SlideShare una empresa de Scribd logo

Azure Automation and Update Management

Descargar como PPTX, PDF
Udaiappa Ramachandran
Udaiappa Ramachandran

Azure Automation delivers cloud-based automation, operating system updates, and configuration service that supports consistent management across your Azure and non-Azure environments. It includes process automation, configuration management, update management, shared capabilities, and heterogeneous features.

Tecnología
1 de 14
Azure Automation and Update Management Udaiappa Ramachandran ( Udai ) https://udai.io
About me • Udaiappa Ramachandran ( Udai ) • CTO-Akumina, Inc. • Cloud Expert • Microsoft Azure, Amazon Web Services, and Google • New Hampshire Cloud User Group (http://www.meetup.com/nashuaug ) • https://udai.io
Agenda • Automation • Authentication • Certificate Creation • PowerShell Workflow • PowerShell DSC • Update Management • Source control integration • Windows Admin Center • Demo…Demo…Demo…
Introduction • What is Azure Automation? • Automation Features • Process automation • Configuration management • Change Tracking and Inventory • Azure Automation State Configuration • Update management • Shared capabilities • Shared resources • Role-based access control • Source control integration • Heterogeneous features. • Windows and Linux • Azure and Non-Azure
Common Scenarios • Schedule tasks • Write runbooks • Build and deploy resources • Configure VMs • Share knowledge • Retrieve inventory • Find changes • Periodic maintenance • Respond to alerts • Hybrid automation • Azure resource lifecycle management • Dev/test automation scenarios • Governance related automation • Azure Site Recovery • Windows Virtual Desktop
Authentication • Run As account • Classic Run As account • Service principal for Run As account • System assigned managed identity • User assigned managed identity
PowerShell - Self-Signed Certs cd $PSScriptRoot $subject= read-host "Please enter the certificate subject" $pwd= read-host "Please enter the password" $todaydt = Get-Date $enddt = $todaydt.AddYears(10) $cert=New-SelfSignedCertificate -Subject $subject -KeyAlgorithm RSA -KeyLength 2048 -CertStoreLocation "Cert:CurrentUserMy" -notafter $enddt $certPassword = ConvertTo-SecureString -String $pwd -Force -AsPlainText $pfxFilePath="akumina_v5.pfx" $certFilePath="akumina_v5.cer" Export-PfxCertificate -Cert $cert -FilePath $pfxFilePath -Password $certPassword Export-Certificate -Cert $cert -FilePath $certFilePath
OpenSSL - Self-Signed Certs #Set the OPENSSL_CONF file set OPENSSL_CONF=C:Program FilesGitusrsslopenssl.cnf #Create RSA Key Pair openssl genrsa -out rsakeypair.pem 2048 #Create CSR openssl req -new -sha256 -key rsakeypair.pem -out yourapp.csr #Create CRT openssl x509 -req -sha256 -days 365 -in yourapp.csr -signkey rsakeypair.pem -out yourapp.crt #Create pfx file for IIS import of certificate openssl pkcs12 -export -out yourapp.pfx -inkey rsakeypair.pem -in yourapp.crt
Desired State Configuration • Configuration Management service • Create and manage PowerShell scripts for state configuration • Allows configuration management of workloads in Azure or Non-Azure • Management of DSC Artifacts • PowerShell DSC pull/reporting service hosted in the cloud • PowerShell DSC is declarative and not imperative • Authoring PowerShell DSC • Create DSC File • Compile the DSC file into Microsoft Object Format (MOF) file • Stage the DSC file for the target nodes • WMI providers implement the desired configuration as per DSC
UpdateManagement • Updates received thru Log Analytics workspace • Schedule updates for Windows/Linux VMs
Windows Admin Center • Manage Virtual machines from Azure Portal
Source control integration • Single direction synchronization from your repository to cloud • Easy to promote development environment to production automation account • Integration enabled through Managed Identity (System or User) and RunAs account • User Managed Identity using Automation Variable (AUTOMATION_SC_USER_ASSIGNED_IDENTITY_ID =<CLIENTID>) • RunAs Account using Automation variable (AUTOMATION_SC_USE_RUNAS =true) • Enable Source control integration using Azure Portal or PowerShell
Demo… • Azure Automation Creation and Overview • Authentication Types • Running Runbooks • Scheduling • Running PowerShell DSC • Inventory and Change Tracking • Update Management • Version Control
Reference • Azure Automation: https://docs.microsoft.com/en-us/azure/automation/ • Azure Update Management: https://docs.microsoft.com/en- us/azure/automation/update-management/overview • WSUS: https://docs.microsoft.com/en-us/azure/architecture/example- scenario/wsus/ • WSUS Package Publisher: https://github.com/DCourtel/Wsus_Package_Publisher • Preview: Patch Management: https://docs.microsoft.com/en-us/azure/virtual- machines/automatic-vm-guest-patching

