An Azure Automation account runbook uses the ExchangeOnlineManagement module. A particular cmdlet is spewing a long message (below) about updating to version 2.0.6, which is still in preview.
I assume, because it's in preview, it doesn't show up in the "add module from PowerShell Gallery" in the Azure Portal. I cannot figure out how to update our Azure automation account to use 2.0.6-Preview6, and only 2.0.5 is listed for import.
Anyway, how can I suppress this message? I have the runbook getting fired from a MS Flow, and parsing JSON from the runbook output chokes on the unexpected non-JSON string.
Here's the cmdlet in question that produces the message:
$exchangeConnection = Connect-ExchangeOnline -ExchangeEnvironmentName O365USGovGCCHigh –CertificateThumbprint $connection.CertificateThumbprint –AppId $connection.ApplicationID –ShowBanner:$false –Organization $tenant | Out-Null
Here's the annoying message that is output:
=============================================================
New update available!
You are using an older version of Exchange PowerShell cmdlets which may be using (soon to be deprecated) Basic authentication.
Please install version 2.0.6 of the ExchangeOnlineManagement module to upgrade to the latest version of cmdlets, which are REST based, more secure, reliant and performant than the remote PowerShell cmdlets that you are currently using.
For more information on the latest cmdlets released, visit: https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-powershell-v2-module-preview-now-more-secure/ba-p/2922946
To download the latest version of the module, visit https://www.powershellgallery.com/packages/ExchangeOnlineManagement/2.0.6-Preview5
============================================================
Related
I am trying to shutdown the VM using Azure Automation Account System Managed identity option.
However I am ending up with below error.
As per the other articles it is mentioned to upgrade the module Update-ModulesInAutomationToLatestVersion but I could not update due to below error. I am not sure what is the issue in the script. Same script works with AzureRunAsConnection option without issues ( script ).I even checked with simple login with System Managed Identity it successfully login and fetches the resource group names.
I have tested the above shared script in my automation account. Below are
the couple of observations:
You need to use Connect-AzureRMAccount -Identity cmdlet instead of 'connect-AzAccount` to connect to your subscription because the rest of the script that you have written using Azure RM cmdlets.
If we use AzureRM cmdlets in your run book script the job is getting suspended stating that Azure RM is going to retired and suggesting us to use Az Module in your workflow.
You can refer to this documentation on how to migrate your PowerShell scripts automatically from AzureRM to AZ modules.
If you want to perform start/stop on your virtual Machines you can leverage the Azure Automation start/stop during the off hours feature.
According to the MICROSOFT DOCUMENTATION and looking at your script the Azure Rm module is not supported and it has been updated to the latest version of Az module.
For more information please refer the below links:-
MICROSOFT DOCUMENT|Using a system-assigned managed identity for an Azure Automation account & Troubleshoot runbook issue.
I am attempting to run an azureRM script via a devops pipeline.
I have tried all the possible powershell tasks, however I am always met with the following error:
New-AzureRmResource : The term 'New-AzureRmResource' is not recognized as a name of a cmdlet, function, script file, or executable program.
The script is designed to add a VNET to an app service.
I am aware that AzureRM is outdated, however there is no way to do cross-regional VNet integration via Az or the az cli.
How can I run an AzureRm script via a devops pipeline?
I assume you use Microsoft Hosted Agents
Multiple ways:
Invoke-RestMethod - All commands are accessible as API endpoints.
Install-Module - Just Install AzureRM.
Use AzurePowerShell#3 task version - Easiest solution - See docs, The newer #4 and #5 versions do not support AzureRM.
Because Az PowerShell modules now have all the capabilities of AzureRM PowerShell modules and more, we'll retire AzureRM PowerShell modules on 29 February 2024. So you can try to use Az.Resources module instead.
For the changes between AzureRm and Az, please view this document(Az.Resources (previously AzureRM.Resources)).
In addition, agree with Repcak. You can use AzurePowerShell#3 task or earlier, because these versions of task support AzureRm modules.
I'm attempting to enable accelerated networking in Azure from the Azure Powershell Az module. However, I get an error stating that 'No registered resource provider found for location "my location" and API version "2019-07-01"'
I've found that the latest API version available is 2019-06-01. I was able to get a list of API versions, but they are in date format and the Az Install-Module seems to only accept numbers such as 2.2.0.
((Get-AzResourceProvider -ProviderNamespace Microsoft.Network).ResourceTypes | Where-Object ResourceTypeName -eq networkInterfaces).ApiVersions
The code that generates the error:
$nic = Get-AzNetworkInterface -ResourceGroupName "myResourceGroupName" -Name "myNicName"
I'm looking for a way via Az powershell cmdlets or a web site reference to get the actual version number so I can install the correct version to interface with my Azure environment.
