Authentication and Azure Automation Runbooks

AzureAutomationRecently I ran into an issue with Authentication and Azure Automation child runbooks. The goal was to call a PowerShell child runbook following the documentation here. I was using the cmdlet method, starting the runbook with the Start-AzureRmAutomationRunbook command. Trying to call the child runbook from the parent, I get the error:


Start-AzureRmAutomationRunbook : Object reference not set to an instance of an object.

Further testing showed I could run the command interactively in PowerShell, so the command was correct. The problem was that the parent runbook has to authenticate to the Azure Automation account before it can call a child runbook. At the time of this writing, that fact was not indicated in the article above. The article here gives direction in Step 5 on running a child PowerShell Workflow runbook. Although I wasn’t using PowerShell Workflow, the process is the same. Adding this to the beginning of my parent runbook did the trick:

$Conn = Get-AutomationConnection -Name AzureRunAsConnection
Connect-AzureRmAccount -ServicePrincipal -Tenant $Conn.TenantID `
-ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint

The parent runbook authenticats to Azure Automation with the Azure run as account when this is added to the start of the parent runbook. Once authenticated, the runbook has permission to call child runbooks in the Automation account. Now runbooks are running as they should.

One thought on “Authentication and Azure Automation Runbooks

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.