Get-HgsAttestationBaselinePolicy

Generates an attestation baseline policy.

Syntax

Get-HgsAttestationBaselinePolicy
   -Path <String>
   [-Force]
   [-SkipValidation]
   [<CommonParameters>]
Get-HgsAttestationBaselinePolicy
   [-Console]
   [-SkipValidation]
   [<CommonParameters>]

Description

The Get-HgsAttestationBaselinePolicy cmdlet generates an attestation baseline policy. You can use the policy to configure the attestation service.

This cmdlet gets a byte array that represents the attestation baseline policy from the raw data of the last full boot from the Trusted Computing Group log of the Trusted Platform Module (TPM).

Be sure to run this cmdlet on a host that is known to have good configuration.

Examples

Example 1: Generate a baseline policy

Get-HgsAttestationBaselinePolicy -Path 'C:\Logs\AttestationBaselinePolicy001' -Force

This command generates a byte array that represents the baseline policy in the file C:\Logs\AttestationBaselinePolicy001.

Parameters

-Console

Indicates that this cmdlet operates in console mode.

Type:SwitchParameter
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Force

Indicates that this cmdlet overwrites an existing file that the Output object specifies.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Path

Specifies a file path. This cmdlet writes the policy to the file that this parameter specifies.

Type:String
Aliases:FilePath
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-SkipValidation

Indicates that this cmdlet skips validation.

Type:Switch
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Outputs

Byte[]