1

I'm wanting to execute a Powershell script from an Azure VM to get its current public IP address (and to write this address to an evironment variable for an application to use).

My question is what the best way to authenticate the Azure Powershell environment is? On AWS credentials get 'baked' into an instance when it gets created. Does the equivalent happen with Azure Virtual Machines?

Improve this question
3
  • Are you running this script as part of a deployment? Or after the deployment is finished? If the former, you can pass creds in to the deployment via KeyVault... Commented Jul 20, 2016 at 17:26
  • This is a test machine which is scheduled to be stopped each night and then started again each morning. I want to run this script on startup (since a new IP address will have been allocated). Commented Jul 20, 2016 at 20:45
  • 1
    Ok, so two options that might work for you - 1) use an AzureAutomation runbook to start and stop on the schedule, there are some sample runbooks here: powershellgallery.com/packages/Start-AzureV2VMs and here: powershellgallery.com/packages/Stop-AzureV2VMs or 2) when you provision the VM, pass in the creds you want to use to run the script locally via KeyVault - #1 seems like a better solution for your scenario. Commented Aug 3, 2016 at 15:39

1 Answer 1

Reset to default
1

You can use a Management Certificate contained in your Publish Settings file and 'bake' it yourself

Import-AzurePublishSettingsFile –PublishSettingsFile C:\Store\my.publishsettings

If you already have a certificate for management, you can store it in your vm and use it in PS

# Get management certificate from personal store
$certificate = Get-Item cert:\\CurrentUser\My\$CertificateThumbprint
if ($certificate -eq $null) {
throw “Management certificate for $SubscriptionName was not found in the users personal certificate store. Check thumbprint or install certificate”
}

# Set subscription profile
Set-AzureSubscription -SubscriptionName $SubscriptionName -SubscriptionId $SubscriptionId -Certificate $certificate

# Select subscription as the current context
Select-AzureSubscription -SubscriptionName $SubscriptionName
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.