Deploying Azure Automation in the Azure Portal
In this post, I will explain how you can use the Azure Portal to deploy Azure Automation, install additional PowerShell modules, and ensure that all PowerShell modules are up to date.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
As always with an Azure “how to” post, Microsoft will probably change the user interface/steps as soon as this post is submitted. The changes will probably be minor, so you should be still able to get through the process with this guide.
Deploying an Automation Account
Unfortunately, some of the nomenclature in Azure Automation is confusing. An Automation Account is a bucket/engine for storing/running automation runbooks (scripts). It is not actually a user account in the way that the name would suggest!
Creating an Automation Account is pretty simple. Note that Automation is only available in some of the Azure regions but this has no impact on where you can use Automation. For example, I can deploy Azure Automation in one region and execute runbooks against resources in another region.
Log into the Azure Portal, expand the navigation bar, search for Automation, select Automation Accounts, and then click Add. Enter the following details:
- Name: Give the new Azure Automation Account a name.
- Subscription: Select the subscription that the Automation Account will be created in.
- Resource Group: Select an existing resource group or name a new one to be created.
- Location: Select which region the Automation Account will be created in.
- Create Azure Run As account: Runbooks sign in using a run as account. By selecting Yes, you get an easy-to-use run as account. Selecting No means that you must create and configure these service accounts.
A new Azure Automation Account and some sample runbooks are created in your selected resource group/region after a couple of moments.
Updating Azure PowerShell Modules
I have found in the past that Automation Accounts can be deployed by Azure with out-of-date PowerShell modules. That is not great because this will prevent Azure PowerShell-based runbooks from executing correctly or at all. However, we can easily update the modules.
Open the new Automation Account and click Modules. Here, you will find the modules that are installed by default and the last modified date. You can quickly update all of the currently installed Azure PowerShell modules by clicking the Update Azure Modules button. This process can take a little while, so Microsoft will ask if you are sure. Click Yes to continue.
The update process launches an Automation job. Click Jobs and expand the running instance of Update-AutomationAzureModulesForAccount. You can track the progress of this job by clicking Output.
I created a brand-new Automation Account to create screenshots for this article. Over half of the modules were updated by the above process, so this is a don’t-skip-it-step.
Adding Azure PowerShell Modules
In the past, I have written PowerShell runbooks that require Azure PowerShell modules to be added to the default set. This has included AzureRM.Network for configuring network configurations during Azure Site Recovery failovers. You will know which modules are required, when you try to test that your runbook and cmdlets are identified as being unknown.
Do the following to add an Azure PowerShell module, open the Automation Account and browse to Modules Gallery. Search for the missing module and select it. Click the Import button and then click OK in the Import blade if you wish to continue. Note that some modules might identify other modules that must be imported before the desired one is imported.
It can take several minutes for an import to complete. You can track the progress of the import job by returning to Modules in the Automation Account and monitoring the status of the new module.
Option -– Change Tier
There are three pricing tiers for Azure Automation:
- Free: No charge for 500 minutes of runbook execution time
- Basic: Unlimited usage, charged at $0.002/minute of runtime (East US 2)
- OMS: A bundle pricing tier using Operations Management Suite licensing
A new Automation Account is deployed into the free tier. You can switch the tier to Basic if you require more than 500 minutes of runbook runtime or OMS if you purchase that bundle. To do this:
- Open the Automation Account.
- Browse to Pricing Tier And Usage.
- Click the current Tier (Free).
- Change the tier as required.
- Click OK.
You now should be ready to use your Automation Account.