# Azure Automation Service ## How to Set Up Azure Automation for Agent Installation in Virtual Machines? ## Overview This document outlines the steps to set up Azure Automation for agent installation in virtual machine. It provides detailed instructions for downloading agent files, creating storage and automation accounts, and managing roles and runbooks in Azure. By following these steps, you will be able to automate the installation of agents in your Azure environment efficiently. ## Table of Contents - [Prerequisites](#step0) - [Download the Agent Installation Files](#step1) - [Create a Storage Account](#step2) - [Create an Azure Automation Account](#step3) - [Create a New Runbook](#step4) - [Troubleshooting](#troubleshooting) - [Conclusion](#conclusion) ## Prerequisites - **Azure Subscription**: Ensure you have an active Azure subscription. - **Automation Account**: Create an Automation account to manage runbooks and authenticate to Azure resources. - **Storage Account**: Create a storage account to store agent binaries and scripts. ## Step 1: Download the Agent Installation Files 1. **Access Endpoint Central** - Log in to the Endpoint Central web console. - Navigate to **Agent** > **Computers**. - Select the remote office and click on **Download Agent**. ## Step 2: Create a Storage Account 1. **Login to the Azure Portal** 2. **Create a Storage Account** - Go to **All services** and select **Storage Accounts**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice1.png) ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice2.png) - Click on the Create Storage Account. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice3.png) - Enter the storage account name: **ecagentbinary**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice4.png) **Note:** If you use a different name, update the Automation runbook script accordingly. - Modify default settings as needed and click **Create**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice5.png) - Wait for the deployment to finish, then click **Go to resource**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice6.png) 3. **Upload the Agent File** - In the storage account, navigate to **Overview** and click **Upload**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice7.png) - Upload the file: **Downloaded Agent File**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice8.png) - Set the container name as **scriptcontainer**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice9.png) **Note:** If you use a different name, update the Automation runbook script accordingly. - After the upload completes, go to the **Containers** tab and open **scriptcontainer**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice10.png) ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice11.png) 4. **Generate a SAS Token** - Right-click on **LocalOffice_Agent.exe** and select **Generate SAS**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice12.png) - Set the expiration date and allowed protocol, then click **Generate SAS token and URL**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice13.png) - Copy the **Blob SAS URL**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice14.png) 5. **Prepare the Installation Script** - Download the [attached script](https://www.manageengine.com/products/desktop-central/scripts/InstallAgentAzure.ps1) and open it in a text editor. - Replace the placeholder `LocalOffice_Agent.exe Agent_MSI_URL` with the **Blob SAS URL**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice15.png) - Save the file as **InstallAgentAzure.ps1**. - Upload **InstallAgentAzure.ps1** to the same **scriptcontainer**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice16.png) ## Finalize Storage Container Contents Your **scriptcontainer** should now contain: - **LocalOffice_Agent.exe** - **InstallAgentAzure.ps1** ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice17.png) ## Step 3: Create an Azure Automation Account 1. **Login to the Azure Portal**. 2. **Create an Automation Account** - Navigate to **Automation Accounts** and click **Add**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice18.png) - Choose your resource group. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice19.png) - Name the Automation account: **agentinstallation**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice20.png) - In the Advanced tab, select **System Managed Identity**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice21.png) - Review your settings and click **Create**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice22.png) 3. **Enable System Managed Identity** - Once the deployment completes, click **Go to resource**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice23.png) - Search for **Identity** and toggle **System Managed Identity** to **On**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice25.png) 4. **Assign Roles** - Click **Azure role assignments** and use **Add role assignment** to assign the following roles: ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice25.png) - **Role 1**: - Scope: Resource group - Subscription: Your target subscription - Role: Virtual Machine Contributor ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice26.png) - **Role 2**: - Scope: Storage - Subscription: Your target subscription - Resource: ecagentbinary - Role: Storage Blob Data Contributor ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice27.png) - Wait a few minutes to verify that the roles are assigned. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice28.png) ## Step 4: Create a New Runbook 1. **Go to the Automation Account** and select **Runbooks**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice29.png) 2. Click **Create a runbook** and fill in the details: - Name: **agentinstallation** - Runbook type: **PowerShell** - Runtime version: **5.1** - Click **Review + Create**. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice30.png) ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice31.png) 3. **Edit the Runbook** - Download the [script](https://www.manageengine.com/products/desktop-central/scripts/runbookscript.ps1) and copy the link and paste it into the editor. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice32.png) ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice33.png) - Save and publish the runbook. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice34.png) ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice35.png) 4. **Start the Runbook** - Wait for the deployment to finish, then click **Start** once available. - Open the **Jobs** tab to monitor the status and check the output tab for execution results. ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice36.png) ## Troubleshooting In case of errors during script execution, ensure that the following two modules are imported in the **Modules** tab of the Automation account: Run time 5.1 - az.accounts ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice37.png) - az.compute ![dwg trueviewer](https://www.manageengine.com/products/desktop-central/images/azureautomationservice38.png) ## Conclusion By following this guide, you have successfully set up Azure Automation for agent installation. This setup streamlines the process of deploying agents across your Azure environment, allowing for greater efficiency and easier management. If you encounter any issues or have questions, don't hesitate to seek further assistance.