
"redirect_document_id": true,
90+
"redirect_url": "/powershell/scripting/security/security-features",
91+
"source_path": "reference/docs-conceptual/learn/security-features.md"
92+
},
393
{
494
"redirect_document_id": true,
595
"redirect_url": "/powershell/scripting/what-is-windows-powershell",
@@ -31,18 +121,18 @@
31121
"source_path": "reference/docs-conceptual/learn/tutorials/01-discover-powershell.md"
32122
},
33123
{
34-
"redirect_document_id": true,
35-
"redirect_url": "/powershell/scripting/learn/remoting/wsman-remoting-in-powershell",
124+
"redirect_document_id": false,
125+
"redirect_url": "/powershell/scripting/security/remoting/wsman-remoting-in-powershell",
36126
"source_path": "reference/docs-conceptual/learn/remoting/wsman-remoting-in-powershell-core.md"
37127
},
38128
{
39-
"redirect_document_id": true,
40-
"redirect_url": "/powershell/scripting/learn/remoting/ssh-remoting-in-powershell",
129+
"redirect_document_id": false,
130+
"redirect_url": "/powershell/scripting/security/remoting/ssh-remoting-in-powershell",
41131
"source_path": "reference/docs-conceptual/learn/remoting/ssh-remoting-in-powershell-core.md"
42132
},
43133
{
44134
"redirect_document_id": false,
45-
"redirect_url": "/powershell/scripting/learn/remoting/wsman-remoting-in-powershell",
135+
"redirect_url": "/powershell/scripting/security/remoting/wsman-remoting-in-powershell",
46136
"source_path": "reference/docs-conceptual/learn/remoting/wsman-unsupported-for-nonwindows.md"
47137
},
48138
{

‎reference/docs-conceptual/learn/ps101/08-powershell-remoting.md

+1-2
Original file line numberDiff line numberDiff line change
@@ -380,10 +380,9 @@ multiple commands against the same remote computer.
380380
- [PowerShell Remoting FAQ][PowerShell Remoting FAQ]
381381

382382
<!-- link references -->
383-
[PowerShell Remoting FAQ]: ../remoting/powershell-remoting-faq.yml
383+
[PowerShell Remoting FAQ]: ../../security/remoting/powershell-remoting-faq.yml
384384
[about_Remote]: /powershell/module/microsoft.powershell.core/about/about_remote
385385
[about_Remote_Output]: /powershell/module/microsoft.powershell.core/about/about_remote_output
386386
[about_Remote_Requirements]: /powershell/module/microsoft.powershell.core/about/about_remote_requirements
387387
[about_Remote_Troubleshooting]: /powershell/module/microsoft.powershell.core/about/about_remote_troubleshooting
388388
[about_Remote_Variables]: /powershell/module/microsoft.powershell.core/about/about_remote_variables
389-
[Breaking changes in PowerShell 6.0]: /powershell/scripting/whats-new/breaking-changes-ps6#remove--protocol-from--computer-cmdlets-5277
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
### YamlMime:Landing
2+
title: PowerShell Security
3+
summary: Learn about PowerShell's security features and best practices.
4+
5+
metadata:
6+
title: PowerShell Security
7+
description: Learn about PowerShell's security features and best practices.
8+
ms.topic: landing-page
9+
ms.date: 03/28/2024
10+
11+
# linkListType: architecture | concept | deploy | download | get-started |
12+
# how-to-guide | tutorial | overview | quickstart | reference |
13+
# sample | tutorial | video | whats-new
14+
15+
landingContent:
16+
# Card
17+
- title: Security features
18+
linkLists:
19+
- linkListType: overview
20+
links:
21+
- text: PowerShell security features
22+
url: security-features.md
23+
- text: Using Windows Defender Application Control
24+
url: application-control.md
25+
- linkListType: how-to-guide
26+
links:
27+
- text: Preventing script injection attacks
28+
url: preventing-script-injection.md
29+
- text: Securing a restricted PowerShell remoting session
30+
url: securing-restricted-sessions.md
31+
32+
# Card
33+
- title: PowerShell remoting
34+
linkLists:
35+
- linkListType: concept
36+
links:
37+
- text: Running remove commands
38+
url: remoting/running-remote-commands.md
39+
- text: Using WS-Management (WSMan) Remoting in PowerShell
40+
url: remoting/wsman-remoting-in-powershell.md
41+
- text: Security Considerations for PowerShell Remoting using WinRM
42+
url: remoting/winrm-security.md
43+
- text: PowerShell Remoting FAQ
44+
url: remoting/powershell-remoting-faq.yml
45+
- linkListType: how-to-guide
46+
links:
47+
- text: Making the second hop in PowerShell Remoting
48+
url: remoting/ps-remoting-second-hop.md
49+
- text: PowerShell remoting over SSH
50+
url: remoting/ssh-remoting-in-powershell.md
51+
52+
# Card
53+
- title: Just Enough Administration (JEA)
54+
linkLists:
55+
- linkListType: concept
56+
links:
57+
- text: Overview
58+
url: remoting/jea/overview.md
59+
- text: Prerequisites
60+
url: remoting/jea/prerequisites.md
61+
- text: JEA Role Capabilities
62+
url: remoting/jea/role-capabilities.md
63+
- text: Session configurations
64+
url: remoting/jea/session-configurations.md
65+
- text: Security considerations
66+
url: remoting/jea/security-considerations.md
67+
- linkListType: how-to-guide
68+
links:
69+
- text: Registering JEA Configurations
70+
url: remoting/jea/register-jea.md
71+
- text: Using JEA
72+
url: remoting/jea/using-jea.md
73+
- text: Auditing and Reporting on JEA
74+
url: remoting/jea/audit-and-report.md
75+
76+
# Card
77+
- title: Managing secrets
78+
linkLists:
79+
- linkListType: concept
80+
links:
81+
- text: Overview of the SecretManagement and SecretStore modules
82+
url: /powershell/utility-modules/secretmanagement/overview
83+
- text: Understanding the security features of SecretManagement and SecretStore
84+
url: /powershell/utility-modules/secretmanagement/security-concepts
85+
- linkListType: how-to-guide
86+
links:
87+
- text: Managing a SecretStore vault
88+
url: /powershell/utility-modules/secretmanagement/how-to/manage-secretstore
89+
- text: Use the SecretStore in automation
90+
url: /powershell/utility-modules/secretmanagement/how-to/using-secrets-in-automation
91+
- text: Use Azure Key Vault in automation
92+
url: /powershell/utility-modules/secretmanagement/how-to/using-azure-keyvault
93+
- linkListType: reference
94+
links:
95+
- text: Microsoft.PowerShell.SecretManagement module
96+
url: /powershell/module/microsoft.powershell.secretmanagement
97+
- text: Microsoft.PowerShell.SecretStore module
98+
url: /powershell/module/microsoft.powershell.secretstore

