Chapters/just-enough-administration-primer/CreateEndpoint.ps1

#Requires -version 5.1

<#
SYNTAX
    New-PSSessionConfigurationFile [-Path] <String> [-AliasDefinitions <IDictionary[]>]
    [-AssembliesToLoad <String[]>] [-Author <String>] [-CompanyName <String>] [-Copyright <String>]
    [-Description <String>] [-EnvironmentVariables <IDictionary>] [-ExecutionPolicy {Unrestricted |
    RemoteSigned | AllSigned | Restricted | Default | Bypass | Undefined}] [-FormatsToProcess
    <String[]>] [-Full] [-FunctionDefinitions <IDictionary[]>] [-GroupManagedServiceAccount <String>]
    [-Guid <Guid>] [-LanguageMode {FullLanguage | RestrictedLanguage | NoLanguage |
    ConstrainedLanguage}] [-ModulesToImport <Object[]>] [-MountUserDrive] [-PowerShellVersion
    <Version>] [-RequiredGroups <IDictionary>] [-RoleDefinitions <IDictionary>] [-RunAsVirtualAccount]
    [-RunAsVirtualAccountGroups <String[]>] [-SchemaVersion <Version>] [-ScriptsToProcess <String[]>]
    [-SessionType {Empty | RestrictedRemoteServer | Default}] [-TranscriptDirectory <String>]
    [-TypesToProcess <String[]>] [-UserDriveMaximumSize <Int64>] [-VariableDefinitions <Object>]
    [-VisibleAliases <String[]>] [-VisibleCmdlets <Object[]>] [-VisibleExternalCommands <String[]>]
    [-VisibleFunctions <Object[]>] [-VisibleProviders <String[]>] [<CommonParameters>]
#>


#The name of the role capability should be the name of the role capability file,
#without the .psrc extension.
$roles = @{
  "company\JEA_ShareAdmins" = @{RoleCapabilities = 'ShareAdmins'}
}

#create the file
New-PSSessionConfigurationFile -Path .\ShareAdmin.pssc `
-SessionType RestrictedRemoteServer `
-RunAsVirtualAccount `
-RoleDefinitions $roles `
-Description "JEA Share Admin endpoint"

#validate it
Test-PSSessionConfigurationFile .\ShareAdmin.pssc