Simulating a Runbook environment
To develop new runbooks, you might need to enable RealmJoin.RunbookHelper to authenticate as if you were running inside a Runbook.
Overview
Create an Application Registration
We create an Azure Application Registration to simulate the application-style signin to Microsoft Entra.
Grant Permissions
We will grant the same permissions as the managed identity would have. We will use the same AppRoleGranter Toolkit for this purpose.
Replace {AppRegObjectId}
with the object ID of your application registration.
Create and Upload a Dev-Certificate
See here for a sample on how to create a RunbookHelper Dev-Certificate. Replace {Variables}
accordingly.
The {AppID}
refers to the Application Regsitrations App / Client ID.
If you don't have a specific subscription ID, just use a default subscription from your tenant. (It doesn't matter in most cases.)
You will get a file AzureRunAsConnection.cer
that you upload to the Application Registration secrets.
If you want to serve multiple apps / environments, you can replace the default "AzureRunAsConnection" inCN=AzureRunAsConnection
with a custom name when creating the certificate for that environment.
You can then select which the environment/certificate (e.g. "OtherEnv") to connect using Connect-RjRbGraph -AutomationConnectionName "OtherEnv"
This way you can access multiple environments from the same machine.
Usage
Just use Connect-RjRbGraph
to authenticate to the app.
Make sure to remove older Dev-Certificates using mmc.exe from your set of personal certificates if present to avoid conflicts/login failures.
Last updated