Azure Automation

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

14 hours 28 minutes
Video Transcription
Hello, Siberians. Welcome to Lesson 4.1 off model. Far off this car stated, is a trees over one Microsoft azure architect design.
So he had a leading objectives for this video.
I was startled by covering what as your automation is so that we help our understanding off what the seven seas and wait does would then move on to cover process automation flow in azure automation.
So one of the capabilities of one of the core capabilities of a job automation is something called process automation, which allows us to be ableto orchestrate repeatable tasks. Well, then proceeds to cover as your automation hybrid walker, which is a way to extend the functionalities off as automation
toe on premises, environment on premises data centers
then finally will cover as automation DSC to help you to understand the capabilities that as your automation has when it comes to D. S. C.
Let's get into this. Let's talk about the automation for a while
as automation that live as a cloud based automation and configuration service that provides consistent management across ah Hajer and non as your environment.
To put that most simply has, your commission consists off three men feature sets
process automation
configuration management on updates management
Let's delve into that a bit farther
the capabilities off as automation.
So let's take process automation, for example,
as automation provide us the ability to automate frequent and time consuming tasks.
So what? That's Mrs, that we can alter this thing's called run books, which I essentially like automation scripts. We can hotter those with Power shell with Peyton,
and then we can run those automation scripts of Rumbo against different resources in hasher outside Hasher.
Then we go to con figuration management. So this is based on disaster configuration, which is a service has been around for a while on premises.
But beyond that, this capability off a short emissions allows us to be able to get an inventory
about in guest resources off resources that are installed on different service down premises or nausea. In other words, what is installed on our service? Hardly configured as your commission allows us to take detailed invent tree of peace,
but not only that, it provides a rich reporting and such capability
so that we can quickly do compare and contrast on. We can track changes across different services and demons and software and registry on fouls on that can help us to quickly identify causes off issues.
Then it also has capabilities for updates. Management on opted management that cuts across Windows on Lenox systems on it cuts across whether the sever
that we're managing the hope did for his running Anheuser what it running on premises or whether it running in order cloud platforms like Google Cloud Platform or AWS.
So what is up days? What this job did? Management allows us to this we can shed, though deployment off update. We can orchestrate the insulation off obvious. We can define maintenance windows right on we can on. Also, if an object should not be in starting a mission, we can exclude Staub date from deployments to those machines. So it's
It's a nice management to for managing updates.
Beyond that, as your commission has, she had resources that we can share on. We can make use off in a repeatable way, right? So, for example, is automation consists off road supports robes Access Control Board, which allows us to be able to control access to the account and the resources itself.
But it also has the ability to integrate with sauce control.
And so we can to C I, C. D and automation right across that it allows us to be ableto implement shadows and be ableto use models and share models. But it's community models are custom designed models
on. It has a lot of that capability off when we create the shed resources that would then we can re use multiple times
on it also caught across different and farming. So it's not just limited to service our resources that are running in hasher as your true mission is designed to walk across. I believe hybrid cloud environment on what its windows only knocks does, no matter.
Let's look in Ma details at process automation as it consents as your automation.
The first we win needs to this we need to create on as automation account.
Now, after we quit on a shorter mission account, then we can alter, or we can import what are called run books, which essentially automation scripts within this automation account. And those one books can either be Power Shell Corp Eitan based
Then what we can do is we can shadow or manage the execution off this run books against our resources that are running in hasher,
one of the other advantages that as the automation account as when it comes to process automation is already shared resources that are available. So, for example, we can create certificates which which we can just for authentication or security. We can create connections, which may be as your 80 identity information on Key Valley appears.
We can create credentials with sensitive information like user names and passwords.
And then we can reuse all these information across different run books.
What are some of the common scenarios for automation or making use of this service?
A good example will be to deploy V EMS across the hybrid and vomit using one book,
right so we can We can integrate with tools like Jenkins, so I should develop STO automates. The beauty in and deployment of resources across on premises are azure, so it's really freezing something like also, as your stack,
we can configure veteran missions and an automated way right, so posts deployment configuration. It's a good way toe implement as your automation. To be able to achieve this,
we can use its to monitor and identify changes in our mission we talked about one off the capabilities off azure information being back capability for update management was part of that includes a collection off invent tree on detailed collection and invent tree.
Then we can do protection so we can quiet in virtual machine of security and lattice way so we can automate that toe. Have run books that says, If a security a lot is the text on the machine It Tree Gazza run book that can isolates the mission. So that's a good use. Gives their security use cases for that
and also for governance use cases. One of the favorite ones that have it off
is when you spin up a machine or a sequel databases in Hangzhou that can pass on in French event. Great. Which tree gather Knowledge automation run book that scans the mission and make sure that it's configured according to the complaints requirement off your organization.
Now looking modify again at process Automation workflow. We need to treat get the run books after we've created them the different ways that we can, usually together on books, you can forget them from the photo. We can trigger them on the shadow
we can treat. Get them using where books we can treat at Amy's and partial. Or we can't even do a latch tree. Get
run books, wave theirs and relax that comes in maybe from another service and agile a tree gets a run book that tries to fix whatever the issue is on. Then, as a mention in there, we can run this against our eyes, your resources.
But beyond that, as automation supports this thing called hybrid Walker that extends the capability of Asia automation to our own premises, dissent is.
What's this hybrid? Walker Finn.
It's Adam Premises. Several that's running something called Microsoft Management Agent. So we install this makes off management agent on this on premises. Sever andare registered against ours automation accounts
This hybrid walkout responsible for executing one books that I downloaded from Madge Automation
against How want premises Resources.
It's report Result. Back off the execution of the run books. It can reports the result back to as your automation or even into Logan analytics.
It can be deployed in group for high availability. If you want modern one, you can have two off them
on. One of the good things about it is it does not require you to open on additional impound Farewell Vil into your environment because it makes out banished City P s cause. And that's what's the communication is driven by.
Let's look at it to be that as automation, disaster, it configuration.
So for those of you that may be familiar with disaster configuration, essentially you can think off as your commissions desired state configuration as all stead DSC pools ever.
So we have this post ideas people so that we don't need to set up. It's about we deny environment. We can import our disaster configurations script into this service. When we import it into the service we can compound, Mitarai generates the more Faust.
And then we can vegeta our missions with on premises or in Asia
against this service so that they grab the configuration from the service and then they apply the configuration and report back their complaint. Staters tow the service so it essentially simplifies the ODS a process off. You having to set up your own survey, it becomes a Allstate service. Essentially,
this brings me to the hand off this lesson. Thanks very much for watching, and I'll see you in the next lesson.
Up Next
AZ-301 Microsoft Azure Architect Design

This AZ-301 training covers the skills that are measured in the Microsoft Azure Architect Design certification exam. Learn strategies to plan for the exam, target your areas of study, and gain hands-on experience to prepare for the real world.

Instructed By