How to deploy an Azure Automation account, set up source control link & deploy runbooks via Azure DevOps CD YAML pipeline.

My GitHub repo shows how to set up an Azure DevOps Continuous Deployment (CD) pipeline for deploying an Azure Automation account & associated Runbooks.

Deployment

Clone the repo & upload into your own Azure DevOps instance.
Modify the /ado/env & /infra/env files to match your Azure & Azure DevOps environment.
Select the Pipelines blade in Azure DevOps and click on New pipeline
Select where your have stored your source code, select Existing Azure Pipelines YAML file, select the Branch (likely main) and set the Path to /ado/deploy-automation.yml.
Save the pipeline.
In the upper right-hand corner of the screen, select the User Settings button and select Personal Access Tokens. This PAT will be used by the Azure Automation account to pull the runbooks from source control.
Click New Token, give it a name that reminds you what it will be for (example: AzureAutomation). Set the Expiration. Add the following scopes (click on the Custom defined radio button to see them all).
1. Code – Read
2. Identity – Read
3. Project and Team – Read
4. Service Connections – Read, query, & manage
5. User Profile – Read
6. Work Items – Read
Copy the PAT to Notepad.
Navigate back to the pipeline and click on Edit.
Click Variables and then New variable.
Name the variable AdoPat, paste in the PAT string you copied earlier & check the Keep this value secret checkbox. Click Ok to save.
Click Run pipeline to execute. You may need to authorize the pipeline to use the service connection. This initial run will create all of the required Azure resources & set up the sync, but it will fail the first time becuase you need to grant the Managed Identity that the Automation Account uses Contributor access to the Resource Group so it can create Runbook resources (https://docs.microsoft.com/en-us/azure/automation/source-control-integration#prerequisites).
In the Azure portal, navigate to your Resource Group. Click on the Access control blade. Click on Add->Add Role assignment.
1. Select the Contributor role. Click Next.
2. Select the Managed identity radio button. Click Select members.
3. Select the managed identity that was created in your resource groups. Click `Select.
4. Click Review + assign.
Run the pipeline again to see the sync occur.

You can now see the Azure Automation Source Control link & Runbook sync job complete in the Azure portal.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How to deploy an Azure Automation account, set up source control link & deploy runbooks via Azure DevOps CD YAML pipeline.

Deployment

Related Posts

How to deploy Logic Apps (Standard) with Bicep & Azure DevOps

How to build & deploy an Arc-enabled Logic App on a self-hosted Kubernetes cluster (including with Azure DevOps pipeline)

Leave a Reply Cancel reply