For me, one of the vital annoying sorts of tickets you possibly can obtain at a helpdesk is a request for momentary permissions. You obtain a ticket stating that “this person” must be granted entry to this SharePoint website, and the permission must be eliminated after 1 week. Or “this outdated mailbox” must be restored, and “that person”, ought to solely have entry for the following couple of days.
The Tickets are simple sufficient to finish, however the annoying half is to schedule that it is advisable to carry out a activity two instances, one for granting the permissions, then wait. After which the second time to take away the permission, earlier than you possibly can really shut the ticket.
This led me to consider how I may use an Azure Automation Account, a PowerApp, and PowerShell to create an automation framework for simple scheduling of all these automation.
You’ll find all code associated to this challenge in my Github Repo
Overview of the challenge
Creating the Azure useful resource
For the challenge you will want the next useful resource:
- Azure Automation Account
- Storage Account
- Azure Capabilities App
- Azure API Administration
for creating the sources you need to use the next cli instructions;
Creating useful resource group:
|
|
Azure Automations Account:
|
|
Storage Account:
|
|
Azure Operate App:
|
|
Azure API Administration:
|
|
Making a service principal for working the Azure Operate integration into the Azure Automation Account
You will have a service principal for connecting from you Azure Operate App to your Automation Account. To create the service principal you need to use the next command:
|
|
The command will give an output just like under. Right here it is very important be aware down the “appId”, “password” and the “tenant”, since you’ll use the data later.
|
|
Creating the Azure Operate
The Azure perform will likely be a fairly easy PowerShell script. The script will be capable to take totally different parameters supplied by the PowerApp. These parameters then outline which runbook must be scheduled and supply the parameters to that particular Runbook.
When creating this setup, and the runbooks for this setup it is extremely vital to consider which kinds of Automation scripts run and which kinds of parameters these runbooks want to have the ability to run.
Setting the Appsettings for passing credentials to the perform
Should you use the Azure Operate extension in vscode, you possibly can open the file native.settings.json and add within the following variables:
Setting | Worth |
---|---|
SP_APP_ID | Service Principal App id |
SP_APP_SECRET | Service Principal Secret |
TENANT_ID | Azure Tenant id |
RESOURCE_GROUP | Title of the useful resource group |
AUTOMATION_ACCOUNT | Title of the automation account |
your native.settings.json ought to look just like:
|
|
The native.settings.json is just for testing domestically, you will want to set the appsettings for the FunctionApp both in Azure or by way of vscode, earlier than you deploy the capabilities.
Setting the Route Parameter
To have the ability to choose which runbook you wish to schedule simply by passing within the runbook title immediately into the URL, you will want to set the route parameter in your perform.json file
|
|
with the route parameter {RunbookName}, now you can go the title of the runbook, to the Azure perform by passing it into the URL
Right here is an instance: http://localhost:7071/api/test-runbook
Creating the PowerShell perform which creates the schedules
I’ve created the PowerShell perform proven under. I received’t go an excessive amount of in-depth in regards to the logic, however mainly, the perform accepts the beginning time, description, and the runbook parameters by way of an HTTP request physique.
An instance of the physique could possibly be:
|
|
The perform then checks to see if the requested runbook exists. If it exists then it’ll attempt to create a brand new schedule after which assign the schedule to the required runbook.
|
|
Creating the PowerShell perform which get present scheduled runbooks
The second perform i’ve created is made for retrieving all of the scheduled runbooks. This fashion you will get a superb overview within the app of which runbooks are already scheduled and ready to be executed.
|
|
Testing the Azure Operate
Now I’ve created a quite simple Automation Runbook, which takes a parameter “Title” and writes out a message.
|
|
I can check the primary perform, by including a brand new schedule, with the next PowerShell script:
|
|
The script ought to return the next output:
|
|
I can then check the second perform, to see which schedules I’ve already created with the script under:
|
|
The perform ought to return an output just like under:
|
|
If I then test my schedules in my Azure Automation account, i can see that the schedule has been created an are able to be executed.
Including the Azure Operate to Azure API Administration
Earlier than you possibly can make the most of the Azure Operate inside PowerApps, you will want to offer the perform by way of API Administration.
You do that by going into apim after which clicking on APIs. Then click on on “Create from Azure useful resource” and select “Operate App”
Then you possibly can import the capabilities you simply created.
Setting the right HTTP response for the APIs
Now for the API to work with Microsoft PowerApps, it is very important set the right response. If the request-response just isn’t set accurately PowerApps, don’t know find out how to deal with the API.
Begin by choosing the primary perform “POST AzureAutomationIntegration”, then within the “Frontend part” click on on the edit emblem.
