Home  > Resources  > Blog

Azure Cloud Automation Overview

February 11, 2022 by Faheem Javed
Category: Cloud

1.1 The Infrastructure-As-Code Practice

  • In the Infrastructure-as-Code practice, you define the infrastructure (that needs to be deployed in support for your solution) declaratively in code using some sort of domain-specific language (DSL)
    • Azure cloud’s Resource Manager templates (ARM templates) are infrastructure-as-code declarative configuration files written in JSON; we will review ARM templates in a later lecture module
  • The infrastructure-defining code becomes part of your project similarly to how you treat your application code
    • For example, just like your application code, you store the infrastructure-defining code in a source repository and version it

1.2 How Can Automation Help?

  • Automation can help simplify your solution deployment management and make the process reliable, consistent, and verifiable
  • Automation’s main focus is on frequent, human error-prone, and lengthy management tasks achieving this through the infrastructure-as-code approach
  • Automation gives you complete control during deployment, operations, and decommissioning of enterprise workloads and resources with assurances that the infrastructure is in a known and reliable state
  • Through automation, you can:
    • Save operational time and reduce costs
    • Enforce solution governance
    • Ensure compliance
    • Support DevOps practices


As infrastructure becomes part of your solution delivery iterative process, the division between Ops and development will start to gradually disappear.

1.3 Azure Automation

  • Azure Automation [https://docs.microsoft.com/en-ca/azure/automation/] is a cloud-based automation solution that supports process automation, configuration management, update management, shared capabilities, and heterogeneous features
  • Automation on Azure is supported through these capabilities:
    • Configuration management, including support for script authoring, automatic VM configuration updates
    • Schedule and execute deployments
    • OS updates and patching for Windows ® and Linux
    • Cross-system orchestrate
  • Supports Azure and non-Azure environment integration
  • With Azure automation there is no upfront costs or termination fees — you only pay for what you have used

1.4 Azure Automation at a Glance

Source: https://docs.microsoft.com/en-ca/azure/automation/overview

1.5 Common Automation Scenarios

  • Azure Automation documentation lists the following common automation scenarios:
    • Schedule tasks – stop VMs or services at night and turn on during the day, weekly or monthly recurring maintenance workflows.
    • Write runbooks – Author PowerShell, PowerShell Workflow, graphical, Python 2 and 3, and DSC runbooks in common languages.
    • Build and deploy resources – Deploy virtual machines across a hybrid environment using runbooks and Azure Resource Manager templates. Integrate into development tools, such as Jenkins and Azure DevOps.
    • Configure VMs – Assess and configure Windows and Linux machines with configurations for the infrastructure and application.
    • Retrieve inventory – Get a complete inventory of deployed resources for targeting, reporting, and compliance.
    • Find changes – Identify and isolate machine changes that can cause misconfiguration and improve operational compliance. Remediate or escalate them to management systems.
    • Periodic maintenance – to execute tasks that need to be performed at set timed intervals like purging stale or old data, or reindex a SQL database.
    • Respond to alerts – Orchestrate a response when cost-based, system-based, service-based, and/or resource utilization alerts are generated.
    • Hybrid automation – Manage or automate on-premises servers and services like SQL Server, Active Directory, SharePoint Server, etc.
    • Azure resource lifecycle management – for IaaS and PaaS services.
    • Dev/test automation scenarios – Start and start resources, scale resources, etc.
    • Governance related automation – Automatically apply or update tags, locks, etc.
    • Azure Site Recovery – orchestrate pre/post scripts defined in a Site Recovery DR workflow.
    • Windows Virtual Desktop – orchestrate scaling of VMs or start/stop VMs based on utilization.

1.6 Service Integration Mechanism

  • Azure Automation employs serverless run-books that help integrate Azure and hybrid solutions
  • Developers can visually create run-books using PowerShell or Python to integrate Azure and publicly available services for deployment, configuration and management of your cloud solutions
  • The process automaton operating environment overview can be found here: https://docs.microsoft.com/en-ca/azure/automation/automation-runbook-execution

1.7 Webhooks

  • Azure webhooks [https://docs.microsoft.com/en-ca/azure/automation/automation-webhooks] allow developers to process incoming requests and ensure continuous delivery and operations by triggering automation from:
    • Azure Logic Apps, Azure Function, ITSM product or service, DevOps, and monitoring systems
  • The example on the next slide shows a typical webhook-based automation solution that is triggered by an external HTTP request

1.8 Example of Using a Webhook

Source: https://docs.microsoft.com/en-ca/azure/automation/automation-webhooks

1.9 Configuration Management


DSC configurations are PowerShell scripts that define a special type of function. To define a configuration, you use the PowerShell keyword Configuration.

Example of a DSC script (https://docs.microsoft.com/en-us/powershell/scripting/dsc/configurations/configurations?view=powershell-7.1):

Configuration MyDscConfiguration {
    Node "TEST-PC1" {
        WindowsFeature MyFeatureInstance {
            Ensure = 'Present'
            Name = 'RSAT'
        WindowsFeature My2ndFeatureInstance {
            Ensure = 'Present'
            Name = 'Bitlocker'

1.10 Azure Automation Shared Capabilities

  • Include:
    • Shared resources,
    • Role-based access control (RBAC),
    • Scheduling,
    • Source control integration,
    • Auditing, and
    • Tagging

1.11 Shared Resources

  • To facilitate the automation effort, Azure Automation offers a number of shared resources, including:
    • Schedules
      • To trigger automation operations at predefined times
    • Modules
      • Microsoft, third-party, community, and custom-defined cmdlets and DSC resources
    • Python 2 and 3 packages
      • Python 2 and 3 runbooks
    • Credentials and Certificates
    • Connection information
      • You define connections in runbooks and configurations for use at runtime in modules
  • For more information, visit https://docs.microsoft.com/en-ca/azure/automation/overview#shared-resources

1.12 Azure Automation Compliance Certifications

Source: https://azure.microsoft.com/en-ca/services/automation/#features


For a complete list of Microsoft compliance certifications, visit https://docs.microsoft.com/en-us/compliance/regulatory/offering-home?view=o365-worldwide

1.13 Azure Command-Line Options

  • You can interface with the Azure cloud for the purposes of resource management and automation using two flavors of command-line interface:
    • Microsoft PowerShell that comes with Azure-centric cmdlets, and/or
    • Bash-based command-line interface (referred to in Azure documentation as CLI) offered through the az tool
  • Both command-line shells can be installed locally and used to remotely connect to your Azure cloud
  • The Azure portal comes with the built-in Cloud Shell environment that offers a choice of either command-line interface

1.14 Extending Azure Automation

  • Azure automation can be extended with additional features and products, such as
    • security, and
    • backup services

1.15 Summary

  • Automation is a critical activity to ensure consistent and repeatable deployment and management of cloud resources
  • One of the methods supporting successful automation activities is the Infrastructure-as-Code practice
  • Azure Automation offers a wide range of capabilities to support cloud-solution delivery automation

Follow Us

Blog Categories