We use TeamCity as CI server. In our build pipeline we need at some stage to run a powershell script, which applies a checkpoint to certain virtual machine hosted on dedicated Hyper-V server.
TeamCity agents work as special user, lets call that account TCAgent. Its password is shared among many people. To allow this user to execute the powershell script on Hyper-V server I need to allow that user to login to the server, which is highly insecure.
So, I need the user TCAgent to be able to execute certain script on the server, but no more. How can I accomplish that?