Azure Runbooks are a powerful tool for automating tasks and workflows in Azure. They allow you to create, manage, and execute automated tasks on a schedule or on demand.
With Azure Runbooks, you can automate tasks such as stopping and starting virtual machines, deploying and updating applications, and sending notifications.
Runbooks can be created using a visual interface, making it easy to create and manage complex workflows.
Azure Runbooks can be integrated with other Azure services, such as Azure Automation, to further simplify automation.
Getting Started
To get started with Azure runbooks, you'll need to publish your runbook first. After successful publication, you can run it by executing the Start-AzAutomationRunbook command.
To run the command, use the -Wait switch which causes the Start-AzAutomationRunbook to wait for the runbook to finish running before returning the result.
You can create a new automation account and a set of credentials to access the automation service. Storing credentials in Azure Automation allows workflows to connect to Azure as the account provided.
Azure Automation runbooks are a set of processes and step-by-step procedures that you execute repetitively to support various enterprise tasks.
Creating a Runbook
Creating a runbook in Azure Automation is a straightforward process. You can create a runbook from scratch or use the Quick Create feature.
To create a runbook from scratch, you'll need to sign in to the Azure Management Portal, click on the Automation account, and locate the Runbooks on the left blade. From there, you can click on "Create a runbook" and fill in the required information.
Alternatively, you can use the Quick Create feature, which allows you to create an empty runbook by clicking on +NEW -> App Services -> Runbook -> Quick Create. This will prompt you to provide a name for the runbook, a description, and select the Automation Account.
To create a runbook, you'll need to provide a name that follows the PowerShell verb-noun naming convention, such as "Set-RunbookConfiguration". This name cannot be changed later.
Here are the steps to create a runbook using Quick Create:
Once you've created the runbook, you can select it from the Runbooks view and click on the Author tab to begin authoring your runbook. From there, you can add code to the runbook using standard PowerShell Workflow syntax.
Adding Code and Features
You can add code to your Azure runbook using a PowerShell script. To do this, create a new file called HelloWorld.ps1 in your code editor and copy and paste the code into it. Save the file and then import the PowerShell code into your Azure runbook using the Import-AzAutomationRunbook command.
To ensure you're using the right runtime version for your PowerShell modules, select the correct runtime version when executing your runbook. For example, if you're executing a runbook for a SharePoint automation scenario in Runtime version 7.1 (preview), then import the module in Runtime version 7.1 (preview).
Here are the supported runtime versions for PowerShell and Python runbooks:
- PowerShell: 5.1, 7.1 (preview), 7.2
- Python: 2.7 (GA), 3.8 (GA), 3.10 (preview)
Note that Python 3.10 (preview) runtime version is supported for both Cloud and Hybrid jobs in all Public regions except a few regions. Also, Python 2.7 is no longer supported by parent product Python, so it's recommended to create new runbooks in the supported versions and update the outdated runbooks.
Adding Code
Adding code to your Azure runbook is a straightforward process. You can create a new file called HelloWorld.ps1 in your code editor and copy the following code into it.
To import the PowerShell code into your Azure runbook, you'll need to use the Import-AzAutomationRunbook command with the -Force parameter. This will overwrite any existing runbook with the same name.
You can also use any offline text editor and import the runbook into Azure Automation. This flexibility is a key benefit of Azure runbooks.
The PowerShell version used in your runbook is determined by the Runtime version specified. Currently, PowerShell 7.2 runtime version is supported for both Cloud and Hybrid jobs in all Public regions except Central India, UAE Central, Israel Central, Italy North, and Germany North.
Here are the supported PowerShell runtime versions:
- PowerShell 7.2
- PowerShell 7.1 (preview)
- PowerShell 5.1
If you're using Python runbooks, you can compile them under Python 2.7, Python 3.8, or Python 3.10 (preview). You can directly edit the code of the runbook using the text editor in the Azure portal or an offline text editor.
For Python 3.10 (preview) modules, only wheel files targeting cp310 Linux OS are supported. You must be familiar with Python scripting and source control integration isn't supported.
Here are the limitations of Python runbooks:
- Python 3.10 (preview)
- Python 3.8
- Python 2.7
For Python 3.8 modules, use wheel files targeting cp38-amd64. To use third-party libraries, you must import the packages into the Automation account. Azure Automation doesn't support sys.stderr.
Capabilities and Features
Azure Automation provides a robust set of capabilities and features to streamline management of resources across Azure, non-Azure, and on-premises environments. This comprehensive tool gives you complete control over deployment, operations, and decommissioning of workloads and resources.
