Table of Contents
An emergency button to ensure that your runbooks stop running without disconnecting the schedule in Azure Automation
Disclaimer: This post can be seen as satire. There are probably better ways, but because we were so limited with the customer at the time, we opted for a hobby approach: ‘Maintenance mode the creative way‘.
What if…
- …you have runbooks running that will perform certain actions on Microsoft platforms that are not available at that time?
- …you have a runbook running on a Hybrid Worker that calls different servers while one of these servers is replaced by a new one?
- …your certificate of secret has unexpectedly expired, and you do not want your runbooks to run for the time being until this problem has been resolved?
Then you don’t want to immediately disconnect your schedules from the runbooks, do you?
You prefer an emergency button that prevents your runbook from running, right?
Below I will explain to you how you can build in an emergency button and how you can use it within your runbooks.
Stop runbooks connected to a schedule from running in Azure Automation with Maintenance mode
The steps are simplified and at the end I’ll give you more ideas on how you can use this.
A Variable
Within Azure Automation you have variables. Here you can enter values that you can use later in your code.
This way you don’t have to have values hardcoded in your runbooks and you have one central place where you can adjust it, which is then immediately applied to all runbooks that call the variable with Get-AutomationVariable -Name XXX.
I start with a simple variable name Emergency.
This will be a boolean that can be set to true or false.
By default, there is no emergency (I hope), so the below should be sufficient.
An emergency runbook
And now we need a piece of code that we save as a runbook where we check and respond when the Emergency is enabled.
And the below piece of code should be sufficient.
$Emergency = Get-AutomationVariable -Name 'Emergency'
if ($Emergency -eq $true) {
throw 'Emergency is enabled, stopping script'
}
else {
Write-Output 'There is no Emergency, continueing script'
}Do not forget to publish the runbook.
Now we will need to implement this piece of code into the runbooks.
Unfortunately, we will have to update each runbook, but we can easily do this with dot sourcing.
A very important runbook connected to a schedule!
For this I’ll create another runbook that is connected to a schedule.
And I’ll add some very important code in this runbook, and I’ll dot source the Emergency runbook.
try {
. .\Emergency.ps1
Write-Output 'This is very serious output I need to output!'
}
catch {
Throw $_
}Emergency not enabled
The emergency button is still on false, so the very important piece of code should run, and it does:
Emergency enabled
And now let’s try running it with Emergency enabled!
And yup, the script fails to run because emergency is enabled!
More ideas on how to use this!
You can of course expand this much further.
- Instead of a boolean, you could use a date that scripts are no longer allowed to run until that date.
- You could link a database where you can create an emergency button on the runbook yourself.
- Instead of dot sourcing you could implement this into a module, biggest issue here is that the module has to be installed on a Hybrid Worker as well.
- And probably more I don’t know about!
I hope I have stimulated your creative mind with this.
