다음을 통해 공유


Running Azure Automation runbooks from IFTTT tasks

I recently had an idea (ok lets call it 'collaboratively came up with while talking to one of the grads in our office) to look at ways that I could trigger runbooks in my Azure Automation account from my phone. The specific issue we were looking to solve in this case was "how can I easily shut down all the VMs in my subscription from my phone if I forget to turn them off". Now I already have a runbook that was scheduled to shut down the VMs every night at 11pm as a 'just in case' but surely there was a better way if I remembered before than to rely on that automation schedule. After a little bit of thought, the idea of create a "do button" from IFTTT (stands for "if this then that", great little automation site that I recommend you check out if you haven't used it already) seemed to be the perfect solution for me. So here's a run through of the solution from start to end.

Creating the runbook

For my example here my runbook I wanted to look for all Virtual Machines in my subscription and shut them down to avoid excess billing. The script I use for this is fairly straightforward:

 $connectionName = "AzureRunAsConnection"
try
{
    $servicePrincipalConnection = Get-AutomationConnection -Name $connectionName        

    Add-AzureRmAccount `
        -ServicePrincipal `
        -TenantId $servicePrincipalConnection.TenantId `
        -ApplicationId $servicePrincipalConnection.ApplicationId `
        -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint | Out-Null
}
catch 
{
    if (!$servicePrincipalConnection)
    {
        $ErrorMessage = "Connection $connectionName not found."
        throw $ErrorMessage
    } 
    else
    {
        Write-Error -Message $_.Exception
        throw $_.Exception
    }
}

Write-Output -InputObject "Looking for VMs that are running"
Get-AzureRmVm | ForEach-Object -Process {
    $status = Get-AzureRmVM -ResourceGroupName $_.ResourceGroupName -Name $_.Name -Status
    if($status.Statuses | Where-Object -FilterScript { $_.Code -match "PowerState/running" })  
    {
        Write-Output "Stopping VM [$($_.Name)] from Resource Group [$($_.ResourceGroupName)]"
        $_ | Stop-AzureRmVM -Force
    }
}

This bit of script basically calls out all the VMs in the subscription, checks their power state and if they are running, we pipe out to Stop-AzureRMVM to tell Azure to de-provision the virtual machines.

Creating a webhook

The next piece of the puzzle is to create a webhook on the runbook. This allows the runbook to be triggered by a specific URL being called. To create a webhook for our runbook we simply go in to the runbook in the Azure portal, select "webhooks" and then select the "add webhook" at the top. You'll be presented with a screen like this:

New webhook screen

Here you set whether or not a webbook can be enabled, when it expires (it's a good idea from a security stand point to not make this a never ending period of time, rather roll these over and use new URLs at regular intervals to keep them secret and secure) and you see the URL that will be created at the bottom there. Also note the security message at the top of the window there - the URL is never again shown anywhere in the portal and can't be retrieved again from here (again, for security purposes) so it's important to copy/paste the URL somewhere safe at this point so you don't lose it before you click the OK button to save the new webhook.

Build a new applet in IFTTT

Now things are set up on the Azure side of things, we need to look at how we can create an applet in IFTTT. To start sign in and go to the "my applets" screen and select "new applet".

New applet

Next we click the "this" link and then need to search for the "do button" trigger, this allows us to tell IFTTT that our applet will be triggered whenever we press the specific "do" button in the mobile app on either an iOS or Android device that I've signed in to. It's worth noting that there are dozens and dozens of other ways to trigger things in IFTTT, the do button is the one that suits the specific type of function I need this time around, but you should also consider exploring some of their other recipes for applets and get a feel for other ways it can be triggered as well.

do button

Select "button press" as the trigger and then we can select the "that" link and search for a task called "maker". Maker is designed to allow applets to be triggered by web requests, or to send our web requests in response to a trigger (which is exactly what we want this time around).

Maker

Once we are at the maker configuration screen select "make a web request" and then we can craft the type of request we want to send. We start by pasting the URL in we created earlier for our webhook and then setting the method to "POST". Now in my example runbook for this scenario there is no need to craft a body as I don't have any parameters to pass to it, however if you adapt this scenario and need to pass parameters to a runbook, go and have a read of the Azure Automation Webhooks documentation to get a feel for how that should be structured and how to use the variables in your runbooks.

Maker example

Click create action and after this you'll be all set!

Triggering the applet

I have an android device so these steps will vary a little for someone on iOS, but basically once you install the "do button" app on iOS, or the IFTTT app on android you can then trigger the do button. In my case I add a widget to the homescreen of my android that I can now simply press the button on, and this will trigger my action!

Android home screen

You can tell if it's being triggered in a couple of places. Firstly if you head to the IFTTT activity screen you should see where the action was triggered and if you allow GPS access to the IFTTT app it'll show you where it was triggered from, in this case you can see I ran it from the Microsoft office in Canberra.

IFTTT activity

You can also go back to the runbook in the Azure portal and see that the run was completed by going in to the "jobs" section of the runbook.

Runbook jobs

And that's it! Now when I remember that I haven't shut any of my VMs down it's a simple matter of unlocking my phone and pressing a single button - super straightforward to do and it leverages my existing runbook to do it! Now you can take this basic example and look at all the other ways you might want to trigger runbooks in Azure Automation using webhooks and extend it to better support your use of the cloud - Enjoy!

Comments

  • Anonymous
    November 08, 2016
    Nice post!
  • Anonymous
    November 08, 2016
    Superb!
  • Anonymous
    November 13, 2016
    This is great, thanks for posting :)
  • Anonymous
    December 05, 2016
    Great post Brian! Super helpful
  • Anonymous
    January 05, 2017
    Great post. Can this be done using Logc app as well?
    • Anonymous
      August 20, 2017
      Good question - in theory, yes. You could also look at using Microsoft Flow as well, but I haven't got around to testing it yet. - B