Inhalt

How to deploy a PowerShell 7.2 runbook to Azure Automation using Bicep

A few months ago in November 2023 PowerShell 7.2 was made “General Available” in Azure Automation. One important feature was yet missing from the documentation: deployment using Bicep or ARM templates.

As confirmed by Microsoft, the API was already supporting this behind the scenes.

/deploy-powershell-7-2-runbook-azure-automation-bicep/images/ArmAndBicepSupport.png
Yes, both Bicep and ARM template support is available.

After I checked with a few people to no avail, Jan-Henrik finally gave my the right hint.

While the official documentation is not up to date, to this day (14.01.2024)…

/deploy-powershell-7-2-runbook-azure-automation-bicep/images/docs.png
PowerShell 7.1 and API version 2023-11-01 are missing from the documentation

… the Azure REST API Specifications GitHub repository, that should also be the source of the documentation is up to date.

/deploy-powershell-7-2-runbook-azure-automation-bicep/images/apispecs.png
PowerShell72 as an option in the Azure REST API Specifications GitHub repo

Info
On 30.01.2024 the official documentation was updated. The runbookType PowerShell72 is now listed.

Deploy a PowerShell 7.2 runbook using bicep

And here is how you deploy a PowerShell 7.2 runbook:

param automationAccountName string
param location string = resourceGroup().location
param artifactsLocation string = 'https://gist.githubusercontent.com/f-bader/aded6f8726a2a416b0e90e91c61b283f/raw/97fd92756038aa6440a5ce54c0c4c00725efdee1/'

resource myAutomationAccount 'Microsoft.Automation/automationAccounts@2022-08-08' existing = {
  name: automationAccountName
  scope: resourceGroup()
}

resource exampleRunbookPowerShellCore 'Microsoft.Automation/automationAccounts/runbooks@2023-11-01' = {
  name: 'exampleRunbookPowerShellCore'
  parent: myAutomationAccount
  location: location
  properties: {
    description: 'Search for service principals and application to build a watchlist WorkloadIdentityInfo'
    runbookType: 'PowerShell72'
    logProgress: false
    logVerbose: false
    publishContentLink: {
      uri: uri(artifactsLocation, 'justatest.ps1')
      version: '1.0.0.0'
    }
  }
}

Deploy a PowerShell 7.2 module to Azure Automation

It also super simple to deploy a new PowerShell module or update an existing module for the PowerShell 7.2 runbooks.

param automationAccountName string
param location string = resourceGroup().location

var psGalleryModules = [
  'SentinelARConverter'
  'powershell-yaml'
]

resource PSGalleryModules72 'Microsoft.Automation/automationAccounts/powerShell72Modules@2023-11-01' = [for psGalleryModule in psGalleryModules: {
  name: psGalleryModule
  parent: myAutomationAccount
  tags: {}
  properties: {
    contentLink: {
      uri: 'https://www.powershellgallery.com/api/v2/package/${psGalleryModule}'
    }
  }
}]

Thanks Jan-Henrik for the tip.

I hope this blog post helps other people out there until the official documentation is updated before PowerShell 7.4 get’s into public preview.