New-SCVMShieldingData

Creates a virtual machine shielding data object from a .pdk file.

Syntax

New-SCVMShieldingData [-Description <String>] [-JobVariable <String>] -Name <String> [-OnBehalfOfUser <String>]
 [-OnBehalfOfUserRole <UserRole>] [-PROTipID <Guid>] -RawData <Byte[]> [-RunAsynchronously]
 [-VMMServer <ServerConnection>] [<CommonParameters>]
New-SCVMShieldingData [-Description <String>] [-JobVariable <String>] -Name <String> [-OnBehalfOfUser <String>]
 [-OnBehalfOfUserRole <UserRole>] [-PROTipID <Guid>] [-RunAsynchronously] [-VMMServer <ServerConnection>]
 -VMShieldingDataPath <String> [<CommonParameters>]

Description

The New-SCVMShieldingData cmdlet creates a VMShieldingData object from a secure provisioning blob, a .pdk file, in Virtual Machine Manager (VMM). This file includes information such as virtual machine ownership keys, virtual machine customization information, hashes of acceptable source keys, and other information. Tenants create a provisioning blob by using an out-of-band tool.

You can use a virtual machine shielding data object for tasks such as encrypting virtual Trusted Platform Modules (TPMs), creating shielded virtual machines, and grandfathering non-shielded virtual machines.

The VMM database manages virtual machine shielding data objects as a library resource. They are scoped appropriately for the associated user role. VMM provides create, read, update, and delete functionality to manage them.

Examples

Example 1: Create a virtual machine shielding data by using a .pdk file

PS C:\> New-SCVMShieldingData -Name "ShieldingData01" -Description "Shielding data" -VMShieldingDataPath "C:\virtual\SD.pdk"

This command creates a virtual machine shielding data object named ShieldingData01. The command bases the object on the SD.pdk file that the VMShieldingDataPath parameter specifies.

Example 2: Create a virtual machine shielding data by using raw data

PS C:\> $Bytes = [System.IO.File]::ReadAllBytes ("C:\virtual\SD.pdk")
PS C:\> New-SCVMShieldingData -Name "ShieldingData02" -Description "Shielding data" -RawData $Bytes

The first command stores the contents of SD.pdf as a byte array to the $Bytes variable.

This command creates a virtual machine shielding data object named ShieldingData02. The command bases the object on the $Bytes array that the RawData parameter specifies.

Parameters

-Description

Specifies a description for the VMShieldingData object.

Type:String
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-JobVariable

Specifies the name of a variable in which job progress is tracked and stored.

Type:String
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Name

Specifies a name for the VMShieldingData object.

Type:String
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-OnBehalfOfUser

Specifies a user name. This cmdlet operates on behalf of the user that this parameter specifies.

Type:String
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-OnBehalfOfUserRole

Specifies a user role. To obtain a user role, use the Get-SCUserRole cmdlet. This cmdlet operates on behalf of the user role that this parameter specifies.

Type:UserRole
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-PROTipID

Specifies the ID of the Performance and Resource Optimization tip (PRO tip) that triggered this action. This parameter lets you audit PRO tips.

Type:Guid
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RawData

Specifies an array of bytes that contain raw .pdk data.

Type:Byte[]
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RunAsynchronously

Indicates that the job runs asynchronously so that control returns to the command shell immediately.

Type:SwitchParameter
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-VMMServer

Specifies a VMM server object.

Type:ServerConnection
Required:False
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-VMShieldingDataPath

Specifies the path of a .pdk file.

Type:String
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

VMShieldingData

This cmdlet returns a virtual machine shielding data object that contains the following information:

- RawData - KeyProtectorOwner - KeyProtectorGuardians - Name - Description