When I remove an automation account in the Azure console it will remove the run as account connected to the automation account. When I run the 'Remove-AzAutomationAccount' command it will not remove the run as account. How can I remove the run as account through powershell when I'm removing the automation account?
You could remove the run as account via Remove-AzADApplication, try the command as below, it works fine on my side.
$connection = Get-AzAutomationConnection -ResourceGroupName <ResourceGroupName> -AutomationAccountName <AutomationAccountName> -Name AzureRunAsConnection
$appid = $connection.FieldDefinitionValues.ApplicationId
Remove-AzADApplication -ApplicationId $appid
Remove-AzAutomationAccount -ResourceGroupName <ResourceGroupName> -Name <AutomationAccountName>
Related
we have a problem with a Microsoft bot hosted in Azure.
As long as we haven't resolved it, we want to periodically restart it.
We found 3 sets of powershell commands and spent the full day on it without making it work.
Solution 1:
we found the cmdlets : Get-AzCloudService Restart-AzCloudService.
We didn't understand from the documentation what module to install.
It returns : The term 'Restart-AzCloudService' is not recognized as the name of a cmdlet.
They talk about an obscure "extended support" to have access to it.
Solution 2:
We are able to list the cloud service using:
Connect-AzAccount
get-azresource -name $serviceName -resourcetype
"Microsoft.BotService/botServices"
But we do not find the cmdlet to restart the resource.
Solution 3:
Reset-AzureRoleInstance -serviceName $serviceName -Slot "production" -InstanceName $serviceName
Error : No default subscription has been designated. Use Select-AzureSubscription -Default
We are using MFA. Login-AzureRmAccount systematically fails , evenly saying that our account is disabled.
We did no manager to run the sequence:
Login-AzureRmAccount
Select-AzureSubscription -Default
Reset-AzureRoleInstance -serviceName $serviceName -Slot "production" -InstanceName $serviceName
The idea is to run this script twice a day, either from a VM or from an Azure Runbook.
We managed to run this code using an automation Account but we are still missing the last command that would restart the bot (that we consider a cloud service).
Param()
$automationAccount = "xxx"
$resourceGroup = "xxx"
$serviceName = "xxx"
$subscriptionname ="xxx"
$subscriptionid ="xxx"
# Ensures you do not inherit an AzContext in your runbook
Disable-AzContextAutosave -Scope Process | Out-Null
# Connect using a Managed Service Identity
try {
$AzureContext = (Connect-AzAccount -Identity).context
}
catch{
Write-Output "There is no system-assigned user identity. Aborting.";
exit
}
#Set-AzureSubscription -SubscriptionId $subscriptionid
$AzureContext = Set-AzContext -SubscriptionName $AzureContext.Subscription `
-DefaultProfile $AzureContext
get-azresource -name $serviceName -resourcetype "Microsoft.BotService/botServices"
I have an Azure runbook where I am trying to deallocate VMs. When I run the runbook I get the error
Stop-AzureVM : No default subscription has been designated. Use Select-AzureSubscription -Default <subscriptionName> to
set the default subscription.
I have used the below in my script.
Add-AzureRmAccount
Select-AzureRMSubscription
After calling the select, it prints out
PSComputerName : localhost
PSSourceJobInstanceId :
Account :
Environment :
Subscription :
Tenant :
with the correct subscrption and tenant information so it seems the select is working correctly, but for some reason I still cannot use the Stop-AzureVM cmdlet.
Any ideas?
The command Stop-AzureVM is Azure Service Management PowerShell command. It just can be used to stop Azure classic VM. But the command Add-AzureRmAccount is Azure Resource Management PowerShell command. After running the command, we just can manage Azure Resource Management resources. For more details, please refer to here and here.
So with Azure ARM VM, please use the command Stop-AzureRmVM to stop it. Meanwhile, regarding how to stop Azure classic VM, please refer to the following steps
Create Azure Classic Run As Account
Script
$ConnectionAssetName = "AzureClassicRunAsConnection"
# Get the connection
$Conn = Get-AutomationConnection -Name $ConnectionAssetName
# Authenticate to Azure with certificate
$CertificateAssetName = $Conn.CertificateAssetName
$AzureCert = Get-AutomationCertificate -Name $CertificateAssetName
Set-AzureSubscription -SubscriptionName $Conn.SubscriptionName -SubscriptionId $Conn.SubscriptionID -Certificate $AzureCert
Select-AzureSubscription -SubscriptionId $Conn.SubscriptionID
#stop VM
Stop-AzureVM -ServiceName "ContosoService01" -Name "MyVM" -Force
Besides, regarding how to check if the VM is classic, please refer to the blog
Try Running the below :
Get-Module AzureRm.Profile -ListAvailable
This issue might occur when there is multiple instances of the module. If there are multiple instance remove the older modules and retain the new module.
