Azure Automation with PowerShell runbooks

• Author
• Recent Posts

Baki Onur Okutucu

Onur is a DevOps Engineer and Subject Matter Expert for Azure, and PowerShell. He is the founder of Clouderz Ltd, a cloud consultancy based in London. For 13 years in a row, Microsoft has recognized him as an MVP (Most Valuable Professional). You can follow Onur on Twitter: @BakiOnur.

Latest posts by Baki Onur Okutucu (see all)

• Create and manage append blobs with PowerShell - Wed, Oct 12 2022
• Permanently delete a Key Vault in Azure using PowerShell - Fri, Feb 4 2022
• Restore Azure Files with PowerShell - Fri, Jan 28 2022

As a part of Azure Automation, runbooks let us control common tasks and automate managing resources dynamically. Runbooks are sub-elements of Automation accounts. So to use a runbook we must first create an Automation account.

Runbook types

There are different types of runbooks available in Azure: PowerShell runbooks, Graphical PowerShell Workflow runbooks, PowerShell Workflow runbooks, Graphical runbooks, and Python 2 runbooks.

Runbook types in Azure

PowerShell runbooks

These runbooks are based on PowerShell, and you can create and edit them either in the Azure Portal or by using an offline editor. You can also import preconfigured PowerShell runbooks using PowerShell commands.

Graphical PowerShell Workflow runbooks

You can create and modify these runbooks with a built-in graphical editor in Azure. Even though Azure generates PowerShell code based on the graphical scenario, it does not allow us to view or modify the PowerShell code. However, we can export graphical runbooks and import them into another automation account. The advantage of this type of runbook is that we can visually create workflows and see the entire process easily.

PowerShell Workflow runbooks

PowerShell Workflow runbooks are similar to PowerShell runbooks. The main difference between these two is that PowerShell Workflow runbooks support PowerShell Workflow and parallel processing to perform multiple actions. You can also create these runbooks using any offline editor as well as the built-in Azure Portal.

Python 2 runbooks

With this type, you can create and edit Python 2 runbooks in Azure. It only supports Python 2 for the time being. So Python 3 functions will not work in Azure.

Listing runbooks

You can list runbooks in an automation account using the following command:

Get-AzureRmAutomationRunbook -ResourceGroupName 4sysops -AutomationAccountName azureautomation1 | select name

Listing existing runbooks

Creating a new runbook

While creating a new runbook using PowerShell, you must specify the runbook types in the following way. Please note these are case-sensitive values.

The accepted values are:

• PowerShell
• GraphicalPowerShell
• PowerShellWorkflow
• GraphicalPowerShellWorkflow
• Graph

To create a new runbook, use the following command:

New-AzureRmAutomationRunbook -Name StartVM -Type PowerShell -ResourceGroupName 4SYSOPS -AutomationAccountName AzureAutomation1

Creating a new runbook

After creating a new runbook, you need to put the content of the runbook in Azure. Alternatively, you can directly import a previously created PowerShell script in Azure.

Starting VMs using a runbook

We will first create our PowerShell script and then import it into Azure using PowerShell commands again. This script first checks for the definition of a resource group or a specific VM. If it finds a specified VM, it only starts the specified VM. If it finds a specified resource group, it starts all VMs in the specified resource group. If the user specifies nothing, the script starts all VMs in the subscription.

Let's look at the script below.

[OutputType([String])]
param (
    [Parameter(Mandatory=$false)]
    [String]  $AzureConnectionAssetName = "AzureRunAsConnection",
    [Parameter(Mandatory=$false)]
    [String] $ResourceGroupName,
    [Parameter(Mandatory=$false)]
    [String] $VmName
)
try {
    $ServicePrincipalConnection = Get-AutomationConnection -Name $AzureConnectionAssetName
    Write-Output "Logging in to Azure..."
    $Null = Add-AzureRmAccount `
        -ServicePrincipal `
        -TenantId $ServicePrincipalConnection.TenantId `
        -ApplicationId $ServicePrincipalConnection.ApplicationId `
        -CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
}
catch {
    if(!$ServicePrincipalConnection) {
        throw "Connection $AzureConnectionAssetName not found."
    }
    else {
        throw $_.Exception
    }
}
# If there's a specified resource group VM, get the specified VM/VMs in the resource group; otherwise get all VMs in the subscription.
if ($ResourceGroupName) {
if ($vmName) {
	$VMs = Get-AzureRmVM -ResourceGroupName $ResourceGroupName -vmName $vmName
}else{
       $VMs = Get-AzureRmVM -ResourceGroupName $ResourceGroupName
}
}
else {
	$VMs = Get-AzureRmVM
}
# Start VMs one by one
foreach ($VM in $VMs) {
	$Output = $VM | Start-AzureRmVM -ErrorAction Continue
	if (!$Output.IsSuccessStatusCode) {

       Write-Error ($VM.Name + " failed with the following error:") -ErrorAction Continue
		Write-Error (ConvertTo-Json $Output) -ErrorAction Continue
	}
	else {
		Write-Output ($VM.Name + " has been started")
	}
}

Importing a runbook into Azure

To start a runbook, you first need to publish it. To publish a runbook, we can use the following command:

Publish-AzureRmAutomationRunbook -AutomationAccountName AzureAutomation1 -ResourceGroupName 4SYSOPS -Name StartVM2

Publishing runbooks

Now we can either start the runbook manually using a PowerShell command or create a schedule for this runbook to start at a specified day and time.

To start a runbook manually, use the following command:

Start-AzureRmAutomationRunbook -Name StartVM2 -ResourceGroupName 4SYSOPS ‑AutomationAccountName AzureAutomation1

To create a new schedule, use the commands below:

$StartTime = Get-Date "15:00"
$EndTime = $StartTime.AddYears(1)
New-AzureRmAutomationSchedule -AutomationAccountName "AzureAutomation1" -ResourceGroupName 4SYSOPS -Name "Schedule1" -StartTime $StartTime -ExpiryTime $EndTime -DayInterval 1

Creating a new schedule

After creating the schedule, we can register an existing runbook with this schedule using the following commands:

Register-AzureRmAutomationScheduledRunbook -Name StartVM2 -ResourceGroupName 4SYSOPS -AutomationAccountName AzureAutomation1 -ScheduleName "Schedule1"

Registering a scheduled runbook

After automatically starting the runbook at its scheduled time, we can check the current job status using the following command:

Get-AzureRmAutomationJob -RunbookName StartVM2 -ResourceGroupName 4SYSOPS -AutomationAccountName AzureAutomation1

Listing Automation jobs

To see the entire output of the jobs, we can use the following commands:

Get-AzureRmAutomationJob -RunbookName StartVM2 -ResourceGroupName 4SYSOPS -AutomationAccountName AzureAutomation1 | Get-AzureRmAutomationJobOutput

Getting runbook outputs

We can check the statuses of the VMs if they are in a "running" state using the following command:

(Get-AzureRmVM -ResourceGroupName 4SYSOPS -VMName TestVM1 ‑Status).Statuses[1].DisplayStatus

Getting VM status

Conclusion

As you can imagine, we can use thousands of different scenarios with Azure runbooks. You can also start playing with runbooks by browsing the Runbook Gallery in Azure Portal to get a wide range of pre-configured runbooks.

Browsing the Runbook Gallery

In the next post, we will be working with Configuration Management in Azure Automation to take a closer look at Azure Desired State Configuration (DSC).