Getting started with Azure Automation Runbooks
From this article, I will be discussing the following things,
- What is Azure Automation?
- What is Azure Runbook?
- What are the Azure Runbook types?
- How to authorize Runbooks in Azure.
- Runbook modules and module gallery.
- Deploy sample Runbooks in Azure.
What is Azure Automation?
Azure Automation is a cloud-based automation platform that provides cost-effective automation services to users. These automation services will help users to decrease the time they spent on their day-to-day manual tasks. Azure automation is compatible with multiple vendors, cloud platforms, and on-premise systems. Azure Automation can be configured to interact and automate On-Premise infrastructure using a component called a Hybrid Worker. Azure automation provides Consistent management across both Azure and non-Azure environments.
Few capabilities of Azure Automation,
- Deployment automation: Automated deployment of resources
- Responding to alerts: Budget alerts, system alerts
- Dev/Test Automation: Start and stop scripts, scale scripts, etc
- Governance Automation: Automatically applying or updating tags, locks, policies, etc
What is Azure Runbook?
A simple definition for the Azure Runbooks is a file that contains a set of procedures and operations which is used to automate tasks. Basically, Runbooks are used as input for the Azure Automation service to process. So you can see that Azure Runbooks are a subset of Azure Automation. These Runbooks can be written using Powershell scripts and Python language. Runbooks can be run manually, scheduled, or called from an Action Group when an alert is triggered.
What are the Azure Runbook types?
There are five main Runbooks types available in Azure Automation.
- Graphical -: Based on Powershell and created and edited completely in graphical editor available in Azure portal.
- Graphical PowerShell workflow -: Graphical runbook based on Powershell workflow and created and edited completely in the graphical editor in Azure portal.
- PowerShell -: Textual Runbook based on Powershell script.
- PowerShell workflow -: Textual Runbook based on Powershell workflow. These types of Runbooks are capable of doing parallel processing for multiple actions at the same time.
- Python -: Textual Runbooks based on Python scripting. Available in both python versions 2 and 3.
How to authorize Runbooks in Azure
Once you implement your Runbook using any of the above-mentioned methods, you can start your Runbook. But before that, you need to authorize the Runbook in Azure. There are two main ways to authorize the Runbooks.
- Using Run As Account -: A Run As account can be created during the creation of an Azure Automation account or an existing account. Run As account that is created during the creation of an Azure Automation account will grant the Contributor role for the Azure subscription.
- Using identity -: In identity, you have two options, system assign or user assigned. You can grant permissions to the managed identity by using Azure RBAC. This managed identity will authenticate with Azure AD.
Runbook modules and module gallery
In Azure automation,3 you can use the modules which are provided by Azure or you can define your own module. PowerShell modules contain cmdlets that you can use in your Runbooks. You can find these modules to import in the Azure portal. modules are listed in your Automation account in the modules gallery under shared resources. There are set of functions unique to each function. If you have problems with a module, or you need to roll back to a previous version of a module, you can delete it from your Automation account, but please note that you can not delete the default modules which are imported automatically.
Deploy a sample Runbook in Azure
Now we know what is Azure automation and what Azure Runbooks are. Let’s try to deploy a sample Azure runbooks and see how it works. In this example to I’ll be demonstrating how to deploy a VM in Azure using a Azure Runbook.
Step 1 -: You need to have a valid Azure subscription and you need to create a Azure Automation account in the relevant subscription. To create the Automation account search for “Automation Account” in Azure portal and click on “create” button in top menu. Provide the required information. Please When creating the automation account you may need to provide the following information.
And after that click on “create” button to create your Azure automation account.
Step 2 -: After creating the Azure Automation account, you can create Azure Run As Account, This will provide authentication for managing resources in Azure with the Azure cmdlets for automation tasks. You can simply create this by clicking the “Run As Account” in left side menu of Azure Automation Account. Please note that this will create a service principle in Azure Active Directory with the role of “Contributor”.
Step 3-: Next select Runbooks under Process Automation section in left side menu. After that, in Runbooks section you can create or import Runbooks. In this example I’ll import a sample Runbook. Click on “import a runbook” in top menu. from their you can import your runbook from your local storage or from the runbook gallery. In this example I’ll import from my local storage. And also you need to provide the runbook type as well. What this sample runbook does is, it will create a single VM in your resource group, with the required resources to run the VM. You can find the runbook script here.
Once you import the runbook you can test it before publishing it. Click on the runbook you imported which is listed in your automation account, and then you will see the “test pane” option in the top menu bar, click on it to check your runbook for any errors. After confirming that your runbook has no errors, you can click on “publish runbook” in the top menu. Once it published you will be able yo deploy it.
Step 4-: And finally you will be able to deploy the runbook, As I mentioned before in this example, this runbook will create a single VM in your resource group. So go to your resource group and click on the automation runbook that you have published.
In the top menu, click on “start”, it will prompt you to the runbook start menu. In that menu provide the required values for the parameters VMNAME, RGNAME, VMSIZE and VMSKU. after that click on “ok” button to start the runbook.
Now you can see that our runbook is started and it is in running state. you can check the logs to confirm that the runbook is working fine. If you check the logs you can see that VM and the other related resources are created. Go to your resource group and check the resources are available there. click on the VM and you will be able to start and run the VM when you needed. So you can see that we have easily automated the task of creation of a VM in Azure. just like this, you can automate many tasks using Azure Automation Runbooks.