Recomendados

Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Server update management optimization
Server update management optimizationServer update management optimization
Server update management optimization
Allen Brokken
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptx
ceyhan1
 
Azure App Service
Azure App ServiceAzure App Service
Azure App Service
BizTalk360
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
Introduction to Azure DevOps
Introduction to Azure DevOpsIntroduction to Azure DevOps
Introduction to Azure DevOps
Lorenzo Barbieri
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
Dinusha Kumarasiri
 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud Services
David J Rosenthal
 

Recomendados

Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Server update management optimization
Server update management optimizationServer update management optimization
Server update management optimization
Allen Brokken
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptx
ceyhan1
 
Azure App Service
Azure App ServiceAzure App Service
Azure App Service
BizTalk360
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
Introduction to Azure DevOps
Introduction to Azure DevOpsIntroduction to Azure DevOps
Introduction to Azure DevOps
Lorenzo Barbieri
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
Dinusha Kumarasiri
 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud Services
David J Rosenthal
 
Windows Azure Blob Storage
Windows Azure Blob StorageWindows Azure Blob Storage
Windows Azure Blob Storage
ylew15
 
Azure Cloud PPT
Azure Cloud PPTAzure Cloud PPT
Azure Cloud PPT
Aniket Kanitkar
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
Raju Kumar
 
Azure Storage
Azure StorageAzure Storage
Azure Storage
Mustafa
 
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
Amazon Web Services
 
Azure Web Apps - Introduction
Azure Web Apps - IntroductionAzure Web Apps - Introduction
Azure Web Apps - Introduction
Christopher Gomez
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
gjuljo
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
Amazon Web Services
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
New Horizons Ireland
 
5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilot
Andrew Bettany
 
Microsoft Azure Fundamentals
Microsoft Azure FundamentalsMicrosoft Azure Fundamentals
Microsoft Azure Fundamentals
Adwait Ullal
 
Executing a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSExecuting a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWS
Amazon Web Services
 
Introduction to Azure monitor
Introduction to Azure monitorIntroduction to Azure monitor
Introduction to Azure monitor
Praveen Nair
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azure
Charith Suriyakula
 
Azure active directory
Azure active directoryAzure active directory
Azure active directory
Raju Kumar
 
Cloud Migration, Application Modernization and Security for Partners
Cloud Migration, Application Modernization and Security for PartnersCloud Migration, Application Modernization and Security for Partners
Cloud Migration, Application Modernization and Security for Partners
Amazon Web Services
 
Azure Migrate
Azure MigrateAzure Migrate
Azure Migrate
Mustafa
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
Windows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft AzureWindows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft Azure
David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 
Become an Automation Ninja in 60 Minutes
Become an Automation Ninja in 60 MinutesBecome an Automation Ninja in 60 Minutes
Become an Automation Ninja in 60 Minutes
Michael Rüefli
 
Kåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureKåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azure
Nordic Infrastructure Conference
 

Más contenido relacionado

La actualidad más candente

AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
Amazon Web Services
 
Cloud Migration, Application Modernization and Security for Partners
Cloud Migration, Application Modernization and Security for PartnersCloud Migration, Application Modernization and Security for Partners
Cloud Migration, Application Modernization and Security for Partners
Amazon Web Services
 
