Search code examples
azure-bicepazure-runbook

How do I ensure a new Azure runbook with parameters is published on creation?

I have a bicep template being used to create an automation account with a runbook and schedule inside it. The new runbook has parameters to reference the storage account it affects and pass these to the PowerShell script. Currently this runbook is not created as 'published' which means it can't be used nor can it be linked to the schedule.

How do I ensure the runbook is published (with the PowerShell input parameters in place) so that the linking between runbook and schedule works so that it doesn't need manually publishing and linking afterwards in Azure Portal?

Here is the bicep template for the script:

param automationAccountName string
param location string

param runbookName string
param runbookContentUrl string
param scheduleName string
param storageAccountName string
param resourceGroupName string
param jobScheduleLinkName string

resource automationAccount 'Microsoft.Automation/automationAccounts@2022-08-08' = {
  name: automationAccountName
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    publicNetworkAccess: true
    disableLocalAuth: false
    sku: {
      name: 'Basic'
    }
    encryption: {
      keySource: 'Microsoft.Automation'
      identity: {}
    }
  }
}

resource runbook 'Microsoft.Automation/automationAccounts/runbooks@2022-08-08' = {
  parent: automationAccount
  name: runbookName
  location: location
  properties: {
    runbookType: 'PowerShell'
    logVerbose: true
    logProgress: true
    logActivityTrace: 1
    draft: {
      inEdit: false
      parameters: {
        storageAccountName: {
          type: 'string'
          defaultValue: storageAccountName
        }
        resourceGroupName: {
          type: 'string'
          defaultValue: resourceGroupName
        }
      }
    }
    publishContentLink: {
      uri: runbookContentUrl
      version: '1.0.0.0'
    }
  }
}

resource runbookSchedule 'Microsoft.Automation/automationAccounts/schedules@2022-08-08' = {
  parent: automationAccount
  name: scheduleName
  properties: {
    frequency: 'Day'
    interval: 1
    startTime: '2023-06-08T00:00:00Z'
    expiryTime: '9999-12-31T23:59:59Z'
    timeZone: 'Europe/London'
  }
}

resource jobScheduleLink 'Microsoft.Automation/automationAccounts/jobSchedules@2022-08-08' = {
  parent: automationAccount
  name: jobScheduleLinkName
  properties: {
    schedule: {
      name: scheduleName
    }
    runbook: {
      name: runbookName
    }
  }
  dependsOn: [
    runbook
    runbookSchedule
  ]
}

output automationAccountId string = automationAccount.identity.principalId

I tried adding publishContentLink separately but it doesn't allow for parameters. I tried to create a new deployment resource to deploy/publish the runbook but couldn't get that to work either.

Solution

  • You'll need to pass a params object with the key/values.

    resource automationJobs 'Microsoft.Automation/automationAccounts/jobSchedules@2022-08-08' = {
  parent: automationAccount
  name: guid(automationAccount.id, runbook.name, job.schedule)
  properties: {
    schedule: {
      name: runbookSchedule.name
    }
    runbook: {
      name: runbook.name
    }
    parameters: {
          ResourceGroupName : 'myRG'
          AksClusterName : 'myVM'
          Operation: 'start'
    }
  }
  dependsOn: [runbookSchedule]
}

    For a fuller sample, I'm in the middle of contributing a Automation Account module to the Microsoft Bicep Registry. PR