Azure Automation Account
Log Analytics + Azure Automation Account + Hybrid Worker:
The goal for today is to set up a Hybrid Automation Account and to run in a scheduled way a PowerShell script (without other words let’s see if we can replace the on-prem orchestrator with a hybrid cloud solution):
Step 1: Azure Subscription – and for that, you need to log in with your to factor authenticator to https://portal.azure.com/#allservices and to create a subscription:
Step 2: in Cloud as in our on-prem infrastructure everything should be very well organized so to keep that as a rule, the next step is to create a resource group:
Next, you need to select your subscription, name your resource group in our case will be PROD(production)-WE(location West Europe)-AutoAcct(used for Automation Account).
West Europe because for now, Microsoft made available all the services we need for log analytics only in West Europe datacentres.
Next, you need as per my advice to set up some TAGS, which are handy you need to search your Cloud environment and also can help in creating the infrastructure for different environments (e.g. corporate, development, production,…) or different teams in your organization
Next, you just need to create your resource group.
Step 3: we need to create our log analytics workspace following our naming convention:
In the right up corner, you can check your notification field to see how is your deployment:
Log analytics deployment is completed now:
Checking also resource group:
Step 4: Automation Account deployment following our naming convention:
Select your log analytics workspace and then go solution under overview:
Select ADD and choose Automation and Control:
Now let’s link our log analytics workspace with our automation account, to achieve that you need to go to your automation account and select update management:
After you enable this you can see the following link is achieved:
Step 5: Hybrid Worker setup
Go to your log analytics resource and select advanced settings, download the agent and make a note with workspace id and primary key:
Install the agent on the target machine:
On the target machine you need to run the following PowerShell script:
#Azure Automation Account - Hybrid Worker setup Clear-Host Set-Location 'C:\Program Files\Microsoft Monitoring Agent\Agent\AzureAutomation\7.3.702.0\HybridRegistration\' Import-Module .\HybridRegistration.psd1 Add-HybridRunbookWorker -GroupName 'HybridWorkerOnPrem' -EndPoint 'https://we-agentservice-prod-1.azure-automation.net/accounts/fd299edb-c929-4989-9396-48744f8e5887' -Token '+u1SKiKVDpoEy7M1i7N8b9ZBaMY0VVA0p+wpBnZlH0Fc8t0RJJhdixJgWFMtVeyyCgByp8F5xGAnspw3oVVBcg==' Remove-HybridRunbookWorker -Url 'https://we-agentservice-prod-1.azure-automation.net/accounts/fd299edb-c929-4989-9396-48744f8e5887' -MachineName 'AutoAcctVM01'
Step 6: Run a PowerShell script in a hybrid scenario
Got to runbooks and create a new PowerShell runbook
AmistadGroup IT Team