I'm trying to automate the renewal of the RunAsAccount's certificate. In the portal there's that simple button which allows you to renew the account's certificate. However, this is not appropriate in a business case.
I found some solutions to update that certificate with PowerShell but they do all depend on execution from a local machine and I need something that can be done within a runbook for example.
What I already tried was basically creating a new self-signed certificate in the env:temp-variable, afterwards importing that certificate in the New-AzureRmAutomationCertificate function. Unfortunately this seems not to work.
Appreciate any thoughts or hints on that!
You can use this PowerShell script which helps to renew the certification.
To create or update an Automation account, you must have the following privileges and permissions:
To create an Automation account, your Azure AD user account must be added to a role with permissions equivalent to the Owner role for Microsoft Automation resources. In the Azure portal, under Azure Active Directory > MANAGE > App registrations, if App registrations is set to Yes, non-admin users in your Azure AD tenant can register Active Directory applications. If App registrations is set to No, the user who performs this action must be a global administrator in Azure AD.
Also please refer this MSDN thread, which deals with the same problem you have.