Then go to Responses and click on on “+ Add response”, and choose 201 Created.
Then for the Content material-Kind choose: utility/json
for the pattern you possibly can enter the next JSON:
|
|
Then press Save
then do the identical for the second perform, besides the response must be 200 OK, and the pattern JSON must be:
|
|
Importing the API into PowerApps as a customized connector
To make it simple to make use of the API, you possibly can import it as a customized connector inside PowerApps. This fashion you possibly can outline the request enter and output to make it simpler to make use of in PowerApps and Energy Automate.
Begin by going to https://powerapps.microsoft.com then click on on “Knowledge” –> “Customized Connectors”. Then click on on “+ New customized connector” and select “Create from Azure Companies”. Then simply choose your subscription, service, service title, and the title of the API.
Now for configuring the customized connector you possibly can go to part “3. Definition”. That is the place you’ll outline you precise requests utilized by PowerApps, for connecting to your API.
To make it simple, you possibly can import a pattern output from a request, then PowerApps will likely be good sufficient to generate the best output.
Scroll down till you discover the “Response” right here click on on the white area.
Then click on on “+ Import from pattern”, right here you need to paste a pattern output into the sector. To get a pattern output you possibly can simply make a request to the API, and copy-paste the output you get.
Instance output:
|
|
Then click on on the second API endpoint to create an output for it.
Once more scroll right down to “Response” and click on on the white discipline. Then click on on “+ Import from pattern”, then paste a pattern of the output from that API endpoint.
Instance output:
|
|
You then save the Customized connector by clicking on “Create Connector.” Now earlier than you possibly can check the connector it is advisable to create a brand new connection. Click on on “+ New connection”, after you clicked on “Create Connector”.
Right here it is advisable to paste in your API key. To get the API key, it is advisable to head over to the Azure Portal, and into your API Administration Service. Within the Menu click on on “Subscriptions”.
Then click on on “+ Add subscription”, give it a Title and Displayname, for the scope choose “API” after which choose the title of your API.
After you may have created the Subscription, you possibly can click on on “Present/conceal keys”. Copy the important thing after which paste it into the PowerApp Customized connector.
Your customized connector is now prepared for use in your PowerApp.
Creating the PowerApp
Now I received’t go in-depth on how I’ve created the PowerApp, this half is pretty easy and you will discover lots of sources on-line showcasing find out how to create all of the logic within the app. As a substitute, i’ll simply shortly stroll over the logic I’ve used.
How does it work ?
By urgent the button “Replace Desk”, the app will hook up with the API and retrieve all of the scheduled runbooks.
And if you wish to schedule a brand new automation, you possibly can fill out the shape and press the button “Schedule”. The app will present a part of the HTTP response from the API and present it within the Output display screen.
Schedule a brand new automation button
Since I wish to retrieve output from the HTTP request I must create the HTTP request inside a Energy Automate Circulation. All of the stream does is it takes all of the values from the shape within the PowerApp, and ship the info to the API.
To make use of the info from the PowerApp contained in the Circulation, I’ll create a Variable pr Knowledge entry I want to make use of, then for the worth of the variable I’ll choose “Ask in PowerApps”.
Since i’ve create the API as a customized connector within the PowerApp, I can create a Customized Job for connecting to the API.
I then take the Output from the Customized Connector motion and ship it again to the PowerApp
Eventually contained in the PowerApp I might want to use the next code, for calling the Energy Automate stream, and saving the response information from the stream, right into a variable. The explanation I’m saving the info in a variable is to have the ability to present the info within the Outputs textual content field.
|
|
Updating the info desk button
To replace the info desk, with the button, it is so simple as utilizing the next code on the button:
Set(myData, 'fa-test-automation'.getretrievecurrentscheduledrunbooks())
after which the info tables “Gadgets” discipline ought to include:
SortByColumns(myData, "NextRun")
This fashion the info desk will present the response from the API name, and type it by date ascending.
Conclusion
This fashion of utilizing a PowerApp to schedule your automation is a quite simple manner of simplifying scheduling PowerShell scripts. This might allow IT, supporters, in your Staff to carry out actions which will in any other case require, information of Servers, Azure, or PowerShell, to have the ability to full all these duties, releasing up your time for different duties.
This app I showcased right here may be improved in many alternative methods. You may create a menu structure for scheduling totally different duties, you might additionally create a button for working the Runbook immediately as a substitute of scheduling it.
One of many issues with this app is that you probably have a number of Runbooks which require totally different parameters, you will want to create a separate stream for the totally different runbooks, and I’d create a sub-screen (or a popup), which contained all of the enter fields for the totally different runbook parameters.