{"id":16385972,"url":"https://github.com/techthoughts2/deletedsctmpfile","last_synced_at":"2025-10-08T12:09:56.494Z","repository":{"id":99419029,"uuid":"124417946","full_name":"techthoughts2/DeleteDscTmpFile","owner":"techthoughts2","description":"Custom DSC module for resolving clear text MOFs created by Azure Automation DSC","archived":false,"fork":false,"pushed_at":"2018-03-10T15:18:43.000Z","size":6,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-30T13:49:40.859Z","etag":null,"topics":["azure-automation","dsc","dsc-resource","dsc-resources"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/techthoughts2.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-03-08T16:25:09.000Z","updated_at":"2022-11-12T23:05:53.000Z","dependencies_parsed_at":"2023-05-07T11:08:39.577Z","dependency_job_id":null,"html_url":"https://github.com/techthoughts2/DeleteDscTmpFile","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/techthoughts2/DeleteDscTmpFile","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techthoughts2%2FDeleteDscTmpFile","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techthoughts2%2FDeleteDscTmpFile/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techthoughts2%2FDeleteDscTmpFile/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techthoughts2%2FDeleteDscTmpFile/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/techthoughts2","download_url":"https://codeload.github.com/techthoughts2/DeleteDscTmpFile/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techthoughts2%2FDeleteDscTmpFile/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269819032,"owners_count":24480087,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-11T02:00:10.019Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure-automation","dsc","dsc-resource","dsc-resources"],"created_at":"2024-10-11T04:15:49.892Z","updated_at":"2025-10-08T12:09:51.450Z","avatar_url":"https://github.com/techthoughts2.png","language":"PowerShell","readme":"# DeleteDscTmpFile\nCustom DSC module capable of finding and removing temporary MOFs created by Azure Automation DSC\n\n### Synopsis\nCustom DSC module that can be used to search C:\\Windows\\Temp and remove temporary MOF files.\n\n### Description\nThis module was co-developed with the Microsoft Support team to resolve a vulnerability where clear-text MOF files are leftover when using DSC with Azure Automation. \n\nAzure Automation (as explained by the MS Support team) pulls down the MOF in clear form from Azure Automation over SSL to C:\\windows\\Temp\\\u003cid\u003e\\localhost.mof (note: this ID is randomly generated)\n\nOnce there, Azure Automation uses the certificates in Azure to encrypt that MOF to the final destination C:\\windows\\system32\\Configuration\\Current.mof\n\nHowever, during this process Azure Automation is not removing the clear text localhost.mof\n\nThis module can be leveraged in your existing DSC to cleanup these files and ensure the only copy of your DSC is the properly encrypted Current.mof\n\n### How to run\nThis repo contains a properly zipped module for use with Azure Automation.\n\nUpload the zipped module to your Azure Automation account.\n\nAdd the following to your DSC configuration:\n\n```powershell\nImport-DscResource -ModuleName DeleteDscTmpFile\n\n#remove clearText MOFs from c:\\windows\\temp\nDeleteDscTmpFile removeClearMOFs{\n    ClearMOFSRemove = $true\n}\n```\nRe-compile your configuration.  Your DSC will now clean up after itself when devices pull down the new config, removing all clear text temporary MOFs which may contain sensitive information.\n\n### Contributors\n\nAuthor: Jake Morrison - http://techthoughts.info\n\nContributor: Microsoft Azure Support Team\n\n### Notes\n\nThe vulnerability issue with the clear-text temporary MOFs is discussed in the following two locations if you would like additional information:\n\nhttps://www.reddit.com/r/AZURE/comments/82fah0/azure_automation_dsc_mof_encryption/\n\nhttps://social.msdn.microsoft.com/Forums/sqlserver/en-US/1ce230e4-56cf-4ddf-b61a-4e62334c5214/azure-automation-dsc-mof-encryption?forum=azureautomation","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftechthoughts2%2Fdeletedsctmpfile","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftechthoughts2%2Fdeletedsctmpfile","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftechthoughts2%2Fdeletedsctmpfile/lists"}