Azure-Runbook
Azure Runbook is tool, used for automatically deploy your code to azure. It is a great tool for azure automation. Normally there are 3 ways to write an azure runbook --> graphical
, using PowerShell
, using python
.
We can create a runbook as a workflow
also.
The basic
difference between a workflow
and a normal runbook
is, in workflow
we can use checkpoints
to resume
any operations if any error occurs also we can use the power of parallel processing
to do multiple tasks
in parallel.
Why do we need to connect runbook to azure?
The answer is pretty much simple and straight forward.
We need to connect Runbook With azure because if it is not connected to azure then how the runbook will do modifications
or automation
on Azure resources?
In other words, we can't access any azure resources from outside and for that purpose, we need to do the connection and for this purpose service principle
is a great tool.
let's have a look at what is service principle
:
service principle
is an identity that is used to access azure resources, more specifically a combination of required ids or tokens to access azure resources like VM
s.
Connect an Azure Runbook with Azure using Powershell :
In this article, I will discuss how to connect an Azure runbook using the service principle
.
Connect an Azure Runbook with Azure using Powershell using service principle :
After creating a runbook one needs to write the following piece of code in order to connect the runbook with azure.
Function connect{
write-output 'Connecting .......'
#CONNECTION
$conn = Get-AutomationConnection -Name "AzureRunAsConnection"
$azConn=Connect-AzAccount -ServicePrincipal `
-Tenant $Conn.TenantID `
-ApplicationId $Conn.ApplicationID `
-CertificateThumbprint $Conn.CertificateThumbprint
#....
write-output 'Connected ...'
}
now just call the connect
function to connect your runbook with Azure resources.
Code explanation :
1) Defining the function connect
:
Function connect{
#my code goes here
}
2) Use the default service principle AzureRunAsConnection
using Get-AutomationConnection
cmdlet
to get the service principle automation connection in your runbook .
Now we get the service principle connection in the conn
variable.
This step is just knowing the credentials which are required to connect to Azure, and here the type of the credential is service principle.
You can also use any other service principle but You have to create that first.
For using Get-AutomationConnection
cmdlet the Az.automation
module must be imported in your azure automation account's module section.
3) Connect to azure by using the Connect-AzAccount
cmdlet and a service principal account, for which we need the parameter Tenant
, ApplicationId
(Application id), CertificateThumbprint
.
Tenant
- A tenant represents an organization in an azure ad. The tenant id is a universally unique number.
Certificate Thumbprint
- Certificate Thumbprint is used to identify which certificate to use for a particular for a cloud service.
-ServicePrincipal
denotes the type of credential.
We use the tenant id, application id, certificate thumbprint of the conn
variable using .
operator in order to connect azure from the runbook.
This step is used to connect with azure from the runbook using the credentials which we got from the previous step.
Top comments (0)