The answer here is to use Cloud Shell directly from the Azure portal. This is no longer a coding question so the community can feel free to do what they want with this.
Check for your Powershell and AzModule versions. The Current API version available is '2019-08-01':
Update your Powershell/AzModule and the command will work just fine. Refer to the documentation:
https://learn.microsoft.com/en-us/powershell/azure/install-az-ps?view=azps-2.7.0#requirements
I have an Az script that sets up Advanced Data Security for my Azure SQL Databases/Servers.
Unfortunately, Az cannot run in Azure Devops, so I translated the script to AzureRM. The script leaves Advanced Data Security in a "Partially Configured" state, due to the Azure SQL Server's VULNERABILITY ASSESSMENT SETTINGS not being set.
What is the AzureRM equivalent of Update-AzSqlServerVulnerabilityAssessmentSetting
I tried
Update-AzSqlServerVulnerabilityAssessmentSetting
to:
Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings
However, only the database gets configured and this leave the Server unconfigured.
They are not an equivalent, the AzureRm module was deprecated and will not be updated.
Unfortunately, Az cannot run in Azure Devops, so I translated the script to AzureRM.
As I know, the Task version with 4.*(preview) supports Az module. I tried it here.
If you want to AzureRm module to update Azure SQL Vulnerability Assessment Setting, you just can use command "update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings" to configure all database in one server, AzureRM does not provide command to enable customers to directly configure Azure SQL server. For more details, please refer to the blog.
Get-AzureRmSqlDatabase -ResourceGroupName $params.rgname -ServerName $params.serverName`
| where {$_.DatabaseName -ne "master"} `
| Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
-RecurringScansInterval Weekly `
-NotificationEmail $scanNotificationEmail `
-EmailAdmins $true"
I'm writing a PowerShell deployment script which automates the creation of my Azure resources and an accompanying ServicePrincipal.
Here is the code I'm using, which I've tested and works when run directly from PowerShell with the latest Azure 1.0.4 SDK module:
$ResourceGroupName = "my-resource-group"
$ADAppIdentifierUri = [string]::Concat("https://", $ResourceGroupName, ".azurewebsites.net")
# Generate a password for the AD application
$ServicePrincipalPassword = [Guid]::NewGuid().ToString().Replace("-", "")
# Create the Azure AD Application and service principal, and only assign access to our resource group
$AzureADApplication = New-AzureRmADApplication -DisplayName $ResourceGroupName -HomePage $ADAppIdentifierUri -IdentifierUris $ADAppIdentifierUri -Password $ServicePrincipalPassword
When I run this code using my ResourceGroup project deployment script in Visual Studio, I get the following error:
New-AzureRmADApplication : Unable to cast object of type 'Microsoft.Azure.TokenCloudCredentials' to type 'Microsoft.Azure.Common.Authentication.AccessTokenCredential'.
According to the stack trace the exception was raised at the start of the command New-AzureRmADApplication, so the exception is happening internally in the Azure SDK code unfortunately.
I've browsed the source code of the SDK in the following files and could not find any insight:
https://github.com/Azure/azure-powershell/blob/f803b991daa7eeeea1217238ab071c8d83de34be/src/ResourceManager/Resources/Commands.Resources/ActiveDirectory/NewAzureADApplicationCommand.cs
https://github.com/Azure/azure-powershell/blob/956d0ca795acfce67d8f142bf059ab2b8ab2c67b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs
https://www.symbolsource.org/Public/Metadata/NuGet/Project/Microsoft.Azure.Graph.RBAC/1.6.0-preview/Release/.NETFramework,Version%3Dv4.0/Microsoft.Azure.Graph.RBAC/Microsoft.Azure.Graph.RBAC/Generated/GraphRbacManagementClient.cs?ImageName=Microsoft.Azure.Graph.RBAC
I can only find one person who's encountered this same error at this link here:
https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal/
However, the solution there does not make sense to me because I am not using a management certificate to authenticate, and I don't have any management certificates listed on the manage.windowsazure.com site.
This is an issue (i.e. bug) when using token based authentication with the AzureRMAD* cmdlets. When you run the script from VS, VS uses the token you have from the VS sign-in to avoid prompting for auth. To work around it, you have to run it outside of VS using credentials.
There is an internal work item tracking this but if you want to monitor progress you can file an issue here: https://github.com/Azure/azure-powershell/issues/