Windows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft AzureWindows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft Azure
David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 

La actualidad más candente (20)

Windows Azure Blob Storage
Windows Azure Blob StorageWindows Azure Blob Storage
Windows Azure Blob Storage
 
Azure Cloud PPT
Azure Cloud PPTAzure Cloud PPT
Azure Cloud PPT
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
 
Azure Storage
Azure StorageAzure Storage
Azure Storage
 
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
 
Azure Web Apps - Introduction
Azure Web Apps - IntroductionAzure Web Apps - Introduction
Azure Web Apps - Introduction
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
 
5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilot
 
Microsoft Azure Fundamentals
Microsoft Azure FundamentalsMicrosoft Azure Fundamentals
Microsoft Azure Fundamentals
 
Executing a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSExecuting a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWS
 
Introduction to Azure monitor
Introduction to Azure monitorIntroduction to Azure monitor
Introduction to Azure monitor
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azure
 
Azure active directory
Azure active directoryAzure active directory
Azure active directory
 
Cloud Migration, Application Modernization and Security for Partners
Cloud Migration, Application Modernization and Security for PartnersCloud Migration, Application Modernization and Security for Partners
Cloud Migration, Application Modernization and Security for Partners
 
Azure Migrate
Azure MigrateAzure Migrate
Azure Migrate
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
Windows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft AzureWindows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft Azure
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 

Similar a Azure Automation and Update Management

Kåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureKåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azure
Nordic Infrastructure Conference
 
Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...
Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...
Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...
Tokyo Azure Meetup
 
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
CodeMill digital skills
 

Similar a Azure Automation and Update Management (20)

Become an Automation Ninja in 60 Minutes
Become an Automation Ninja in 60 MinutesBecome an Automation Ninja in 60 Minutes
Become an Automation Ninja in 60 Minutes
 
Kåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureKåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azure
 
Aos canadian tour (YOW) @energizedtech - Manage AzureRM with powershell
Aos canadian tour (YOW) @energizedtech - Manage AzureRM with powershellAos canadian tour (YOW) @energizedtech - Manage AzureRM with powershell
Aos canadian tour (YOW) @energizedtech - Manage AzureRM with powershell
 
Microsoft Operations Management Suite
Microsoft Operations Management Suite Microsoft Operations Management Suite
Microsoft Operations Management Suite
 
Tokyo azure meetup #8 azure update, august
Tokyo azure meetup #8 azure update, augustTokyo azure meetup #8 azure update, august
Tokyo azure meetup #8 azure update, august
 
Tokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustTokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, August
 
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSCWinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
 
Tokyo Azure Meetup #6 - Azure Monthly Update - June
Tokyo Azure Meetup #6 - Azure Monthly Update - JuneTokyo Azure Meetup #6 - Azure Monthly Update - June
Tokyo Azure Meetup #6 - Azure Monthly Update - June
 
VMware Automation, PowerCLI presented at the Northern California PSUG
VMware Automation, PowerCLI presented at the Northern California PSUGVMware Automation, PowerCLI presented at the Northern California PSUG
VMware Automation, PowerCLI presented at the Northern California PSUG
 
Automating Your Microsoft Azure Environment (DevLink 2014)
Automating Your Microsoft Azure Environment (DevLink 2014)Automating Your Microsoft Azure Environment (DevLink 2014)
Automating Your Microsoft Azure Environment (DevLink 2014)
 
Presentation desarrollos cloud con oracle virtualization
Presentation desarrollos cloud con oracle virtualizationPresentation desarrollos cloud con oracle virtualization
Presentation desarrollos cloud con oracle virtualization
 
Azure functions serverless
Azure functions serverlessAzure functions serverless
Azure functions serverless
 
Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...
Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...
Tokyo Azure Meetup #7 - Introduction to Serverless Architectures with Azure F...
 
