(+351) 21 24 10006  ·  info@bconcepts.pt
Carnaxide, Lisbon
PowerShell
PowerShell 1 min

Azure Automation Runbooks: scheduling and running PowerShell in the cloud

João Barros 17 de December de 2025 1 min read

Azure Automation is a managed service that runs PowerShell (and Python) Runbooks in the cloud, with no dedicated VM needed. Ideal for scheduled Azure administration tasks — stopping resources, cleanup, reports and automatic remediation.

Create an Automation account and Runbook

# Via PowerShell (or the portal)
New-AzAutomationAccount -Name "aa-bconcepts-ops" -ResourceGroupName "rg-ops" -Location "westeurope"

# Create a PowerShell Runbook
New-AzAutomationRunbook -AutomationAccountName "aa-bconcepts-ops" `
    -ResourceGroupName "rg-ops" `
    -Name "RB_StopDevVMs" `
    -Type PowerShell

Runbook — automatic shutdown of dev VMs

# Runbook code
param([string]$ResourceGroup = "rg-dev")

# Authentication via System-assigned Managed Identity
Connect-AzAccount -Identity

# Stop VMs tagged AutoStop = true
Get-AzVM -ResourceGroupName $ResourceGroup |
    Where-Object { $_.Tags["AutoStop"] -eq "true" } |
    ForEach-Object {
        $status = (Get-AzVM -Name $_.Name -ResourceGroupName $ResourceGroup -Status).Statuses |
                  Where-Object { $_.Code -like "PowerState/*" }
        if ($status.Code -eq "PowerState/running") {
            Write-Output "Stopping: $($_.Name)"
            Stop-AzVM -ResourceGroupName $ResourceGroup -Name $_.Name -Force
        }
    }

Secure variables and credentials

# In the Automation Account → Shared Resources → Variables
New-AzAutomationVariable -AutomationAccountName "aa-bconcepts-ops" `
    -ResourceGroupName "rg-ops" -Name "NotifyEmail" `
    -Value "ops@bconcepts.pt" -Encrypted $false

# In the Runbook, read the variable:
$email = Get-AutomationVariable -Name "NotifyEmail"

Schedule execution

# Daily schedule at 22:00 Lisbon (UTC+1 in summer)
$schedule = New-AzAutomationSchedule -AutomationAccountName "aa-bconcepts-ops" `
    -ResourceGroupName "rg-ops" -Name "NightlyStop" `
    -StartTime (Get-Date "22:00") -DayInterval 1 -TimeZone "GMT Standard Time"

Register-AzAutomationScheduledRunbook -AutomationAccountName "aa-bconcepts-ops" `
    -ResourceGroupName "rg-ops" -RunbookName "RB_StopDevVMs" `
    -ScheduleName "NightlyStop" -Parameters @{ ResourceGroup = "rg-dev" }

Conclusion

Azure Automation replaces dedicated VMs for recurring maintenance tasks. With Managed Identity, there are no credentials to manage; with encrypted variables, secrets stay safe; with schedules, automation is reliable and auditable.

Share:
← Back to PowerShell Book a free consultation →