I would like to run some custom cleanup script in powershell or Az CLI to cleanup some resources that get created in a resource group but do not get cleaned up automatically when the resource group is deleted.
I can run a custom script manually and then delete the resource group, but I was wondering if there was a way to have it setup so a script is called automatically when the resource group is deleted from the Portal from example.
Have a look at Azure Automation:
Azure Automation delivers a cloud-based automation and configuration service that supports consistent management across your Azure and non-Azure environments. It comprises process automation, configuration management, update management, shared capabilities, and heterogeneous features. Automation gives you complete control during deployment, operations, and decommissioning of workloads and resources.
Source: An introduction to Azure Automation
You can use an Event Grid event as the trigger to run your automation runbook.
Related
In a case where you have several hundred VMs behind several different Azure accounts and a dozen or so different subscriptions, is it possible to use Hybrid Worker to run scripts against all of these VMs? If not, is there a service that accomplishes this in an Azure cloud environment?
If you want to start/stop a VM them you have to just make http post request with auth token, subscription id, resource group name, vm name.
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/powerOff?api-version=2022-03-01
Also, you can use runbook to run scripts on vms but you can on;y use one worker for one automation account.
Refer runbook docs.
I can see in Azure portal there is a nice UI to scale instances automatically.
Is there a way to change an app plan automatically?
For example, I may want to move from P1V2 to S1 during out of business hours, then scale back up again in the morning.
If there is no way to do it via the portal, I'm open to using APIs to change the app plans via a schedule functions or logic app if anyone can provide an example.
Any other suggestions are also welcome.
Thanks.
Is there a way to change an app plan automatically?
Not like there is a way to do so horizontally by using auto-scale. You can, however, accomplish this using Azure Automation.
Azure Automation delivers a cloud-based automation, operating system updates, and configuration service that supports consistent management across your Azure and non-Azure environments. It includes process automation, configuration management, update management, shared capabilities, and heterogeneous features.
Your scenario is explicitly mentioned under Common scenarios.
Azure resource lifecycle management - for IaaS and PaaS services.
Resource provisioning and deprovisioning.
Add correct tags, locks, NSGs, UDRs per business rules.
Resource group creation, deletion & update.
Start container group.
Register DNS record.
Encrypt Virtual machines.
Configure disk (disk snapshot, delete old snapshots).
Subscription management.
Start-stop resources to save cost.
Dev/test automation scenarios - Start and stop resources, scale resources, etc.
To set the App Service Plan, use Set-AzAppServicePlan from the Az.Websites module.
I am trying to create an azure resource manager template to provision storage accounts, and I want to enable diagnostics logging on creation.
Basically I am trying create a resource manager template to achieve the same result of them Cmdlet Set-AzureStorageServiceLoggingProperty so that the diagnostics logging is enabled on creation time, instead of enabling this manually every time a storage account is provisioned.
I came across this github thread in azure docs, it says that this feature is not supported yet, and it will be supported in the second half of calendar year 2019.
And the recommend way for automating this task is using powershell & c# commands.
I am working on deploying resources in to Azure using ARM Templates. I am one of five in my team. After deploying any resource into Azure portal, we need to know which user has deployed specific resource deployment into Azure including time. Because the deployment process has done randomly into Azure by the users.
How to find the details of specific user after deployment?
No way can associate the Azure deployments to the users smoothly. Seems you want to check the deployment logs.
In VSTS you can create a notification subscription for the deployments, thus you will receive the notifications once a deployment is triggered and you can check the deploy logs...
Another workaround is checking the Activity Logs in Azure. Please see View activity logs to audit actions on resources for details. You can also try the REST API:Activity Logs - List
You can also view the operations for a deployment through the Azure portal. Please seeView deployment operations with Azure Resource Manager for details.
I have an VM running in Azure which I would like the client to be able to turn on/off easily. I tought this would be simple; just a PS-script that performs an startup/shutdown/dealloc. But it seems I can't generate a "Azure Publish Settings"-file that only gives access to that VM? At the moment it seems I can only control this at the subscription level?
The Azure Publish Settings file basically contains the access information for an entire Azure subscription. It does not specify access to a specific resource (e.g. VM) but to all resources inside of a subscription.
To limit access to a subset of resources in Azure, you should be looking at the new role-based access (RBAC) functionality, which is available in the Azure preview portal and the latest Azure PowerShell cmdlets.
How it works is that you create an Azure resource group, to which you can assign roles with specific rights, and to this role you can then assign individual users.
Check the following Azure documentation link for details on how to do this.