Campus days Azure HDInsight automation
Campus days Azure HDInsight automationCampus days Azure HDInsight automation
Campus days Azure HDInsight automation
 
Get On Top of Azure Resource Security Using Secure DevOps Kit for Azure
Get On Top of Azure Resource Security Using Secure DevOps Kit for AzureGet On Top of Azure Resource Security Using Secure DevOps Kit for Azure
Get On Top of Azure Resource Security Using Secure DevOps Kit for Azure
 
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
 
Adelaide Global Azure Bootcamp 2018 - Azure 101
Adelaide Global Azure Bootcamp 2018 - Azure 101Adelaide Global Azure Bootcamp 2018 - Azure 101
Adelaide Global Azure Bootcamp 2018 - Azure 101
 
SCCM on Microsoft Azure
SCCM on Microsoft AzureSCCM on Microsoft Azure
SCCM on Microsoft Azure
 
More Cache for Less Cash (DevLink 2014)
More Cache for Less Cash (DevLink 2014)More Cache for Less Cash (DevLink 2014)
More Cache for Less Cash (DevLink 2014)
 
Automatyzacja Microsoft Azure z wykorzystaniem Azure Automation
Automatyzacja Microsoft Azure z wykorzystaniem Azure AutomationAutomatyzacja Microsoft Azure z wykorzystaniem Azure Automation
Automatyzacja Microsoft Azure z wykorzystaniem Azure Automation
 

Más de Udaiappa Ramachandran

RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
Udaiappa Ramachandran
 
Level up your security using Intune.pptx
Level up your security using Intune.pptxLevel up your security using Intune.pptx
Level up your security using Intune.pptx
Udaiappa Ramachandran
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
Udaiappa Ramachandran
 
AI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptxAI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptx
Udaiappa Ramachandran
 
DOTNET8.pptx
DOTNET8.pptxDOTNET8.pptx
DOTNET8.pptx
Udaiappa Ramachandran
 
AzureSynapse.pptx
AzureSynapse.pptxAzureSynapse.pptx
AzureSynapse.pptx
Udaiappa Ramachandran
 
Vector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptxVector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptx
Udaiappa Ramachandran
 

Más de Udaiappa Ramachandran (20)

RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
Level up your security using Intune.pptx
Level up your security using Intune.pptxLevel up your security using Intune.pptx
Level up your security using Intune.pptx
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
AI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptxAI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptx
 
DOTNET8.pptx
DOTNET8.pptxDOTNET8.pptx
DOTNET8.pptx
 
AzureSynapse.pptx
AzureSynapse.pptxAzureSynapse.pptx
AzureSynapse.pptx
 
Vector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptxVector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptx
 
SecureAzureServicesUsingADAuthentication.pptx
SecureAzureServicesUsingADAuthentication.pptxSecureAzureServicesUsingADAuthentication.pptx
SecureAzureServicesUsingADAuthentication.pptx
 
AzureOpenAI.pptx
AzureOpenAI.pptxAzureOpenAI.pptx
AzureOpenAI.pptx
 
OpenAI-Copilot-ChatGPT.pptx
OpenAI-Copilot-ChatGPT.pptxOpenAI-Copilot-ChatGPT.pptx
OpenAI-Copilot-ChatGPT.pptx
 
DiagnoseAndSolveproblems.pptx
DiagnoseAndSolveproblems.pptxDiagnoseAndSolveproblems.pptx
DiagnoseAndSolveproblems.pptx
 
MAUI.pptx
MAUI.pptxMAUI.pptx
MAUI.pptx
 
CosmosDB.pptx
CosmosDB.pptxCosmosDB.pptx
CosmosDB.pptx
 
.NET7.pptx
.NET7.pptx.NET7.pptx
.NET7.pptx
 
AzureDevOps
AzureDevOpsAzureDevOps
AzureDevOps
 
AzureCostManagementAndBilling
AzureCostManagementAndBillingAzureCostManagementAndBilling
AzureCostManagementAndBilling
 
