Automate Azure VM shutdown from Powershell runbook not working and no error

TechGeek 31 Reputation points
2020-11-23T10:35:45.33+00:00

Hi Team,

I created a runbook for automating the shutdown of Azure VM the same is working for another VM but not working for others.

$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName 

"Logging in to Azure..."  
Add-AzureRmAccount `  
    -ServicePrincipal `  
    -TenantId $servicePrincipalConnection.TenantId `  
    -ApplicationId $servicePrincipalConnection.ApplicationId `  
    -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint

}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $.Exception
throw $.Exception
}
}
$azVMs = Get-AzureRMVM | Where-Object {$_.Tags.Starttime -eq '10AM'}
$azVMS | Start-AzureRMVM

I get the below when I test it without any error but the VM does not shutdown

41829-capture.jpg

Azure Automation
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,177 questions
0 comments
Accepted answer
  1. Andreas Baumgarten 103K Reputation points MVP
    2020-11-24T08:37:29.143+00:00

    Hi @TechGeek ,

    I am wondering which user are you using for the Azure Connection.
    In my case I am using the AzureRunAsConnection which is automatically created during setup the Azure Automation Account.
    This account was added manually to the Contributor role in the second Azure Subscription.

    In my PowerShell script it is this part to use the AzureRunAsConnection: 

    $Conn = Get-AutomationConnection -Name AzureRunAsConnection  
Add-AzureRMAccount -ServicePrincipal -Tenant $Conn.TenantID `  
-ApplicationID $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint

    42144-azurerunasconnection1.jpg

    Could you please verify which account is used for the connection in your script and if this account got the permission (role).

    41920-azurerunasconnection2.jpg

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments

7 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 103K Reputation points MVP
    2020-11-23T11:49:57.54+00:00

    Not sure if this is just a type in the post:

    41768-startstop.jpg

    Start-AzureRmVM will not shutdown the VMs. The command to shutdown the VMs is Stop-AzureRmVM.

    Hope this helps.

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments
  2. TechGeek 31 Reputation points
    2020-11-23T11:55:13.467+00:00

    Hey Sorry I pasted the wrong script I had two scripts basically one for stop and one for start, i used the stop still the VM does not shut down.

    Below is the script.

    $connectionName = "AzureRunAsConnection"
    try
    {
    # Get the connection "AzureRunAsConnection "
    $servicePrincipalConnection=Get-AutomationConnection -Name $connectionName

    "Logging in to Azure..."
Add-AzureRmAccount `
    -ServicePrincipal `
    -TenantId $servicePrincipalConnection.TenantId `
    -ApplicationId $servicePrincipalConnection.ApplicationId `
    -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint

    }
    catch {
    if (!$servicePrincipalConnection)
    {
    $ErrorMessage = "Connection $connectionName not found."
    throw $ErrorMessage
    } else{
    Write-Error -Message $.Exception
    throw $    .Exception
    }
    }
    $azVMs = Get-AzureRMVM | Where-Object {$_.Tags.VMSCHEDULE -eq '11PM'}
    $azVMS | Stop-AzureRMVM -force

    0 comments
  3. Andreas Baumgarten 103K Reputation points MVP
    2020-11-23T12:44:13.62+00:00

    I just tested the script below and it is working fine.

    I am doing the connection a different way but the rest is the same. I added the $azVMs.Name to get an output which VMs are found. 

    ## Connection  
$Conn = Get-AutomationConnection -Name AzureRunAsConnection  
Add-AzureRMAccount -ServicePrincipal -Tenant $Conn.TenantID `  
-ApplicationID $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint  
## Get VMs with Tag VMSCHEDULE:11PM  
$azVMs = Get-AzureRMVM | Where-Object {$_.Tags.VMSCHEDULE -eq '11PM'}  
## OUtput VMs  
$azVMs.Name  
$azVMS | Stop-AzureRMVM -force

    The result looks like this in the Test pane

    41922-testpane.jpg

    And at the end both VMs are deallocted/stopped.

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments
  4. TechGeek 31 Reputation points
    2020-11-23T13:00:19.093+00:00

    I added the $azVMs.Name still I get the same screen as before, to add some more information i have 3 subscriptions,s and when I run Get-AzureRmContext in the same script I see only one subscription i do not get the subscription where this VM is running

    41923-image.png

    0 comments