Azure-Runbook
Azure Runbook is tool, used for automatically deploy your code to azure. It is a great tool for azure automation. Normally there are 3 ways to write an azure runbook --> graphical, using PowerShell, using python.
We can create a runbook as a workflow also.
The basic difference between a workflow and a normal runbook is, in workflow we can use checkpoints to resume any operations if any error occurs also we can use the power of parallel processing to do multiple tasks in parallel.
Why do we need to connect runbook to azure?
The answer is pretty much simple and straight forward.
We need to connect Runbook With azure because if it is not connected to azure then how the runbook will do modifications or automation on Azure resources?
In other words, we can't access any azure resources from outside and for that purpose, we need to do the connection and for this purpose service principle is a great tool.
let's have a look at what is service principle :
service principle is an identity that is used to access azure resources, more specifically a combination of required ids or tokens to access azure resources like VMs.
Connect an Azure Runbook with Azure using Powershell :
In this article, I will discuss how to connect an Azure runbook using the service principle.
Connect an Azure Runbook with Azure using Powershell using service principle :
After creating a runbook one needs to write the following piece of code in order to connect the runbook with azure.
Function connect{
write-output 'Connecting .......'
#CONNECTION
$conn = Get-AutomationConnection -Name "AzureRunAsConnection"
$azConn=Connect-AzAccount -ServicePrincipal `
-Tenant $Conn.TenantID `
-ApplicationId $Conn.ApplicationID `
-CertificateThumbprint $Conn.CertificateThumbprint
#....
write-output 'Connected ...'
}
now just call the connect function to connect your runbook with Azure resources.
Code explanation :
1) Defining the function connect :
Function connect{
#my code goes here
}
2) Use the default service principle AzureRunAsConnection using Get-AutomationConnection cmdlet to get the service principle automation connection in your runbook .
Now we get the service principle connection in the conn variable.
This step is just knowing the credentials which are required to connect to Azure, and here the type of the credential is service principle.
You can also use any other service principle but You have to create that first.
For using Get-AutomationConnection cmdlet the Az.automation module must be imported in your azure automation account's module section.
3) Connect to azure by using the Connect-AzAccount cmdlet and a service principal account, for which we need the parameter Tenant, ApplicationId (Application id), CertificateThumbprint.
Tenant - A tenant represents an organization in an azure ad. The tenant id is a universally unique number.
Certificate Thumbprint - Certificate Thumbprint is used to identify which certificate to use for a particular for a cloud service.
-ServicePrincipal denotes the type of credential.
We use the tenant id, application id, certificate thumbprint of the conn variable using . operator in order to connect azure from the runbook.
This step is used to connect with azure from the runbook using the credentials which we got from the previous step.
Top comments (0)