I am looking to port production jobs into Azure automation. The goal would be to schedule maintenance from scripts held in a shared drive on all computers in that domain. Using Azure, I could use the Invoke-AzVMRunCommand cmdlet to accomplish this task. Powershell also natively supports running scripts remotely with the Invoke-Command cmdlet.
Is there any particular benefit in using one cmdlet as opposed to another? Invoke-Command assumes you have open communication with the target host, but that is a given in my case. Are there any other drawbacks to using Invoke-Command? What about Invoke-AzVMRunCommand?
From Azure portal if we want to run any powershell script inside an Azure VM, we use this Invoke-AzVMRunCommand cmdlet, there it will open the Powershell window to connect to the Azure VM from backend.
The Run Command option is recommended if you need to run scripts inside an Azure VM using the guest agent.
You can also run this command directly from Azure PowerShell, CLI and Cloud Shell as well.
Invoke-AzVMRunCommand -ResourceGroupName '<myResourceGroup>' -Name '<myVMName>' -CommandId 'RunPowerShellScript' -ScriptPath '<pathToScript>' -Parameter #{"arg1" = "var1";"arg2" = "var2"}
For Invoke-AzVMRunCommand cmdlet we need to pass the script in the -ScriptPath parameter, so the script file has to be in place from where cmdlet is being run. Wherever you are running the script you will need to have the script available there.
Limitation:
To Run this command the below permission is needed Microsoft.Compute/virtualMachines/runCommand/action .
The Virtual Machine Contributor role and higher levels will have this.
Whereas,
Invoke-command cmdlet is just used to invoke any RestAPI or an action using the PowerShell.
Refer this document to know about the Invoke command.
Related
There is a Windows VM hosted on Azure. On this VM is a .bat file which I need to execute from outside. The start of this process should be possible within an Azure Function.
Does anyone have an idea about this?
I tried to execute the .bat file via Azure Cloud Shell and it worked but I found multiple commands and I am not sure which is the best one and which are usable in an Azure Function.
Best regards
You can write Azure Functions using Powershell as the programming language. Then, import Az.Compute and use the following to invoke commands in your vm from the Azure Functions:
Invoke-AzVmRunCommand `
-ResourceGroupName "rg-azpsremote" `
-VMName "server1" `
-CommandId "RunPowerShellScript" `
-ScriptPath "C:\temp\x.ps1"
ps: you can call the bat file from ps1 file.
I wrote a power-shell and it is running fine from the windows machine by PS editor. System prompt for my user name to authenticate before running this.
$subscription = "dev"
Connect-AzAccount -Subscription $subscription
$keyvaultname = "kv-dev"
Update-AzKeyVaultNetworkRuleSet -DefaultAction Allow -VaultName $keyvaultname
when I am running the same script in Azure pipelines (using PowerShell task) it is throwing following error. I removed the Connect-AzAccount.
Update-AzKeyVaultNetworkRuleSet' is not recognized as the name of a cmdlet, function,
script file, or operable program. Check the spelling of the name, or if a path was
included, verify that the path is correct and try again.
How can I run this from azure pipelines using Power Shell task.
To execute the Azure PowerShell commands in pipeline job to manage Azure resources, you should use the Azure PowerShell task instead of PowerShell task.
You need to set up an Azure Resource Manager service connection (ARM connection) for use on the Azure PowerShell task. This ARM connection is used as the authentication, and you should not directly set the authentication in the PowerShell scripts.
I need to start an Powershell Script on a Windows Virtual Machine on Azure using Azure Functions or Azure Logic App. So, I would like to know if this is possible und How can i do that
You need to create a Function app in powershell, e.g. using VS Code or Azure Portal.
Please follow the MS guide that describes how to create your first Function App using VS code: https://learn.microsoft.com/en-us/azure/azure-functions/functions-create-function-app-portal
In the ps code of the function app you need use the Invoke-AzVMRunCommand cmdlet to run a PowerShell script on an Azure VM. The cmdlet expects the script referenced in the -ScriptPath parameter to be local to where the cmdlet is being run.
