Start your VM with the click of an actual BUTTON

 

Background:

I use Elgato StreamDeck to help automate my work. I am not a streamer or producer.

Effective demonstration is critical for my ability to connect with clients and customers - listening to what a customer wants is a large part of building trust.

I need to be agile - demonstrate the art of possible quickly, based on listening to customers and clients. Afterall they want to see what THEY can do, not what I can do.

That said, this topic post isn't a direct client recommendation. I put this together to share with those who demonstrate, or who desire automation of test environments and happen to use Azure, Windows and Elgato StreamDeck. 

(and sorry - not going to talk about StreamDeck and New Teams)

Having multiple environments, and many personas - I need the ability pivot between environments on the fly, while speaking and often sharing my screen.

I know there are other virtual tools which can be used, like Windows Sandbox or Edge Profiles, or in-private browsing. I need the ability to represent clients with a full Windows and application experience.

Goals:

• Start one of many Virtual Machines (needed due to auto-shutdown for cost control)
• log into VM with remote desktop
• Secure identities and logins

Disclaimer - while this activity does improve flexibility and automation - be mindful securing your StreamDeck (physically), and the information you store in your configuration.

We could execute PowerShell scripts to perform what we need here - identity and authentication can be a challenge - especially with interactive logins. So we are going to look at using Azure Automation with Azure Runbook.

Steps:

First we need to create Azure Automation Account and ensure this account has the right privileges. From the Azure Portal, navigate to Azure Automation Accounts and follow the quick steps to create.

We also need to assign role permissions to Azure Automation Account - this is a decision point, consider adding the permissions to an individual resource group, or to the entire subscription. Note we are using the Azure Virtual Machine Contributor built in role. You could also create a custom role with additional limitations - custom role creation does require Azure AD P2.

Next we will create the Runbook. For more info on Runbooks - Getting Started With Azure Runbooks. This is the easiest step thanks to Sam Cogan - Azure MVP. Within the Azure Portal, from your Azure Automation Account page - 

Note - this runbook will handle both starting and stopping of the VM. The control for start/stop comes from the parameter passed in the POST message. We'll cover that when we configure the StreamDeck button.

You can create the runbook using VS Code, or using the built-in editor. Since this will be a cut/paste exercise - the built in editor is perfect.

param (

    [Parameter (Mandatory = $false)]

    [object] $WebHookData

)

$WebhookBody = $WebHookData.RequestBody  

$InputData = (ConvertFrom-Json -InputObject $WebhookBody)  

write-output $InputData

$action =$InputData.action

$vmResourceId = $InputData.vmResourceId

# Input Validation

if(!$action -or ($action -ne "start" -and $action -ne "stop")){

    throw "request must include an action value set to start or stop"

}

if(!$vmResourceId ){

    throw"request must include vm name, resource group and subscription"

}

$subscriptionId=$vmResourceId.split('/')[2]

# Ensures you do not inherit an AzContext in your Runbook

Disable-AzContextAutosave -Scope Process

# Connect to Azure with system-assigned managed identity

$AzureContext = (Connect-AzAccount -Identity).context

# set and store context

$AzureContext = Set-AzContext -Subscription $subscriptionId -DefaultProfile $AzureContext

Write-Output "Action $action triggered on $vmResourceId"

#Start VM

if($action -eq "start"){

Start-AzVM -Id $vmResourceId -NoWait

}

#Stop VM

if($action -eq "stop"){

Stop-AzVM -Id $vmResourceId -NoWait

}

Write-Output "$action for resource $vmResourceId completed"

Once pasted into the editing canvas, click save, and don't forget to publish.

Next we create a WebHook to call the runbook. From your runbook page in Azure, you will see the 

Be sure to save the URL created in the webhook - we will need that later, and you cant get back to it.

You may need to click on "Parameters and Run Settings" once you enter a name for your webhook in order to create/save your webhook. No information is needed for input here.

Runbook is created and ready.

Now to the StreamDeck.

In order to trigger our webhook we need to send via POST method. To do this in StreamDeck, you will need to add the API Ninja plugin from the Elgato store.

Select an open button location and drag/drop API Ninja to the open position.

Create a title, select request type "POST", and paste the API URL we copied from the webhook creation step in the previous steps.

Continue to scroll down to the Data section of the button command. Here is where we control the Start/Stop function, and define the specific VM you wish to start.

For a start button:

{

    "action": "start",

      "vmResourceId": "/subscriptions/<subscription id>/resourceGroups/<resource group name>/providers/Microsoft.Compute/virtualMachines/<vm name>"

   

  }

For a stop button:

{

    "action": "stop",

      "vmResourceId": "/subscriptions/<subscription id>/resourceGroups/<resource group name>/providers/Microsoft.Compute/virtualMachines/<vm name>"

   

  }

Modify the resource group and VM name when inserting to the Data field.

Done !!

You can check the Jobs section in Azure Portal for successful runs.

If you see successful completions, yet your VM hasn't started.

Click on each run to gather details on each run, and note input, output and errors.

There may be authentication scenarios where you need to modify the Azure

Automation account to ensure VM contributor role is applied to allow the automation

start/stop VM resources.

Thanks all !!! Hope this is useful.

I added a second set of button's for automating the launch of the RDP session with

authentication as the persona I need. I might add these steps in my next post.