Pre-requisite for before creating powershell runbook:
It is only possible to create an Automation account with a run as account if you have the Owner role in your subscription. This is because when you create the run as account (service principle), it will immediately add the service principal in your subscription as a Contributor.
However, you don't require the Owner role if you only intend to use the runbook in the automation account. To establish a PowerShell runbook and execute your action, all you have to do is ask the Owner of your subscription to create an automation account with run as account for you.
1) Create Your Automation Account:
Azure Portal > Search for 'Automation Account' > Create > Give the required data like Name, Subscription Resource group, Location and Select Create Azure Run As Account option to Yes
2: Import Necessary PowerShell Modules
Your Automation Account > Modules Gallery (in left index) > Select "SharePointPnPPowerShellOnline" > Click 'Import' button to import the module.
3: Add Credentials for Run as Account
Establish the login information for the PowerShell script, which connects to the SharePoint Online tenant, generates the storage report for all sites, and then sends out a daily email.
(I've included a sample script that sends mail on a daily basis at the set time.)
- From the automation account, Click on the “Credentials” link in the
quick launch > Click on "Add a credential” button. Provide any valid
credentials that have the necessary access.
Here in my case, I’ve used an account with the SharePoint Online Admin role. Click on the “Create” button to create a credential.
4: Create a Runbook with PowerShell Script
Runbook is the container of the script we are going to run. Runbook lists down all the published Runbooks available for automation.
- Open the Azure Automation account created >> Click on “Runbooks” under process automation.
- Click on “Create a Runbook” >> Assign a name and select its type as PowerShell and click on the “Create” button.
Once the PowerShell Runbook is created, it takes you to the page to edit the PowerShell script to run. Write the necessary PowerShell scripts for the automation.
Below is the my given custom PowerShell script
`#Get Stored Credentials`
`$CrescentCred` `=` `Get-AutomationPSCredential` `-Name` `"StorageRptCred"`
`#Set Variables`
`$TenantAdminURL` `=` `"https://xxxx-admin.sharepoint.com"`
`$EmailTo` `=` `"xxxx@abc.com"`
`#Connect to PnP Online`
`Connect-PnPOnline` `-Url` `$TenantAdminURL` `-Credentials` `$xxxCred`
`$CSSStyle` `=` `"<style>`
`table {font-family: Arial, Helvetica, sans-serif; border-collapse: collapse; width: 100%;}`
`table td, th {border: 1px solid #ddd; padding: 8px;}`
`table tr:hover {background-color: #ddd;}`
`table th { padding-top: 12px; padding-bottom: 12px; text-
align: left; background-color: #4CAF50; color: white;`}`</style>"
#Get the Site collection Storage details
Some code related to format of data
#Send Email
`Send-PnPMail` `-To` `$EmailTo` `-Subject` `"Storage Report"` `-Body` `$EmailBody`
Save and test the PowerShell script by clicking on “Save” and click “test pane” buttons the code editor. Once fine with the script, click on “Publish” to publish the Runbook as Runbooks must be published to create schedules.
**5: Add a Schedule to your PowerShell Script **
As a final step, we’ve to add a schedule to the PowerShell script. Here is how to create a schedule for Azure Runbook.
- Click on “Schedules” from the Runbook created >> Click “Add a schedule”.
- Choose “Link a Schedule to your runbook” >> Click on “Create a new schedule”.
- Fill out the required information for your schedule, including the name, description, start date, time, time zone, and repeating information. The schedule in my case will run every day at the specified time until the expiration date.
Alright, The PowerShell script has now been set up in Azure automation. Here are my planned job emails in action while you wait for the scheduled job to run:
