-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCreate-AzureAutomationCredentials.ps1
109 lines (87 loc) · 4.5 KB
/
Create-AzureAutomationCredentials.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<#
.SYNOPSIS
Checks for an Azure Automation Credential within a particular Azure Subscription and Azure Automation Account, and creates a new Azure Automation Credential if not present
.DESCRIPTION
This runbook checks for presence of an Azure Automation credential within a particular Azure Subscription and an Azure Automation Account corresponding to the Information passed through parameters,
and creates a new one if it does not exist. It enables you to pass your own text suffix as a parameter to be used to form a unique name for the credential, or takes a default hardcoded suffix otherwise.
.PARAMETER AzureAutomationAccountName
Name of the Azure Automation Account, from where this runbook will be run
.PARAMETER AzureAutomationResourceGroupName
Name of the Resource Group for the Azure Automation Account, from where this runbook will be run
.PARAMETER CredentialName
Name of the Azure Automation Credential you want to either check the existence of, or be created if absent
.PARAMETER Suffix
The suffix you want to be added to the CredentialName parameter to form a unique name in case a new credential has to be created. If you do not provide any suffix value and skip the parameter, a default value of "-AACredential" is assumed
.PARAMETER UserName
Name of the User for which the new credential will be created.
.PARAMETER Password
Password value for the User, for which the new credential will be created.
.EXAMPLE
Create-AzureAutomationCredentials.ps1 -AzureAutomationAccountName "Automation-AC1" -AzureAutomationResourceGroupName "Automation-RG1" -CredentialName "vm-2016-01" -UserName "xadmin" -Password "Pass@101"
.Notes
Author: Arjun Bahree
E-mail: [email protected]
Creation Date: 12/Dec/2017
Last Revision Date: 15/Dec/2017
Version: 3.0
Development Environment: Azure Automation Runbook Editor and VS Code IDE
PS Version: 5.1
Platform: Windows
#>
Param(
# Parameter help description
[Parameter(Mandatory=$true)]
[String]$AzureAutomationAccountName,
# Parameter help description
[Parameter(Mandatory=$true)]
[String]$AzureAutomationResourceGroupName,
# Parameter help description
[Parameter(Mandatory=$true)]
[String]$CredentialName,
# Parameter help description
[Parameter()]
[String]$Suffix = "-AACredential",
# Parameter help description
[Parameter(Mandatory=$true)]
[String]$UserName,
# Parameter help description
[Parameter(Mandatory=$true)]
[String]$Password
)
if (!(Get-AzureRmContext).Account){
throw "You need to be logged into your Azure Subscription. Aborting!"
}
# Form standardized name of the Azure Automation PS Credential for the Input credential Info
$CredName = $CredentialName + $Suffix
# Get all the existing Azure Automation PS Credential for the Input credential Info
$CredsCollection = Get-AzureRmAutomationCredential -ResourceGroupName $AzureAutomationResourceGroupName -AutomationAccountName $AzureAutomationAccountName -ErrorAction "SilentlyContinue"
if ($CredsCollection)
{
# Iterate through all existing Automation PS Credential to check for presence of that for the Input credential Info
foreach ($credItem in $CredsCollection)
{
if ($credItem.Name -eq $CredName)
{
$Cred = $credItem
return 0
}
}
}
# If Azure Automation PS Credential for the Input credential Info is null
if (!$Cred)
{
try
{
# Get Secure version of the Input Password
$SecurePassword = ConvertTo-SecureString $Password -AsPlainText -Force
# Form PS Credential Object from the Input User Name and Password
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $UserName, $SecurePassword
# Creat new Azure Automation PS Credential object for the Input credential Info
$vmAzureAutomationCredential = New-AzureRmAutomationCredential -AutomationAccountName $AzureAutomationAccountName -Name $CredName -Value $Credential -ResourceGroupName $AzureAutomationResourceGroupName
}
catch
{
Write-Error "Unable to create new Azure Automation Credential for VM {$CredentialName}. Exception: $($_.Exception)" 2> $null
return 1
}
}