‎reference/docs-conceptual/learn/remoting/PS-remoting-second-hop.md renamed to ‎reference/docs-conceptual/security/remoting/PS-remoting-second-hop.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -352,6 +352,6 @@ Invoke-Command -ComputerName ServerB -Credential $cred -ScriptBlock {
352352
[17]: https://www.itprotoday.com/windows-server/how-windows-server-2012-eases-pain-kerberos-constrained-delegation-part-2
353353
[18]: https://www.microsoft.com/download/details.aspx?id=36036
354354
[19]: https://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp
355-
[20]: WinRMSecurity.md
355+
[20]: winrm-security.md
356356
[MS-ADA2]: /openspecs/windows_protocols/ms-ada2/cea4ac11-a4b2-4f2d-84cc-aebb4a4ad405
357357
[MS-SFU]: /openspecs/windows_protocols/ms-sfu/bde93b0e-f3c9-4ddf-9f44-e1453be7af5a

‎reference/docs-conceptual/learn/remoting/Running-Remote-Commands.md renamed to ‎reference/docs-conceptual/security/remoting/Running-Remote-Commands.md

+2-2
Original file line numberDiff line numberDiff line change
@@ -185,8 +185,8 @@ For help with remoting errors, see [about_Remote_Troubleshooting][05].
185185
[06]: /powershell/module/microsoft.wsman.management/about/about_ws-management_cmdlets
186186
[07]: /powershell/module/microsoft.wsman.management/about/about_wsman_provider
187187
[08]: powershell-remoting-faq.yml
188-
[09]: SSH-Remoting-in-PowerShell-Core.md
189-
[10]: WSMan-Remoting-in-PowerShell-Core.md
188+
[09]: ssh-remoting-in-powershell.md
189+
[10]: wsman-remoting-in-powershell.md
190190
[11]: xref:Microsoft.PowerShell.Core.Enter-PSSession
191191
[12]: xref:Microsoft.PowerShell.Core.Exit-PSSession
192192
[13]: xref:Microsoft.PowerShell.Core.Invoke-Command

‎reference/docs-conceptual/dev-cross-plat/security/securing-restricted-sessions.md renamed to ‎reference/docs-conceptual/security/securing-restricted-sessions.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,6 @@ By default, the PowerShell debugger runs code in `FullLanguage` mode. Set the
9595
For more information, see [UseFullLanguageModeInDebugger][02].
9696

9797
<!-- link references -->
98-
[01]: ../../learn/remoting/jea/overview.md
98+
[01]: remoting/jea/overview.md
9999
[02]: /dotnet/api/system.management.automation.sessionstate.usefulllanguagemodeindebugger?#system-management-automation-sessionstate-usefulllanguagemodeindebugger
100100
[03]: /powershell/module/microsoft.powershell.core/about/about_language_modes

