New-CmAzCoreAutomation

Create an Automation account with runbooks. This cmdlet relies on functionality in Azure that is currently 'preview' status.

Completes the following:

  • Creates Resource Group for automation account.
  • Creates Automation account for runbook, dsc or both.
  • Optionally assigns system managed identity to automation account. (preview)
  • Optionally assigns Azure role to managed identity. (preview)

This command forms part of the Core Building Block.

Parameters

-SettingsFile

Required. (String) File path for the settings file to be converted into a settings object.

-SettingsObject

Required. (Object) Object containing the configuration values required to run this cmdlet.

-TagSettingsFile

Required. (String) File path for settings containing tags definition.

-WhatIf

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

-Confirm

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

Usage

Example 1

1
New-CmAzCoreAutomation -SettingsFile "c:/directory/settingsFile.yml"

Example 2

1
New-CmAzCoreAutomation -SettingsObject $settings

Settings

Beta documentation
The following schema documentation is automatically generated as part of a recent roadmap task. There may be inaccuracies or incomplete information while we flush out bugs; please refer to the packed project settings examples where necessary.

Settings Root.

Component

component [string | null]

Value to determine what cmdlet should be dynamically loaded for these settings.

Service

service [object] Mandatory

Contains dependency and publish details for service location.

Dependencies

dependencies [object]

Contains dependency details for service location.

Keyvault

keyvault [string | null]

Dependency value to fetch existing resource type.

Workspace

workspace [string]

Dependency value to fetch existing resource type.

Vnet

vnet [string | null]

Global default dependency value to fetch existing resource type.

PrivateZones

privateZones [array | null]

Dependency value to fetch existing resource type. Enables private zone integration.

Publish

publish [object]

Contains publish details for service location.

ResourceGroup

resourceGroup [string]

Value to publish on deployed resource type.

Automation

automation [string] Mandatory

Value to publish on deployed resource type.

PrivateEndpoint

privateEndpoint [string | null]

Global default value to publish on deployed resource type.

Automation

automation [object] Mandatory

Contains details required to deploy an Automation Account.

Location

location [string]

Automation account deployment location.

Name

name [string]

Becomes part of the generated automation account name.

ManagedIdentity

managedIdentity [object | null]

Configure system assigned managed identity. *Preview

Scope

scope [string | null]

Scope of managed identity.

Default:/Subscription//</code></p></dd>

role

role [string | null]

Azure role to be assinged to managed identity of automation account. Use None to disable this feature.

Default:Contributor

Enabled

enabled [boolean | null]

Create managed identity.

Default:true

</dl></dd>
SourceControl

sourceControl [object | null]

Container for an existing repo in source control.

KeyVaultPersonalAccessToken

keyVaultPersonalAccessToken [string | null]

Secret name of PAT token in existing key vault to access repo.

Url

url [string | null]

Url of source control repo.

Type

type [string | null]

Type of repo e.g Github.

Default:github

Branch

branch [string | null]

Existing branch within repo.

Default:master

FolderPath

folderPath [string | null]

Directory path of Runbook or DSC files.

Default:/

Service

service [object | null] Mandatory

Contains dependency and publish details for service location.

Dependencies

dependencies [object | null]

Contains dependency details for service location.

Keyvault

keyvault [string | null]

Dependency value to fetch existing resource type.

PrivateEndpoints

privateEndpoints [array | null]

Container for private endpoint details.

SubnetName

subnetName [string]

Names of underlying sub-resources to create private connection with.

Name

name [string | null]

Becomes part of private endpoint name.

SubResourceName

subResourceName [string]

Names of underlying sub-resources to create private connection with.

Valid values:"Webhook" , "DSCAndHybridWorker"

Service

service [object | null] Mandatory

Contains dependency and publish details for service location.

Dependencies

dependencies [object | null]

Contains dependency details for service location.

Vnet

vnet [string | null]

Local overriding dependency value to fetch existing resource type.

PrivateZones

privateZones [array | null]

Dependency value to fetch existing resource type. Enables private zone integration.

Publish

publish [object]

Contains publish details for service location.

PrivateEndpoint

privateEndpoint [string]

Local overriding value to publish on deployed resource type.

</dl></dd> </dl>

Examples

The following example files are automatically generated from the settings file schema definition to show how the specification can be used in practise. Cloudmarque can accept both JSON and YAML parameter files.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
{
  "component": "string",
  "service": {
    "dependencies": {
      "keyvault": "string",
      "workspace": "string",
      "vnet": "string",
      "privateZones": [

      ]
    },
    "publish": {
      "resourceGroup": "string",
      "automation": "string",
      "privateEndpoint": "string"
    }
  },
  "automation": {
    "location": "string",
    "name": "string",
    "managedIdentity": {
      "scope": "/Subscription/<Context subscription Id>/",
      "role": "Contributor",
      "enabled": "true"
    },
    "sourceControl": {
      "keyVaultPersonalAccessToken": "string",
      "url": "string",
      "type": "github",
      "branch": "master",
      "folderPath": "/",
      "service": {
        "dependencies": {
          "keyvault": "string"
        }
      }
    },
    "privateEndpoints": [
      {
        "subnetName": "string",
        "name": "string",
        "subResourceName": "Webhook",
        "service": {
          "dependencies": {
            "vnet": "string",
            "privateZones": [

            ]
          },
          "publish": {
            "privateEndpoint": "string"
          }
        }
      }
    ]
  }
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
component: "string"    # Optional
service:     # Mandatory
  dependencies:     # Mandatory
    keyvault: "string"    # Optional
    workspace: "string"    # Mandatory
    vnet: "string"    # Optional
    privateZones:     # Optional
      -   publish:     # Mandatory
    resourceGroup: "string"    # Mandatory
    automation: "string"    # Mandatory
    privateEndpoint: "string"    # Optional
automation:     # Mandatory
  location: "string"    # Mandatory
  name: "string"    # Mandatory
  managedIdentity:     # Optional
    scope: "/Subscription/<Context subscription Id>/"    # Optional
    role: "Contributor"    # Optional
    enabled: "true"    # Optional
  sourceControl:     # Optional
    keyVaultPersonalAccessToken: "string"    # Mandatory
    url: "string"    # Mandatory
    type: "github"    # Mandatory
    branch: "master"    # Optional
    folderPath: "/"    # Optional
    service:     # Optional
      dependencies:     # Optional
        keyvault: "string"    # Optional
  privateEndpoints:     # Optional
    - subnetName: "string"    # Mandatory
      name: "string"    # Optional
      subResourceName: "Webhook"    # Mandatory
      service:     # Optional
        dependencies:     # Optional
          vnet: "string"    # Optional
          privateZones:     # Optional
            -         publish:     # Optional
          privateEndpoint: "string"    # Optional