.NET6.pptx
.NET6.pptx.NET6.pptx
.NET6.pptx
 
Azure staticwebapps
Azure staticwebappsAzure staticwebapps
Azure staticwebapps
 
Azure privatelink
Azure privatelinkAzure privatelink
Azure privatelink
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Último (20)

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Azure Automation and Update Management

  • 1. Azure Automation and Update Management Udaiappa Ramachandran ( Udai ) https://udai.io
  • 2. About me • Udaiappa Ramachandran ( Udai ) • CTO-Akumina, Inc. • Cloud Expert • Microsoft Azure, Amazon Web Services, and Google • New Hampshire Cloud User Group (http://www.meetup.com/nashuaug ) • https://udai.io
  • 3. Agenda • Automation • Authentication • Certificate Creation • PowerShell Workflow • PowerShell DSC • Update Management • Source control integration • Windows Admin Center • Demo…Demo…Demo…
  • 4. Introduction • What is Azure Automation? • Automation Features • Process automation • Configuration management • Change Tracking and Inventory • Azure Automation State Configuration • Update management • Shared capabilities • Shared resources • Role-based access control • Source control integration • Heterogeneous features. • Windows and Linux • Azure and Non-Azure
  • 5. Common Scenarios • Schedule tasks • Write runbooks • Build and deploy resources • Configure VMs • Share knowledge • Retrieve inventory • Find changes • Periodic maintenance • Respond to alerts • Hybrid automation • Azure resource lifecycle management • Dev/test automation scenarios • Governance related automation • Azure Site Recovery • Windows Virtual Desktop
  • 6. Authentication • Run As account • Classic Run As account • Service principal for Run As account • System assigned managed identity • User assigned managed identity
  • 7. PowerShell - Self-Signed Certs cd $PSScriptRoot $subject= read-host "Please enter the certificate subject" $pwd= read-host "Please enter the password" $todaydt = Get-Date $enddt = $todaydt.AddYears(10) $cert=New-SelfSignedCertificate -Subject $subject -KeyAlgorithm RSA -KeyLength 2048 -CertStoreLocation "Cert:CurrentUserMy" -notafter $enddt $certPassword = ConvertTo-SecureString -String $pwd -Force -AsPlainText $pfxFilePath="akumina_v5.pfx" $certFilePath="akumina_v5.cer" Export-PfxCertificate -Cert $cert -FilePath $pfxFilePath -Password $certPassword Export-Certificate -Cert $cert -FilePath $certFilePath
  • 8. OpenSSL - Self-Signed Certs #Set the OPENSSL_CONF file set OPENSSL_CONF=C:Program FilesGitusrsslopenssl.cnf #Create RSA Key Pair openssl genrsa -out rsakeypair.pem 2048 #Create CSR openssl req -new -sha256 -key rsakeypair.pem -out yourapp.csr #Create CRT openssl x509 -req -sha256 -days 365 -in yourapp.csr -signkey rsakeypair.pem -out yourapp.crt #Create pfx file for IIS import of certificate openssl pkcs12 -export -out yourapp.pfx -inkey rsakeypair.pem -in yourapp.crt
  • 9. Desired State Configuration • Configuration Management service • Create and manage PowerShell scripts for state configuration • Allows configuration management of workloads in Azure or Non-Azure • Management of DSC Artifacts • PowerShell DSC pull/reporting service hosted in the cloud • PowerShell DSC is declarative and not imperative • Authoring PowerShell DSC • Create DSC File • Compile the DSC file into Microsoft Object Format (MOF) file • Stage the DSC file for the target nodes • WMI providers implement the desired configuration as per DSC
  • 10. UpdateManagement • Updates received thru Log Analytics workspace • Schedule updates for Windows/Linux VMs
  • 11. Windows Admin Center • Manage Virtual machines from Azure Portal
  • 12. Source control integration • Single direction synchronization from your repository to cloud • Easy to promote development environment to production automation account • Integration enabled through Managed Identity (System or User) and RunAs account • User Managed Identity using Automation Variable (AUTOMATION_SC_USER_ASSIGNED_IDENTITY_ID =<CLIENTID>) • RunAs Account using Automation variable (AUTOMATION_SC_USE_RUNAS =true) • Enable Source control integration using Azure Portal or PowerShell
  • 13. Demo… • Azure Automation Creation and Overview • Authentication Types • Running Runbooks • Scheduling • Running PowerShell DSC • Inventory and Change Tracking • Update Management • Version Control
  • 14. Reference • Azure Automation: https://docs.microsoft.com/en-us/azure/automation/ • Azure Update Management: https://docs.microsoft.com/en- us/azure/automation/update-management/overview • WSUS: https://docs.microsoft.com/en-us/azure/architecture/example- scenario/wsus/ • WSUS Package Publisher: https://github.com/DCourtel/Wsus_Package_Publisher • Preview: Patch Management: https://docs.microsoft.com/en-us/azure/virtual- machines/automatic-vm-guest-patching

