azure automation invades your data centre
TRANSCRIPT
AZURE AUTOMATION INVADES YOUR DATA
CENTREKIERAN JACOBSEN
READIFY
WHO AMI I
• TECHNICAL LEAD AT READIFY• INTERNAL AND CUSTOMER INFRASTRUCTURE• BIG FAN OF AUTOMATION
AGENDA
• AZURE AUTOMATION• AZURE WORKER LIMITATIONS• HYBRID WORKERS, GROUPS, LIMITATIONS• AZURE AUTOMATION AUTHORING TOOLKIT• WEB HOOKS
AUTOMATION CAN MEAN MANY THINGS
• CLOUD SERVICE AUTOMATION• INFRASTRUCTURE AUTOMATION• PROCESS AUTOMATION
AZURE AUTOMATION
• MANAGED SERVICE• AZURE AND CLOUD FOCUS• BACKED BY POWERSHELL• DR, HA, PROVISIONING, MONITORING, PATCHING, BACKUPS• HIGHLY AVAILABLE
CONCEPTS
• ACCOUNT• RUNBOOKS• ASSETS• JOBS• WORKERS
DEMONAVIGATING AZURE AUTOMATION
AZURE WORKER LIMITATIONS
• LIMITED TO SPECIFYING WHICH AZURE REGION• NO CONTROL OVER IP ADDRESS
• TRACEABILITY• FIREWALLS
• LIMITED CONTROL OVER MAKE UP OF AZURE WORKER
HYBRID WORKERS
• RUNBOOKS RUNNING WITHIN YOUR DC• REQUIRE OPERATIONS MANAGEMENT SUITE WITH AUTOMATION
SOLUTION/PLUGIN• SUPPORT SCRIPT, WORKFLOW AND GRAPHICAL RUNBOOKS• NO INBOUND FIREWALL REQUIREMENTS
DEMOYOUR FIRST HYBRID JOB
HYBRID WORKER GROUPS
• COLLECTIONS OF WORKERS• RUNBOOKS ARE EXECUTED AGAINST GROUPS• IDEAL FOR PROVIDING HA• SHARE “RUN AS” PERMISSIONS
DEMORUNNING A RUNBOOK ACROSS MULTIPLE WORKERS
& CONFIGURING “RUN AS”
HYBRID WORKER LIMITATIONS
• MODULE DEPLOYMENT• EXECUTION CONTEXT• NO SIMPLE FILE OR EVENT TRIGGERS• NO PRIORITISATION OF WORKERS IN A GROUP• DOCUMENTATION
AZURE AUTOMATION AUTHORING TOOLKIT
• MANAGE AZURE AUTOMATION ACCOUNTS FROM ISE• CREATE, EDIT AND MODIFY RUNBOOKS AND ASSETS• AVAILABLE FROM THE POWERSHELL GALLERY HTTPS://
WWW.POWERSHELLGALLERY.COM/PACKAGES/AZUREAUTOMATIONAUTHORINGTOOLKIT
DEMOUSING THE AZURE AUTOMATION AUTHORING TOOLKIT
WEB HOOKS
• START JOBS FROM HTTP REQUESTS• IDEA FOR APPLICATION AND 3RD PARTY INTEGRATION• GREAT FOR STARTING JOBS IF AZURE CMDLETS ARE NOT INSTALLED• RUNBOOKS MAY NEED MODIFICATIONS TO RUN FROM WEBHOOKS
DEMOINTEGRATING WEB HOOKS
LINKS
• BLOG: HTTP://POSHSECURITY.COM • TWITTER: @KJACOBSEN• RUNBOOKS FROM THIS PRESENTATION: HTTPS://
GITHUB.COM/POSHSECURITY/POSHSECURITYAZUREAUTOMATION • HYBRID WORKERS:
HTTPS://AZURE.MICROSOFT.COM/EN-US/DOCUMENTATION/ARTICLES/AUTOMATION-HYBRID-RUNBOOK-WORKER/#
• WEB HOOKS: HTTP://BLOG.CORETECH.DK/JGS/AZURE-AUTOMATION-USING-WEBHOOKS-PART-1-INPUT-DATA/
• AZURE AUTOMATION AUTHORING TOOLKIT: HTTPS://WWW.POWERSHELLGALLERY.COM/PACKAGES/AZUREAUTOMATIONAUTHORINGTOOLKIT