How to import PowerShell 7 runbooks in Azure Automation

Import a PowerShell 7.XX runbook in Azure Automation via PowerShell

You cannot currently choose PowerShell 7.XX runtime via the standard cmdlet New-AzAutomationRunbook in the Az.Automation module.
This limits you to using the Azure portal.

You can upload runbooks via a workaround with runtime 7.XX. This only applies to powershell script files located in an Azure Storage Blob.

Small sidestep of uploading scripts to an azure Storage Blob

To upload an Azure storage blob you can use the script in my Github repository.
You can simply upload something with the following command:

$AddAzureStorageBlobSplat = @{
    Path = "C:\Temp\MyFolder\script1.ps1"
    StorageContainer = "mycontainer"
    StorageAccount = "mystorageaccount"
    ResourceGroup = "myresourcegroup"
}
Add-AzureStorageBlob @AddAzureStorageBlobSplat

And now let’s get back to uploading new runbooks with PowerShell runtime 7!

When you connect to Azure via Connect-AzAccount, you can use Invoke-AzRestMethod to upload a runbook via the Azure REST API.

The Invoke-AzRestMethod uses an OAuth Access Token in the backend to call the API. You can see the Access Token as well via Get-AzAccessToken, but in this case we do not need it as we can use Invoke-AzRestMethod.

Because the Invoke-AzRestMethod is actually a web request, we need to provide a body or PayLoad. The body is in Json format.

So, you already have your script uploaded to a Storage Account, right? We currently also need a Shared Access Signature Token (SAS Token) as that’s the only way to authenticate to the Storage Account via Invoke-AzRestMethod.

For more about a Shared Access Signature Tokens I want to refer you to Microsoft docs.

I will give you the PayLoad for PowerShell 7.1 and 7.2.

PayLoad for 7.1

$JsonPayLoad = @{
    Properties = @{
        RunbookType        = 'PowerShell7'
        publishContentLink = @{
            uri = CONTENTLINK
        }
        state              = 'Published' # DRAFT
    }
    location   = 'LOCATION'
} | ConvertTo-Json

PayLoad for 7.2

$JsonPayLoad = @{
    Properties = @{
        RunbookType        = 'PowerShell'
        runtime            = 'PowerShell-7.2'
        publishContentLink = @{
            uri = CONTENTLINK
        }
        state              = 'Published' # DRAFT
    }
    location   = 'LOCATION'
} | ConvertTo-Json

For either one to work you will need to update the ContentLink, LOCATION, and the state is currently published.

Location for me would be westeurope. You can find the ContentLink under the Blob in the Azure portal.

This is a uri you can dynamically build in PowerShell:
https://StorageAccountName.blob.core.windows.net/StorageContainer/scriptname

The ContentLink also needs the SAS Token for authentication, so in full it should be something like this:
https://storageaccountname.blob.core.windows.net/containter/script.ps1?sv=2020-08-04&ss=bfqt&srt=sco&sp=rwdlacupitfx&se=2021-10-31T00:00:00Z&st=2021-10-01T00:00:00Z&spr=https&sig=MySignature

Last but not least, the api version (used for the Azure REST API) differs between 7.1 and 7.2

  • 7.1: 2019-06-01
  • 7.2: 2022-06-30-preview

Let’s start using Invoke-AzRestMethod to upload aPowerShell 7 runbook to Azure Automation!

I already gave you a PayLoad to choose from, since we still use 7.1, I will also use the 7.1 PayLoad as an example.

My PayLoad would look like this with the explanations from above (with a shortend uri for readability):

$JsonPayLoad = @{
    Properties = @{
        RunbookType        = 'PowerShell7'
        publishContentLink = @{
            uri = 'https://storageaccountname.blob.core.windows.net/containter/script.ps1?SASTOKEN'
        }
        state              = 'Published'
    }
    location   = 'westeurope'
} | ConvertTo-Json

I usually use Splatting when building my parameters, so when I use Invoke-AzRestmethod it will look like this:

$InvokeAzRestMethodSplat = @{
    Method               = 'PUT'
    ResourceGroupName    = 'MyResourceGroup'
    ResourceProviderName = 'Microsoft.Automation'
    ResourceType         = 'automationAccounts'
    Name                 = "$($AutomationAccountName)/runbooks/script" # WITHOUT .ps1!
    ApiVersion           = '2019-06-01'
    PayLoad              = $JsonPayLoad
}
Invoke-AzRestMethod @InvokeAzRestMethodSplat

By following these steps, you should be able to import a 7.XX runbook into Azure Automation!

But it can even be easier for PowerShell 7 runbooks in Azure Automation!

I uploaded two scripts to my Github repository you can use to simplify this process and upload PowerShell 7 runbooks to Azure Automation.

This will simplify the process to this (you still need to do the customizations as this is only an example):

$AddAzureStorageBlobSplat = @{
    Path = "C:\Temp\MyFolder\script1.ps1"
    StorageContainer = "mycontainer"
    StorageAccount = "mystorageaccount"
    ResourceGroup = "myresourcegroup"
}
Add-AzureStorageBlob @AddAzureStorageBlobSplat

Item       Successful
----       ----------
script.ps1       True

$ImportAutomationRunbookSplat = @{
    RunbookName = "script"
    RuntimeVersionRunbook = "7.1"
    ResourceGroup = "myresourcegroup"
    AutomationAccountName = "myautomationaccount"
    StorageAccountName = "mystorageaccount"
    StorageContainerName = "mycontainer"
    SASToken = '?sv=2020-08-04&ss=bfqt&srt=sco&sp=rwdlacupitfx&se=2021-10-31T00:00:00Z&st=2021-10-01T00:00:00Z&spr=https&sig=MySignature'
}
Import-AutomationRunbook @ImportAutomationRunbookSplat

Uploaded script

Published by

Bas Wijdenes

My name is Bas Wijdenes and I work as a PowerShell DevOps Engineer. In my spare time I write about interesting stuff that I encounter during my work.

Leave a Reply

Your email address will not be published. Required fields are marked *