quinta-feira, março 21, 2024

Azure Automation Account - SQL Database

Quick tip: To allow an automation account to run a script in an Azure database:

- Create an automation account.
- Enable the identity. In my case, I am using System assigned identity.

 

At the database level, I need to create a database user. Below is the script (In my case, I added it as a database owner):

CREATE USER AutomationAccountSitecore FROM EXTERNAL PROVIDER;
ALTER ROLE db_owner ADD MEMBER AutomationAccountSitecore; 

Below is a simple script that updates the Azure SQL firewall and adds the Automation Account IP to the allowed list:

https://raw.githubusercontent.com/maykonrds/powershell/master/Azure/Update-SqlAzFirewall

terça-feira, março 12, 2024

Azure DevOps

Situation: The Azure DevOps pipeline runs daily, and a new VM (with the same name and configuration) is created each time. The VM creation is based on the snapshot.

Issue: Due to the pipeline configuration, every time the machine was deleted and recreated, we encountered problems related to the Active Directory machine trust, because the machine was a domain member.

Solution: Remove the VM from the Active Directory, create a new snapshot (in the state where the machine is in the workgroup), change the pipeline, and remove and add the machine to the domain every time the pipeline runs.

These are the steps:

 

 

Important: We are using self-hosted agent, which is member of the domain.

These are the code for the steps below:

RemoveADComputerObject

Add VM To Domain (I am using the Azure extension to run a Powershell script):

az vm run-command invoke --resource-group rg --name 'computername' --command-id 'RunPowerShellScript' --scripts "C:\ADJoin\ADDDomain.ps1"

Remove File:

az vm run-command invoke --resource-group devops --name 'qa-fresh' --command-id 'RunPowerShellScript' --scripts 'Remove-Item -Path "C:\ADJoin\ADDDomain.psa1" -Force'