Notas del editor

  1. What is Azure Automation? Azure automation delivers a cloud-based automation and configuration service that provides consistent management across your Azure and non-Azure environments Common Scenarios Process Automation – Orchestrate processes using graphical, powershell and Python runbooks Configuration Management – Collect inventory, Track changes, Configure desired state Update Management-Assess compliance, Schedule update installation Shared Capabilities- Role based access control, Secure, global store for variables, credentials, certificates, connections, flexible scheduling, shared modules, source control support , auditing, tags
  2. Schedule tasks - stop VMs or services at night and turn on during the day, weekly or monthly recurring maintenance workflows. Write runbooks - Author PowerShell, PowerShell Workflow, graphical, Python 2 and 3, and DSC runbooks in common languages. Build and deploy resources - Deploy virtual machines across a hybrid environment using runbooks and Azure Resource Manager templates. Integrate into development tools, such as Jenkins and Azure DevOps. Configure VMs - Assess and configure Windows and Linux machines with configurations for the infrastructure and application. Share knowledge - Transfer knowledge into the system on how your organization delivers and maintains workloads. Retrieve inventory - Get a complete inventory of deployed resources for targeting, reporting, and compliance. Find changes - Identify and isolate machine changes that can cause misconfiguration and improve operational compliance. Remediate or escalate them to management systems. Periodic maintenance - to execute tasks that need to be performed at set timed intervals like purging stale or old data, or reindex a SQL database. Respond to alerts - Orchestrate a response when cost-based, system-based, service-based, and/or resource utilization alerts are generated. Hybrid automation - Manage or automate on-premises servers and services like SQL Server, Active Directory, SharePoint Server, etc. Azure resource lifecycle management - for IaaS and PaaS services. Dev/test automation scenarios - Start and start resources, scale resources, etc. Governance related automation - Automatically apply or update tags, locks, etc. Azure Site Recovery - orchestrate pre/post scripts defined in a Site Recovery DR workflow. Windows Virtual Desktop - orchestrate scaling of VMs or start/stop VMs based on utilization.
  3. #TO READ CONTENT OF PFX FILE $outFile="akumina_v5.txt" $clearBytes = get-content $pfxFilePath -Encoding Byte [System.Convert]::ToBase64String($clearBytes)| Out-File $outFile http://kaushikghosh12.blogspot.com/2016/08/self-signed-certificates-with-microsoft.html
  4. RSA=Rivest-Shamir-Adleman CSR=Certificate Signing Request file PEM=Privacy-Enhanced Mail (de facto file format for storing and sending ryptographic keys, certificates and other data) PFX=Personal Information Exchange http://kaushikghosh12.blogspot.com/2016/08/self-signed-certificates-with-microsoft.html Difference between makecert and openssl is that makecert does not create CSP of 24 (The value remains 1) where as openssl does when used pvk2pfx with switch –sy 24
  5. Can be used as a report-only endpoint WMI=Windows Management Instrumentation Push Mode=Configurations are applied via the Start-DSCConfiguration PowerShell command PullMode=Configurations are stored centrally, and the nodes are configured to pole and pull the configurations from the central location
  6. WSUS-Windows Server Update Service