You can manage your virtual machines directly on PowerShell using the Windows Remote Managing or WinRM and a PowerShell technique called Remote Shell, but locally.. so how you can use the same with you Azure VMs. let’s run this Script and wonder with the potential of this RemoteShell…
<#PSScriptInfo
.VERSION 1.0
.GUID b66368a8-dc27-481a-b4f3-dff65a6d42ee
.AUTHOR Azure-Automation-Team
.COMPANYNAME Microsoft
.COPYRIGHT
.TAGS AzureAutomation OMS VirtualMachines Utility
.LICENSEURI
.PROJECTURI https://github.com/azureautomation/runbooks/blob/master/Utility/Connect-AzureVM.ps1
.ICONURI
.EXTERNALMODULEDEPENDENCIES
.REQUIREDSCRIPTS
.EXTERNALSCRIPTDEPENDENCIES
.RELEASENOTES
#>
#Requires -Module Azure
<#
.DESCRIPTION
This runbook sets up a connection to an Azure virtual machine. It requires the Azure virtual machine to
have the Windows Remote Management service enabled, which is the default. It sets up a connection to the Azure
subscription and then imports the certificate used for the Azure VM so remote PowerShell calls can be made to it.
This runbook sets up a connection to an Azure virtual machine. It requires the Azure virtual machine to
have the Windows Remote Management service enabled, which is the default. It sets up a connection to the Azure
subscription and then imports the certificate used for the Azure VM so remote PowerShell calls can be made to it.
#>
Param()
Param()
<#
.SYNOPSIS
Sets up the connection to an Azure VM
.SYNOPSIS
Sets up the connection to an Azure VM
.DESCRIPTION
This runbook sets up a connection to an Azure virtual machine. It requires the Azure virtual machine to
have the Windows Remote Management service enabled, which is the default. It sets up a connection to the Azure
subscription and then imports the certificate used for the Azure VM so remote PowerShell calls can be made to it.
This runbook sets up a connection to an Azure virtual machine. It requires the Azure virtual machine to
have the Windows Remote Management service enabled, which is the default. It sets up a connection to the Azure
subscription and then imports the certificate used for the Azure VM so remote PowerShell calls can be made to it.
.PARAMETER AzureSubscriptionName
Name of the Azure subscription to connect to.
Name of the Azure subscription to connect to.
.PARAMETER AzureOrgIdCredential
A credential containing an Org Id username / password with access to this Azure subscription.
If invoking this runbook inline from within another runbook, pass a PSCredential for this parameter.
If starting this runbook using Start-AzureAutomationRunbook, or via the Azure portal UI, pass as a string the
name of an Azure Automation PSCredential asset instead. Azure Automation will automatically grab the asset with
that name and pass it into the runbook.
name of an Azure Automation PSCredential asset instead. Azure Automation will automatically grab the asset with
that name and pass it into the runbook.
.PARAMETER ServiceName
Name of the cloud service where the VM is located.
Name of the cloud service where the VM is located.
.PARAMETER VMName
Name of the virtual machine that you want to connect to.
Name of the virtual machine that you want to connect to.
.EXAMPLE
Connect-AzureVM -AzureSubscriptionName «Visual Studio Ultimate with MSDN» -ServiceName «Finance» -VMName «WebServer01» -AzureOrgIdCredential $cred
Connect-AzureVM -AzureSubscriptionName «Visual Studio Ultimate with MSDN» -ServiceName «Finance» -VMName «WebServer01» -AzureOrgIdCredential $cred
.NOTES
AUTHOR: System Center Automation Team
LASTEDIT: Dec 18, 2014
#>
workflow Connect-AzureVM
{
[OutputType([System.Uri])]
AUTHOR: System Center Automation Team
LASTEDIT: Dec 18, 2014
#>
workflow Connect-AzureVM
{
[OutputType([System.Uri])]
Param
(
[parameter(Mandatory=$true)]
[String]
$AzureSubscriptionName,
(
[parameter(Mandatory=$true)]
[String]
$AzureSubscriptionName,
[parameter(Mandatory=$true)]
[PSCredential]
$AzureOrgIdCredential,
[PSCredential]
$AzureOrgIdCredential,
[parameter(Mandatory=$true)]
[String]
$ServiceName,
[parameter(Mandatory=$true)]
[String]
$VMName
)
Add-AzureAccount -Credential $AzureOrgIdCredential | Write-Verbose
# Select the Azure subscription we will be working against
Select-AzureSubscription -SubscriptionName $AzureSubscriptionName | Write-Verbose
Select-AzureSubscription -SubscriptionName $AzureSubscriptionName | Write-Verbose
InlineScript {
# Get the Azure certificate for remoting into this VM
$winRMCert = (Get-AzureVM -ServiceName $Using:ServiceName -Name $Using:VMName | select -ExpandProperty vm).DefaultWinRMCertificateThumbprint
$AzureX509cert = Get-AzureCertificate -ServiceName $Using:ServiceName -Thumbprint $winRMCert -ThumbprintAlgorithm sha1
# Get the Azure certificate for remoting into this VM
$winRMCert = (Get-AzureVM -ServiceName $Using:ServiceName -Name $Using:VMName | select -ExpandProperty vm).DefaultWinRMCertificateThumbprint
$AzureX509cert = Get-AzureCertificate -ServiceName $Using:ServiceName -Thumbprint $winRMCert -ThumbprintAlgorithm sha1
# Add the VM certificate into the LocalMachine
if ((Test-Path Cert:\LocalMachine\Root\$winRMCert) -eq $false)
{
Write-Progress «VM certificate is not in local machine certificate store – adding it»
$certByteArray = [System.Convert]::fromBase64String($AzureX509cert.Data)
$CertToImport = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList (,$certByteArray)
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store «Root», «LocalMachine»
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
$store.Add($CertToImport)
$store.Close()
}
if ((Test-Path Cert:\LocalMachine\Root\$winRMCert) -eq $false)
{
Write-Progress «VM certificate is not in local machine certificate store – adding it»
$certByteArray = [System.Convert]::fromBase64String($AzureX509cert.Data)
$CertToImport = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList (,$certByteArray)
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store «Root», «LocalMachine»
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
$store.Add($CertToImport)
$store.Close()
}
# Return the WinRM Uri so that it can be used to connect to this VM
Get-AzureWinRMUri -ServiceName $Using:ServiceName -Name $Using:VMName
}
}