‎reference/docs-conceptual/toc.yml

+44-44
Original file line numberDiff line numberDiff line change
@@ -198,44 +198,6 @@ items:
198198
href: samples/multiple-selection-list-boxes.md
199199
- name: Selecting items from a list box
200200
href: samples/selecting-items-from-a-list-box.md
201-
- name: PowerShell remoting
202-
items:
203-
- name: Just Enough Administration (JEA)
204-
items:
205-
- name: Overview
206-
href: learn/remoting/jea/overview.md
207-
- name: Prerequisites
208-
href: learn/remoting/jea/prerequisites.md
209-
- name: Role Capabilities
210-
href: learn/remoting/jea/role-capabilities.md
211-
- name: Session Configurations
212-
href: learn/remoting/jea/session-configurations.md
213-
- name: Registering JEA
214-
href: learn/remoting/jea/register-jea.md
215-
- name: Using JEA
216-
href: learn/remoting/jea/using-jea.md
217-
- name: Security Considerations
218-
href: learn/remoting/jea/security-considerations.md
219-
- name: Audit and Report on JEA
220-
href: learn/remoting/jea/audit-and-report.md
221-
- name: Running remote commands
222-
href: learn/remoting/running-remote-commands.md
223-
- name: PowerShell remoting over SSH
224-
href: learn/remoting/ssh-remoting-in-powershell.md
225-
- name: WS-Management (WSMan) remoting in PowerShell
226-
href: learn/remoting/wsman-remoting-in-powershell.md
227-
- name: WinRM Security
228-
href: learn/remoting/winrmsecurity.md
229-
- name: Making the second hop in PowerShell Remoting
230-
href: learn/remoting/ps-remoting-second-hop.md
231-
- name: PowerShell Remoting FAQ
232-
href: learn/remoting/powershell-remoting-faq.yml
233-
- name: PowerShell security
234-
items:
235-
- name: PowerShell security features
236-
href: learn/security-features.md
237-
- name: Using Application Control
238-
href: learn/application-control.md
239201
- name: Using Experimental Features
240202
href: learn/experimental-features.md
241203
- name: Compatibility aliases
@@ -331,6 +293,50 @@ items:
331293
href: windows-powershell/starting-windows-powershell.md
332294
- name: Windows Management Framework (WMF)
333295
href: windows-powershell/wmf-overview.md
296+
- name: Security
297+
items:
298+
- name: Overview
299+
href: security/overview.yml
300+
- name: PowerShell security features
301+
href: security/security-features.md
302+
- name: Using Application Control
303+
href: security/application-control.md
304+
- name: Preventing script injection attacks
305+
href: security/preventing-script-injection.md
306+
- name: Securing a restricted PowerShell remoting session
307+
href: security/securing-restricted-sessions.md
308+
- name: PowerShell remoting
309+
items:
310+
- name: Just Enough Administration (JEA)
311+
items:
312+
- name: Overview
313+
href: security/remoting/jea/overview.md
314+
- name: Prerequisites
315+
href: security/remoting/jea/prerequisites.md
316+
- name: Role Capabilities
317+
href: security/remoting/jea/role-capabilities.md
318+
- name: Session Configurations
319+
href: security/remoting/jea/session-configurations.md
320+
- name: Registering JEA
321+
href: security/remoting/jea/register-jea.md
322+
- name: Using JEA
323+
href: security/remoting/jea/using-jea.md
324+
- name: Security Considerations
325+
href: security/remoting/jea/security-considerations.md
326+
- name: Audit and Report on JEA
327+
href: security/remoting/jea/audit-and-report.md
328+
- name: Running remote commands
329+
href: security/remoting/running-remote-commands.md
330+
- name: PowerShell remoting over SSH
331+
href: security/remoting/ssh-remoting-in-powershell.md
332+
- name: WS-Management (WSMan) remoting in PowerShell
333+
href: security/remoting/wsman-remoting-in-powershell.md
334+
- name: WinRM Security
335+
href: security/remoting/winrm-security.md
336+
- name: Making the second hop in PowerShell Remoting
337+
href: security/remoting/ps-remoting-second-hop.md
338+
- name: PowerShell Remoting FAQ
339+
href: security/remoting/powershell-remoting-faq.yml
334340
- name: Desired State Configuration (DSC)
335341
href: dsc/overview.md
336342
- name: PowerShell Gallery
@@ -375,12 +381,6 @@ items:
375381
href: dev-cross-plat/performance/script-authoring-considerations.md
376382
- name: Module performance considerations
377383
href: dev-cross-plat/performance/module-authoring-considerations.md
378-
- name: Security considerations
379-
items:
380-
- name: Preventing script injection attacks
381-
href: dev-cross-plat/security/preventing-script-injection.md
382-
- name: Securing a restricted PowerShell remoting session
383-
href: dev-cross-plat/security/securing-restricted-sessions.md
384384
- name: Developing modern modules
385385
items:
386386
- name: Writing portable modules

‎reference/docs-conceptual/whats-new/What-s-New-in-PowerShell-74.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -215,7 +215,7 @@ For more information about the Experimental Features, see [Using Experimental Fe
215215
<!-- end of content -->
216216
<!-- reference links -->
217217
[01]: ../install/installing-powershell-on-windows.md
218-
[02]: ../learn/application-control.md#wdac-policy-auditing
218+
[02]: ../security/application-control.md#wdac-policy-auditing
219219
[03]: ../learn/experimental-features.md
220220
[04]: ../learn/experimental-features.md#pscommandnotfoundsuggestion
221221
[05]: ../learn/experimental-features.md#pscommandwithargs

0 commit comments

Comments
 (0)
Please sign in to comment.