Question 104644 in Azure Question posted in
The official documentation to get you started can be found here.

Azure – Get-AzAutomationJob returns nothing when using managed identity for an automation account

I’ve given the automation account a system assigned managed identity. Successfully used these to set the context :

$AzureContext = (Connect-AzAccount -Identity).context
$AzureContext = Set-AzContext -SubscriptionName $AzureContext.Subscription -DefaultProfile $AzureContext

But when I use this inside the runbook to get the jobs :

Get-AzAutomationJob -ResourceGroupName $resourceGroupName -AutomationAccountName $automationAccountName -RunbookName $runbookName -DefaultProfile $AzureContext

it returns nothing. No error, so command must execute, but doesn’t return any results.
What I noticed is that the context which returns when connecting with the managed identity, doesn’t have values for Name and Subscription. It only has values for Account, Environment and Tenant. Could this be the problem?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Well the problem turned out quite trivial. I had to give permissions for the subscription to the managed identity. Even though I'm not using this identity to access any resources, it still needs permissions to read the subscription data. Unlike the Run As account which doesn't need any permissions. So "problem" solved. Thank you for your time and desire to help!


  2. 0

    I just ran a short test with your commands in the portal powershell and used ‘Get-AzAutomationJob’ with two runbooks. One of them has the status set to ‘Published’ and the other to ‘New’. The new one has no prior jobs that ran.

    enter image description here

    Get-AzAutomationJob -ResourceGroupName $resourceGroupName  -AutomationAccountName $automationAccountName -RunbookName "shutdown" -DefaultProfile $AzureContext

    yields the result:

    ResourceGroupName      : Dev-Portal-01_group
AutomationAccountName  : ls-automation
JobId                  : 06f06c17-77fb-4565-9ad4-da9ca0e5a4ea
CreationTime           : 10/26/2022 3:00:20 PM +00:00
Status                 : Completed
StatusDetails          : 
StartTime              : 10/26/2022 3:00:28 PM +00:00
EndTime                : 10/26/2022 3:00:32 PM +00:00
Exception              : 
LastModifiedTime       : 10/26/2022 3:00:32 PM +00:00
LastStatusModifiedTime : 1/1/0001 12:00:00 AM +00:00
JobParameters          : {}
RunbookName            : shutdown
HybridWorker           : 
StartedBy              :

    and several more showing in the portal.
    enter image description here

    whereas

    Get-AzAutomationJob -ResourceGroupName $resourceGroupName  -AutomationAccountName $automationAccountName -RunbookName "provision-portal" -DefaultProfile $AzureContext

    Gives back nothing.

    After creating a simple scheduled job in the ‘provision-portal’ runbook I received output when running the same command again:

    ResourceGroupName      : Dev-Portal-01_group
AutomationAccountName  : ls-automation
JobId                  : 21ff3540-9843-4ccc-8775-12ffa12c128b
CreationTime           : 10/27/2022 7:07:01 AM +00:00
Status                 : Completed
StatusDetails          : 
StartTime              : 10/27/2022 7:07:16 AM +00:00
EndTime                : 10/27/2022 7:07:20 AM +00:00
Exception              : 
LastModifiedTime       : 10/27/2022 7:07:20 AM +00:00
LastStatusModifiedTime : 1/1/0001 12:00:00 AM +00:00
JobParameters          : {}
RunbookName            : provision-portal
HybridWorker           : 
StartedBy              :

    Can you check the Authoring status and see if it is published and if any jobs are running or ran?

    Kind regards

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search