Here is the the sample usage format:
Invoke-AzVMRunCommand -ResourceGroupName '<myResourceGroup>' -Name '<myVMName>' -CommandId 'RunPowerShellScript' -ScriptPath '<pathToScript>' -Parameter #{"arg1" = "var1";"arg2" = "var2"}
Note:
Listing the run commands or showing the details of a command requires the Microsoft.Compute/locations/runCommands/read permission on Subscription Level. The built-in Reader role and higher levels have this permission.
Running a command requires the Microsoft.Compute/virtualMachines/runCommand/action permission. The Virtual Machine Contributor role and higher levels have this permission.
You can use one of the built-in roles or create a custom role to use Run Command.
Is there a way to trigger installer inside Azure VM with an API call or hook to get the installer running? Something like a PowerShell which I can be executed remotely, I just need to pass a parameter to it which it will pass the installer.
I need something simple and quick to get going,
I have looked into Custom Script Extension but I don't see how can I trigger it. Not sure what is the right thing to search for.
There are a couple options available for running commands in a VM.
While the Custom Script Extension is useful for configuration or management tasks, the Run command feature is very useful in that it is available even when the machine is not reachable. You can also run a Hybrid Runbook Worker with your custom scripts stored in an Automation account.
Refer to the following docs for more info:
Run scripts in your Windows VM
Run Command
You can use Invoke-AzVmRunCommand to do this. The script needs to be local to where the cmdlet is being run.
Invoke-AzVMRunCommand -ResourceGroupName 'rgname' -VMName 'vmname' -CommandId 'RunPowerShellScript' -ScriptPath 'sample.ps1' -Parameter #{param1 = "var1"; param2 = "var2"}
I want to start an exe that is located in a VM every day. The exe is 5 minutes long, so I want to use azure automation to start the vm, run the exe, and when it's finished, stop the vm.
I've looked at some resources on the web, and I can start the VM with :
Start-AzureVM -Name $VMName -ServiceName $ServiceName
I've seen in examples that people stop vm in other job at a certain time, but is it possible to start the vm, run an exe and stop the vm when the exe has terminated ?
You could start the VM via automation, and then fire off the exe from a Powershell script. When the exe exits you could call Stop-AzureVM / Stop-AzureRmVM
PowerShell Remoting
Yes, you can use a PowerShell Remoting session, which sits on top of Windows Remote Management (WinRM) to achieve this.
The high-level workflow for your Azure Automation Runbook would look something like:
Start-AzureVM ...
Invoke-Command ...
Stop-AzureVM ...
The Invoke-Command PowerShell command creates a PowerShell Remoting session (PSSession) to the Azure Virtual Machine, using the VM's public WinRM endpoint. The command will run synchronously by default, unless you use the -AsJob parameter to execute the command as a PowerShell Background Job, on the Runbook Worker. If you choose to invoke the remote command (your exe file) as a Background Job, then you can use the Wait-Job command to wait for its completion, before calling Stop-AzureVM.
IaaSv1 or IaaSv2?
Another major factor in your automation work, is considering whether you are using Azure Service Management (ASM) or Azure Resource Manager (ARM). Azure has two different APIs, and depending on how you created your VM, you will be using one or the other.
ASM = IaaSv1 (classic VMs)
ARM = IaaSv2
When you provision IaaS VMs in ASM, they must be a member of a "Cloud Service" container. Conversely, in ARM / IaaSv2, you can create VM instances as top-level members of your Azure subscription (account), with the caveat that all ARM-based cloud resources must be deployed into a "Resource Group."
ASM and ARM have entirely separate PowerShell modules. The ASM command is Start-AzureVM and the ARM equivalent is Start-AzureRmVM. Due to the inherent differences in the ASM and ARM architecture, these two commands also have different parameters. The ASM version requires that you specify the "Cloud Service" that the IaaS VM belongs to, whereas the ARM version requires that you specify the "Resource Group" that the VM belongs to.
For whoever may visit here, here is the example of Start VM, Run a script and stop VM.
https://github.com/shanjin14/AzureAutomation
In the RunPython.ps1 just need to put the full file path to the exe file
such as "C:\abc.exe"
Cheers. hope it helps