Q: Can I use Azure AD to authenticate with Azure Automation?
A: Yes. Previously, Azure Automation only supported using certificates, which required several steps to authenticate to Azure within runbooks:
- Add a credential type of certificate to the automation account
- Create a connection using the uploaded certificate
Download and import the Connect-Azure script from "Connect to an Azure Subscription using Certificates" and use it in your runbooks; for example:
$subName = 'SavillTech Internal Consumption' Connect-Azure -AzureConnectionName $subName
When using Azure AD for authorization, which leverages the Azure Resource Manager (ARM), the connection to Azure is much simpler within the runbooks. The only requirement is to add an Azure AD credential via the Assets tab of the Azure Automation account and select Add Setting then Add Credential. For the Credential type, select Windows PowerShell Credential, give it a name as the following figure shows, enter the username and password, and then save.
The credential can then be used in your runbooks, as in the following example (note that I'm using Add-AzureAccount because I'm using an Azure AD account rather than a certificate):
$Cred = Get-AutomationPSCredential -Name 'JohnSavillTechCred' Add-AzureAccount -Credential $Cred Select-AzureSubscription -SubscriptionName 'Windows Azure Subscription'