Getting Started with Azure Automation Desired State Configuration

In today’s Ask the Admin, I’ll show you how to create an Azure Automation account, upload and compile a DSC configuration, and on board an Azure VM.

In Introduction to Azure Automation Desired State Configuration on the Petri IT Knowledgebase, I explained how Azure Automation Desired State Configuration (DSC) relieves organizations of some of the infrastructure requirements of PowerShell DSC, along with other advantages, including controlling who can access DSC configurations, assign them to nodes, and check node configuration compliance. Today we’re going to get down to business and configure Azure Automation DSC.

Create a DSC script

Before we can test out Azure Automation DSC, we’ll need a DSC script. For the purposes of this demonstration, we’ll use a basic script that checks for the presence of a text file (test.txt). If the file is not present, it’s created.

Configuration FileResourceDemo
{             
     Node "localhost"              
     {                         
       File CreateFile {                                     
         DestinationPath = 'C:\Test.txt'                                            
         Ensure = "Present"                                     
         Contents = 'Hello World!'                         
       }                  
     }
}

You can copy the above code into Notepad or the Windows PowerShell ISE. Save the script to your PC as TestDSC.ps1

Create an Azure Automation account

Azure Automation DSC requires an Azure Automation account in addition to the Microsoft account associated with your subscription. If you don’t already have an Azure Automation account, create one using the steps below.

Add an Azure Automation account (Image Credit: Russell Smith)

• Log in to the Azure management portal here.
• In the left pane of the portal, click + New.
• In the New pane, click Management, and then in the Management pane, click Automation.
• In the Add Automation Account pane, enter a Name for the new account.
• Select an active Azure subscription from the dropdown menu.
• Check Create new under Resource group and enter a name for the new group.
• Select a location from the dropdown menu.
• Make sure that Create Azure Run As account is set to Yes.
• Click Create to deploy the new account.

You’ll need to wait a few minutes for the accounted to be created. To check if the account has been created successfully:

• In the left pane of the portal window, click Browse >, and then Automation Accounts.
• In the Automation Accounts pane, click your automation account.

Add an Azure Automation account (Image Credit: Russell Smith)

Add a DSC configuration to Azure Automation

Now that we have created an Azure Automation account, let’s add the DSC configuration script that we created earlier to Azure.

• In the DSC Configurations pane, click Add a configuration.
• In the Import pane, click the folder icon to browse for a configuration file, select TestDSC.ps1 and click OK.
• Wait for status to change to Published, and then click on the TestDSC.ps1 filename in the DSC Configurations pane.
• In the DSC Configurations pane, click Add a configuration, and then Compile in Configuration pane.

Add a DSC node (Image Credit: Russell Smith)

Again, we’ll need to wait a few minutes for DSC script to be compiled into a MOF file.

On board an Azure VM

The final step is to on board a VM (node) and assign the DSC configuration. Note that it’s also possible to on board VMs hosted by cloud providers other than Microsoft, and on premise servers.

• Go back to Automation Account pane, and click the DSC Nodes tile.
• In the DSC Nodes pane, click Add Azure VM.
• In the Add Azure VMs pane, click Select Virtual Machines to onboard, and select the VM(s) you’d like to on board.
• In the Add Azure VMs pane, click Configure registration data.

Add a DSC node (Image Credit: Russell Smith)

• In the Registration pane, enter the name of your DSC configuration, as it appears on the Automation Account pane, into the Node Configuration Name field. In this example, the configuration name is FileResourceDemo.localhost.
• Leave the default settings for Refresh Frequency and Configuration Mode Frequency,
• Make sure that ApplyAndMonitor is selected from the Configuration Mode dropdown menu, and then click OK.
• Back in the Add Azure VMs pane, click Create. Note that the VM should be powered on.

Adding the node can take up to ten minutes. It could take even more time for the configuration to apply to the node(s), depending on the refresh and configuration mode frequencies set. But you should connect to the node using RDP and check if test.txt was created.