In this year’s Azure Spring Clean my session is called “Using Azure Automation to save money – a quick win!“, and covers the following topics:
-
What is Azure Automation?
-
How does Azure Automation help save cost?
-
Why use Terraform and Azure Automation?
-
Demo Environment
-
Learning more about Azure Terraform
-
Resources / Links / Code
I’ve chosen this topic as it’s something I’ve used extensively – and whilst this demo is simple and designed as an introduction (and something that could easily be introduced into Labs and Testing), it sets the foundation for using more Azure Automation within Terraform.
Don’t forget to check out all of the other awesome sessions and topics at https://www.azurespringclean.com/
Azure Spring Clean 2024:
You can download a copy of the slides here, and my summary notes are also included below.
What is Azure Automation?
-
One of many ways to automate within Azure – Logic Apps, Power Apps, Event Grid, Power Automate etc.
-
Cloud-based automation, OS updates, and configuration.
-
Works across Azure and non-Azure environments.
-
Process Automation, Configuration Management, Update Management, Shared Capabilities, and Heterogeneous features.
-
Very cost effective – minimal cost to run!
You can read more about Azure Automation here: https://learn.microsoft.com/en-us/azure/automation/overview.
How does Azure Automation help save costs?
Azure Automation can help save costs in many ways – in my example environment and video, I’m using it to achieve the following:
-
Automate the Power State of Virtual Machines – Great for VDI, e.g. Citrix or AVD!
-
Schedule VMs to be Powered Off when not in use = a saving on compute costs.
-
We can Power On and Off VMs on a scheduled basis using Tags.
-
Allows our environments to optimise compute time and therefore cost.
-
Handy for Lab / Dev / Test environments – but also has many use cases in Production.
Why combine Terraform and Azure Automation?
My honest view here is…. why not? If you are working with Terraform and Azure, bringing Azure Automation into your infrastructure as code configuration and deployment can bring many advantages:
-
Cost – Terraform enables more rapid deployment, changes, test environments etc. Automation provides the ability for Power Management of VMs (and beyond).
-
Speed – faster deployment due to less manual intervention (no ClickOps), easy testing, less human error etc. Enables DevOps methods/practices. VMs shut down in a timely fashion by Automation – not just when we remember!
-
Risk – reduced through testing, consistency of deployments, version control etc. Automation runs on a scheduled basis.
I’ve talked at numerous events and meetups about the benefits of Infrastructure as Code, and I always come back to the cyclical nature of the benefits – each benefit provides an enhancement that enables more productivity, and so on…
About the Demo Environment
If you are following my demo in the video, you will need to use this Lab Environment: https://github.com/jakewalsh90/Terraform-Azure/tree/main/Azure-Automation-Demo
The demo environment creates the following resources:
-
A Resource Group.
-
Azure Automation Account.
-
Azure Automation Runbook.
-
PowerShell script to shutdown VMs with a specific tag.
-
Azure Automation Schedule.
-
Azure Automation Managed Identity (for Azure Automation Runbook, which assigns Contributor permissions to the current Subscription).
-
Schedule applied to Runbook to shut down our test VM.
We also need a VM we can test on, with a Tag set! (this is not created by Terraform), so if you don’t have a VM available, you’ll need to create one and apply the required tag.
The demo process carries out the following once we have deployed the Terraform (e.g. when Terraform has finished, and Azure Automation is now in place and waiting for the schedule):
-
Automation Runbook runs at scheduled time
-
Runs PowerShell script to find VMs with correct Tag.
-
Uses Managed Identity to interact with Azure Resources
-
Runs Power Off on discovered VMs.
The Runbook is PowerShell based, and uses a simple script to find VMs with the correct Tag (set to 1800 daily in the Schedule in Terraform – see below):
The time that the Automation runs is defined by Terraform within the block below – note that the Terraform sets the time the Schedule Runs (start_time), but the Tag is set in the parameters of the azurerm_automation_job_schedule. With this in mind – you could take a different approach, perhaps different times with many schedules, or use an identifier – e.g. schedule A, B, C or similar – there’s no set way to do this!
resource "azurerm_automation_schedule" "daily_1800" { name = "daily_1800" resource_group_name = azurerm_resource_group.automation1.name automation_account_name = azurerm_automation_account.automation1.name frequency = "Day" interval = 1 timezone = "Europe/London" start_time = "2023-07-09T18:00:00+01:00" description = "This is an example schedule" } resource "azurerm_automation_job_schedule" "daily_1800_shutdown" { resource_group_name = azurerm_resource_group.automation1.name automation_account_name = azurerm_automation_account.automation1.name schedule_name = "daily_1800" runbook_name = "vm_power_off" parameters = { dailyshutdowntime = "1800" } }
Learning more about Azure Terraform, and helpful Resources:
- Azure / Terraform Blog Posts:
- HashiCorp Learn – Azure Tutorial:
- Try Some Sample Environments:
- GitHub Repo for my demo: https://github.com/jakewalsh90/Terraform-Azure/tree/main/Azure-Automation-Demo
- An Introduction to Azure Terraform – Festive Tech Calendar Session: https://jakewalsh.co.uk/festive-tech-calendar-2023-an-introduction-to-azure-terraform/
- Azure Terraform Repo – lots of labs, demos, and sample code to try: https://github.com/jakewalsh90/Terraform-Azure
- Upcoming Welsh Azure User Group – Azure Terraform Session: https://www.meetup.com/msft-stack/events/299361444/
I hope this video and post has been helpful – looking forward to Azure Spring Clean 2025!