Azure Automation comprises a set of capabilities and features that make management tasks easier and scalable. It includes shared resources, role-based access control, and source control integration.
Shared resources are a key aspect of Azure Automation, providing capabilities that simplify automation and configuration management tasks at scale. Some of the shared resources include schedules, modules and modules gallery, credentials, variables, certificates, connections, and Python 2 packages.
Role-Based Access Control (RBAC) is another important feature of Azure Automation, offering fine-grained regulated access to automation resources. This ensures that only authorized personnel can access and manage automation resources.
The source control integration feature of Azure Automation allows you to use source control to check-in runbooks and configurations, providing configuration as a code. This feature enables you to manage and track changes to your automation configurations more efficiently.
Here are some of the key shared resources provided by Azure Automation:
- Schedules
- Modules and Modules Gallery
- Credentials
- Variables
- Certificates
- Connections
- Python 2 Packages
Publishing and Testing
Publishing an Azure runbook is a crucial step before testing it. You can publish a runbook in the graphical editor by clicking the Publish button and confirming the action.
In the Azure Portal, you can test a runbook in the Test pane, which allows you to safely execute the runbook for testing. To access the Test pane, click Test Pane at the top of the canvass.
To publish an Azure runbook in Azure PowerShell, you need to use the Publish-AzAutomationRunbook cmdlet, as shown in Example 2. This cmdlet publishes the runbook and changes its state to published.
Using the Portal
To create an Azure Runbook using the portal, start by signing in to the Azure Portal with your preferred web browser. Select the subscription where you want to create the automation account.
Creating a new resource group is optional, but you can choose to create one by clicking the Create new link under the Resource group box. Type the name for the new resource group and click OK.
You can also select an existing resource group from the drop-down. Once you have your automation account, follow the steps to create a new runbook in the Azure Portal.
To create a new runbook, click Select on the Stop Azure V2 VMs page when it opens. This will allow you to start creating your runbook.
Publishing
To publish an Azure runbook, you need to use the Publish-AzAutomationRunbook cmdlet in PowerShell, which publishes the runbook and makes it available for execution.
You can't test a runbook in PowerShell like you can in the Azure Portal, so publishing is the only way to start a runbook in PowerShell.
Publishing a runbook in the Azure Portal isn't necessary if you're using the graphical editor, but if you're working with Azure PowerShell, publishing is the key to making your runbook executable.
Testing
Testing is a crucial step in the publishing process. You've created and configured a runbook, but does it work? To find out, the editor has a test pane where you can safely execute the runbook for testing.
Click Test Pane at the top of the canvass to open the test pane. Performing a runbook testing in the test pane automatically saves the current runbook.
The test pane allows you to execute the runbook and see the output. Click Start to run the runbook and wait for the test execution until you see the Completed message.
The output pane shows the expected result, which in this case is the Hello World message. You can close the Test pane to go back to the editor.
Before leaving the runbook as it is, you can run a final test to ensure that the runbook works as expected. To do this, click Overview → Edit to open the graphical editor.
You can run the test without changing the parameters. Click Start, and the runbook will connect to Azure and attempt to stop all running VMs inside the subscription.
Run As Account
Creating a Run As Account is a crucial step in connecting to Azure resources in your runbook. You'll need to create a service principal in Azure Active Directory (AAD) with the required permissions.
To get started, click the Run as accounts blade and select Azure Run As Account. Then, click Create on the Add Azure Run As Account dialog.
The Automation service will create and maintain this account for you. However, you'll need to click on the new Azure Run As Account to view its properties.
As you can see, the Run As account also created other assets or shared resources in the automation account, such as Connection and Certificate. This is a result of the Run As account being tied to a service principal object in Azure with a Contributor role to the subscription.
Note that the Run As Account expires based on the certificate expiration date.
Automation and Scheduling
You can automate tasks with Azure Runbook, which allows you to stop Azure VMs on a schedule.
With Azure Automation, you can compose a schedule by linking a new schedule to your runbook.
To create a schedule, provide a name and description for it, then select your schedule preferences: Type, Start Time, Expiration date, and Recurrence.
This schedule will now be active and run in your local time zone unless modified. You can reuse this schedule for other runbooks if you want to schedule multiple runbooks to run at the same time.
Scheduling
You can compose a schedule in Azure Automation to run your runbooks at specific times.
To link a new schedule to a runbook, go to the Schedule view and select "Link to a new schedule". Provide a name and description for the schedule.
Select your schedule preferences: Type, Start Time, Expiration date, and Recurrence. This will make the schedule active and it will run in your local time zone unless otherwise modified.
You can reuse this schedule for other runbooks if you want to schedule multiple runbooks to run at the same time.
