search

Simulating a Runbook Environment

To develop new runbooks, you might need to enable RealmJoin.RunbookHelper to authenticate as if you were running inside a Runbook.

hashtag
Overview

hashtag
Create an Application Registration

We create an Azure Application Registration to simulate the application-style signin to Microsoft Entra.

Create an App Registration

hashtag
Grant Permissions

We will grant the same permissions as the managed identity would have. We will use the same AppRoleGranter Toolkitarrow-up-right for this purpose.

Replace {AppRegObjectId} with the object ID of your application registration.

hashtag
Create and Upload a Dev-Certificate

See here arrow-up-rightfor a sample on how to create a RunbookHelper Dev-Certificate. Replace {Variables} accordingly.

The {AppID} refers to the Application Regsitrations App / Client ID.

If you don't have a specific subscription ID, just use a default subscription from your tenant. (It doesn't matter in most cases.)

You will get a file AzureRunAsConnection.cer that you upload to the Application Registration secrets.

circle-info

If you want to serve multiple apps / environments, you can replace the default "AzureRunAsConnection" inCN=AzureRunAsConnection with a custom name when creating the certificate for that environment.

You can then select which the environment/certificate (e.g. "OtherEnv") to connect using Connect-RjRbGraph -AutomationConnectionName "OtherEnv"

This way you can access multiple environments from the same machine.

Certificate upload

hashtag
Usage

Just use Connect-RjRbGraph to authenticate to the app.

Make sure to remove older Dev-Certificates using mmc.exe from your set of personal certificates if present to avoid conflicts/login failures.

Last updated

Was this helpful?