To remove the old module : Uninstall-Module -Name AzureRm.Profile -RequiredVersion 4.6.0#(olderversion if you have any)
In Azure, I want to rename a SQL database with a PowerShell automation runbook with the command:
Set-AzureRmSqlDatabase -ResourceGroupName <ResourceGroupName>
-ServerName <ServerName> -DatabaseName <DatabaseName> -NewName <NewName>
according to the documentation https://learn.microsoft.com/en-us/powershell/module/azurerm.sql/set-azurermsqldatabase?view=azurermps-6.13.0
This command works fine in the Launch Cloud Shell from the top navigation of the Azure portal.
But in a runbook, it does not work with this error:
Set-AzureRmSqlDatabase : A parameter cannot be found that matches parameter name 'NewName'.
It seems that -NewName is missing in a runbook
Set-AzureRmSqlDatabase `
-DatabaseName <System.String> `
-ResourceGroupName <System.String> `
[-ElasticPoolName <System.String>] `
[-Tags <System.Collections.Generic.Dictionary`2[System.String,System.String]>] `
[-RequestedServiceObjectiveName <System.String>] `
-ServerName <System.String> `
[-Edition <Microsoft.Azure.Commands.Sql.Database.Model.DatabaseEdition>] `
[-MaxSizeBytes <System.Int64>]
I'm expecting that you are running the runbook from an Azure Automation Account.
Depending on when you created the Azure Automation Account, your accounts modules might be outdated.
A simple way to prove this is to create a new runbook and put this into it:
Get-Command Set-AzureRmSqlDatabase
Execute the runbook from the portal and view the output. You will be surprised to see what module version it will report back to you.
Luckily I had an very old Automation Account laying around to prove it for you:
Results:
After the update
The results are:
After consulting the Microsoft Support I am able to kick off a Docker container via Azure Automation with the following code:
$connection = Get-AutomationConnection -Name AzureRunAsConnection
$secpasswd = ConvertTo-SecureString "132asdf9asdf342" -AsPlainText -Force
$credentials = New-Object System.Management.Automation.PSCredential ("somecontainerregistry", $secpasswd)
Connect-AzureRmAccount -ServicePrincipal -Tenant $connection.TenantID -ApplicationId $connection.ApplicationID -CertificateThumbprint $connection.CertificateThumbprint
New-AzureRmContainerGroup -RegistryCredential $credentials -ResourceGroupName automation-rg -Name jjcontainer03 -Image somecontainerregistry.azurecr.io/etl-pipeline -OsType Linux -DnsNameLabel aci-etl-pipeline-01 -RestartPolicy Never -Command "scrapy crawl data"
This seems to work fine when I test the pane inside the Azure Automation Portal, but when I schedule it to run every hour, I only see that the Runbook job has been executed (at the correct time), without creating a new Azure instance. Should I remove the old instance every time or is there something else I am missing?
If you are specifying the script to create a container with a static name - such as the one in your case - it will not be recreated since AzureRM module detects that the said container group already exists. Try adding 'Remove-AzureRmContainerGroup ...' one line above the 'New-AzureRmContainerGroup ...'
You can use a new guid as the name of the container if you want a unique name.
I've been using the classic Azure Portal for a while now, and I know how to create a VM, customize it, then capture it as an Image and use that image to create more VMs.
Now I'm trying to use the new Azure Portal. I created the VM and customized it, now I want to capture an image so I can make more VMs exactly the same way. The problem is the new web portal doesn't capture option.
As far as I know, you can do it via Powershell:
Login-AzureRmAccount
Get-AzureRmSubscription
Select-AzureRmSubscription -SubscriptionId "<subscriptionID>"
Stop-AzureRmVM -ResourceGroupName <resourceGroup> -Name <vmName>
Set-AzureRmVm -ResourceGroupName <resourceGroup> -Name <vmName> -Generalized
Save-AzureRmVMImage -ResourceGroupName <resourceGroupName> -Name <vmName> `
-DestinationContainerName <destinationContainerName> -VHDNamePrefix <templateNamePrefix> `
-Path <C:\local\Filepath\Filename.json>
For more details visit: https://learn.microsoft.com/en-us/azure/virtual-machines/virtual-machines-windows-capture-image