Automated Virtual Machine Deployment
Automated Virtual Machine Deployment is a game-changer for businesses looking to streamline their IT operations. It uses Azure Automation with PowerShell Runbooks to automate deployments of virtual machines.
Here, an event is triggered after a file is uploaded to a storage blob container, and Azure Automation listens to the event from the storage account, kicking off the first runbook. This initiates the process of reading an Excel sheet, one record at a time.
The first runbook sends a record to the second PowerShell runbook, which does the actual provisioning of the virtual machine(s). This second runbook also checks if IP addresses are available to be assigned to the virtual machine.
In case the subnet has already exhausted all the IP addresses, a new subnet is created and used for the VM creation. A predefined network security group (NSG) is assigned to the VM to confirm the security requirements of the organization.
Using two runbooks keeps the PowerShell runbook code more modular and easier to understand. This approach also allows for centralized management of the automation service through shared resources like credentials, modules, and variables.
Azure Automation Service is created to manage the automation process, making it more efficient and scalable.
Importing and Managing
Importing and Managing Azure Runbooks is a breeze. You can import a runbook from the gallery by navigating to the Automation accounts blade in the Azure Portal and clicking on the specific automation account.
To import a runbook from the gallery, you'll need to click on Runbooks → Browse Gallery and find the one you want to import. The Stop Azure V2 VMs runbook is a great example of one you can import.
You can also import a PowerShell Workflow or runbook that you've written or discovered earlier. To do this, you can use the "Import" function located in the command bar of the runbooks tab.
To import a runbook, you'll need to enter a name for the runbook, such as "stop-az-vm", and click Import. The runbook will then open in the graphical editor automatically.
After importing a runbook, you can publish it by clicking Publish, Yes, to make it available in your automation account. You can also return to the automation account blade by clicking the Automation account link in the breadcrumbs.
Remember to keep your runbooks list clean by deleting any runbooks you no longer need.
Troubleshooting and Issues
Azure runbooks can be prone to issues, but don't worry, we've got you covered.
Delayed jobs may fail with an exception message invalid interpreter executable path.
If your job is delayed and takes more than 10 minutes, you might encounter this issue.
Restarting the runbook should be sufficient to resolve the problem.
Advanced Topics
Azure Runbook has a built-in feature called "DSC" which allows you to automate the deployment and configuration of your resources.
You can use Azure Runbook to create custom modules that integrate with Azure services, such as Azure Storage and Azure Active Directory.
The Azure Runbook can be triggered by various events, including changes to Azure resources, user input, and scheduled tasks.
Azure Runbook has a built-in feature to handle errors and exceptions, allowing you to create robust and reliable automation workflows.
By using Azure Runbook, you can automate repetitive tasks and focus on higher-level tasks that require human judgment and expertise.
Wrapping Up
Now that you've completed the Azure Automation service tutorial, you should be able to create, run, and configure job streams with ease.
You're now an expert in navigating the Azure Automation service, which means you can efficiently manage your runbook tasks.
To further enhance your skills, consider exploring the different types of runbooks available, including PowerShell, PowerShell Workflow, graphical, and Python runbooks.
Here are some specific tutorials to get you started:
- Tutorial: Create a PowerShell runbook.
- Tutorial: Create a PowerShell Workflow runbook.
- Tutorial: Create a graphical runbook.
- Tutorial: Create a Python runbook.
Frequently Asked Questions
What is the function of a runbook?
A runbook is a detailed guide that outlines the steps and dependencies needed to manage and operate technology infrastructure and services. It helps ensure smooth operations and troubleshooting by documenting procedures and tasks in a single, accessible resource.
What are three examples of runbook Automation?
Runbook automation is used in various scenarios, including incident management, service requests, and business continuity. These use cases help streamline operations and reduce workload among team members.
What is a runbook in Azure automation?
A runbook in Azure Automation is a stored and managed script that automates tasks and workflows, delivered to designated Hybrid Worker computers for execution. It's a key component of Azure Automation, enabling efficient and scalable automation of complex processes.
How to call Azure runbook from Power Automate?
To call an Azure runbook from Power Automate, start by selecting the runbook in the Azure portal and clicking "Start", then provide any required parameter values. You can then use the runbook's output in Power Automate to automate your workflow.
Sources
- https://adamtheautomator.com/azure-runbook/
- https://www.sqlshack.com/getting-started-with-azure-automation/
- https://www.varonis.com/blog/azure-automation
- https://learn.microsoft.com/en-us/azure/automation/automation-runbook-types
- https://azure.microsoft.com/en-us/blog/azure-automation-runbook-management/
Featured Images: pexels.com