As an Azure Administrator you might be having the responsibility to handle the data center with thousands of servers, where you wish to quickly and easily enable scalability  from a central, secure location, or wish to assign them declarative configuration in order to enable and meet compliance with the desired state as per the organizational policies. You might also wish to automate the frequently occurring processes in order to reduce the overhead of the IT and the service desk teams and there could also be instances where you would want to automate the process of updating and patching the workloads. Well, this is where Azure Automation service comes for the rescue and is extremely helpful and it can save your organization considerable time and money.

Azure Automation – Overview

Azure Automation is a service in Azure that allows automation of many Azure management tasks and activities. It is built using PowerShell, providing a robust platform having a vast reach and integration opportunities., and it also helps in the orchestration of actions across both, external as well as internal systems right from inside Azure. When I say external, it means workloads that are outside of Azure. It can be in any other cloud or even on-premises. It gives you complete control during the deployment, operations, and decommissioning of workloads and resources.

Since a lot can be done using Azure Automation, it is considered as an expansive automation service while still remaining cost-effective. How? because the relative cost of deployment is low and is based on the pay as you go (PAYG) model. It also brings down the overhead of the IT and service desk personnel tasks, thereby saving a lot of their time and effort.

At a high level, there are three major topic. They are –

1. PowerShell Runbooks – PowerShell runbooks are based on Windows PowerShell providing a robust platform for automating processes. You can create and edit the code of the runbook directly in the editor within the Automation account. You will see this in action during the demo. Microsoft also has provided us with a set of pre-created runbooks for the common tasks like – switching on VMs, shutting down VMs, and many more.

2. Update Management – It gives you the ability to have insights into the update compliance of the workloads not just in Azure, but also non-Azure and on-premises environment so that action can be triggered accordingly, if needed.

3. Desired State Configuration – As we had discussed previously, in case if you wish to quickly and easily enable scalability for the workloads from a central, secure location, or wish to assign these workloads declarative configuration, that is, the default configuration that is expected on the virtual machines as per the organizational policies in order to enable and meet compliance with the desired state, Azure Automation State Configuration is the Answer.

Features and Capabilities

Now that you clearly understand the basics of Azure Automation and how it can be helpful, Let us now shift gears to accelerate and learn the core capabilities and features of Azure automation. We The set of capabilities and features of Azure Automation provides consistent management of resources across Azure, non-azure, and on-premises. It gives you complete control during the deployment, operations, and decommissioning of workloads and other resources. It also provides insights into update compliance of the workloads for actions to be triggered.

• Process Automation
  Process Automation can be achieved using runbooks and brings the benefit of automating repeated, time-consuming, and error-prone end-to-end processes and management tasks. It actually lets the IT and service desk teams to focus on the actual work, thereby adding more business value. By doing so, it helps in 2 ways. First is by boosting the efficiency of the teams and 2 is by helping in reduction of the overall OPEX, that is the operational costs.
  
  It allows creation of runbooks in a variety of ways, such as graphical runbooks, PowerShell runbooks, Python runbooks, etc. We will see more about this in action when we configure the PowerShell Runbooks with a real world example. It also has web-hooks that enables event driven reactive programming ensuring seamless operations.
  
• Configuration Management
  Azure Automation configuration management can be classified as having two features-
  • Desired State Configuration (DSC) – Azure Automation State Configuration (AASC) is management platform on PowerShell and is also known as Desired State Configuration. It enables you to manage the IT and development infrastructure with configuration as a code.
  • Change Tracking and Inventory – Change tracking and inventory allows management and tracking of any configuration or infrastructure changes. It tracks for changes not just on the virtual machines, but also across other services, software, and registries as well, and that is how it helps in monitoring and diagnosing changes that are unwanted  and send notifications.
    
• Update Management
  We discussed about the Update Management and how it helps in automating the process of updating and patching of the virtual machines to meet the update compliance. It is one of the most sought-after features of Azure Automation. It works along with the Log Analytics to detect the vulnerabilities and any missing important security and other updates and then mitigating the issues by automatically patching them. This way it helps in keeping the VMs clean and healthy and also meet the organization security policies.
  
• Shared Capabilities
  Azure automation provides a number of shared capabilities. Some of the key capabilities include shared resources, role-based access control, and source control integration.
  • Shared Resources – Shared resources provides capabilities that makes the automation and configuration management tasks easier and that too at scale. This includes
    • Schedules
    • Modules and Modules Gallery
    • Credentials
    • Variables
    • Certificates
    • Connections
    • Python 2 Packages
  • Role Based Access Control (RBAC) – Azure automation provides role based access control to automation resources for a fine grained regulated access.
  • Source Control Integration – The source control integration feature of Azure automation provides configuration as a code, where you can use source control to check-in runbooks and configurations.
    
• Heterogeneous
  Azure automation is designed to provides a consistent way to support in a hybrid scenario that includes Azure, non-Azure, and on-premises workloads and operating systems (Windows and Linux).

Why Trust Azure Automation

There is always a demand for process improvement in order to reduce the operational expenses and bringing down cost, and we had been discussing on the plethora of possibilities with Azure automation, you might be wondering as to why trust Azure automation? and that question is not wrong. You must make yourself aware about this before you even make an informed decision and suggest process improvement using Azure Automation service in your organization.

So, there are two major reasons for trusting Azure Automation apart from the capabilities and features we just discussed

• Azure has more compliance certifications than any other cloud provider.
• Microsoft  is investing  a lot of money for cybersecurity research and has employed a lot of security experts dedicatedly working on securing data and privacy

Summary

Azure Automation is a cloud-based automation and configuration service that allows you to automate management and IT operations and orchestrate the actions across Azure, non-Azure, and on-premises environment. It helps the IT teams and service desk teams to focus more on the productive work and getting things done, rather than focusing on how the work is to be completed, thereby adding more value to the business. This also helps the organizations in their endeavor to reduce their operational expenses.

In the next post we will learn more about PowerShell Runbooks