-
Notifications
You must be signed in to change notification settings - Fork 0
/
vmcreate_v1.ps1
140 lines (108 loc) · 5.95 KB
/
vmcreate_v1.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
<#
.SYNOPSIS
vmcreate_v1.ps1 is an Azure Automation Powershell Runbook
.DESCRIPTION
This script recieves webhook data from OMS based on Azure Activity Logs recording a VM create
It will record the basic CMDB data and write it to the automation account output and to an azure storage table with the write-cmdbdata function
.EXAMPLE
This should be called by OMS based on an activity log search. See blogs.technet.microsoft.com/knightly
.NOTES
#>
param([object]$webhookdata)
#confirm this is being called via webhook, parse the json and get the vm information to variables
if ($webhookdata -ne $null)
{
#these output writes are for debugging and understanding the webhook format
write-output $webhookdata.webhookname
Write-Output $webhookdata.requestheader
write-output $webhookdata.requestbody
#get data from the webhook request body
$cmdata = ConvertFrom-Json $WebhookData.RequestBody
$resourceID = $cmdata.searchresults.value.resourceID
write-output $cmdata.searchresults.value.resource
$vmname = $cmdata.searchresults.value.resource
$rgname = $cmdata.searchresults.value.resourcegroup
$subID = $cmdata.searchresults.value.subscriptionID
$caller = $cmdata.searchresults.value.caller
write-output $vmname + 'in resource group ' + $rgname 'in sub' + $subID + 'was created'
$subID = $subID.tostring()
#authenticate to azure with the runas account
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure..."
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
#collect VM information into variable
$x = 0 #this will increment on each $cmdata.searchresults.value in order to find all of the vms in the alert webhook
foreach ($value in $cmdata.searchresults.value)
{
if ($cmdata.searchresults.value[$x] -ne $null) {
Write-Output "$x is the curent value of X" #this is for debugging
$resourceID = $cmdata.searchresults.value[$x].resourceID
write-output $cmdata.searchresults.value[$x].resource
$vmname = $cmdata.searchresults.value[$x].resource
$rgname = $cmdata.searchresults.value[$x].resourcegroup
$subID = $cmdata.searchresults.value[$x].subscriptionID
$caller = $cmdata.searchresults.value[$x].caller
write-output $vmname + 'in resource group ' + $rgname 'in sub' + $subID + 'was created'
$subID = $subID.tostring()
Select-AzureRmSubscription -SubscriptionId $SubId
$vminfo = Get-AzureRmvm -Name $vmname -ResourceGroupName $Rgname
write-output $vminfo
Write-output 'above is the full vminfo'
Select-AzureRmSubscription -SubscriptionId $SubId
#Collecting the basic virtual machine information
$vmsize = $vminfo.HardwareProfile.vmsize
$nic = $vminfo.NetworkProfile.NetworkInterfaces
$string = $nic.id.ToString()
$nicname = $string.split("/")[-1]
$ipconfig = Get-AzureRmNetworkInterface -ResourceGroupName $rgname -Name $nicname
$ipconfig = $ipconfig.IpConfigurations.privateipaddress
$name = $vminfo.Name
$ostype = $vminfo.StorageProfile.OsDisk.OsType
$location = $vminfo.location
$subname = Get-AzureRmSubscription
$subname = $subname.SubscriptionName
$a = get-date
$date = $a.ToShortDateString()
$time = $a.ToShortTimeString()
$x++
#writing output into the automation account
write-output "$vmsize $Ipconfig $location $name $ostype $caller $timestamp"
#once VM information is collected, it can be written into a storage table
Select-AzureRmSubscription -SubscriptionName 'sub1' #this should be the subscription that owns the storage account, not where the VM is deployed
$resourceGroup = "OMSRG" #resource group that contains the storage table
$storageAccount = "oamcmdbjk" #storage account that contains the table
$tableName = "CMData"
$saContext = (Get-AzureRmStorageAccount -ResourceGroupName $resourceGroup -Name $storageAccount).Context
$table = Get-AzureStorageTable -Name $tableName -Context $saContext
#search the storage table to see if the VM already exists
[string]$filter1 = [Microsoft.WindowsAzure.Storage.Table.TableQuery]::GenerateFilterCondition("ResourceID", [Microsoft.WindowsAzure.Storage.Table.QueryComparisons]::Equal, "$resourceID")
$new = Get-AzureStorageTableRowByCustomFilter -table $table -customFilter $filter1
if ($new -eq $null) {
$partitionKey = "VMcreates"
Add-StorageTableRow -table $table -partitionKey $partitionKey -rowKey ([guid]::NewGuid().tostring()) -property @{"SubscriptionName" = "$subname"; "SubscriptionID" = "$subid"; "ResourceGroup" = "$rgname"; "ResourceID" = "$resourceID"; "computerName" = "$vmname"; "ostype" = "$ostype"; "CreatorID" = "$caller"; "PrivateIP" = "$IPconfig"; "Location" = "$Location"; "VMSize" = "$VMsize"; "Date" = "$Date"; "Time" = "$Time"}
}
else {
$partitionKey = "VMUpdates"
Add-StorageTableRow -table $table -partitionKey $partitionKey -rowKey ([guid]::NewGuid().tostring()) -property @{"SubscriptionName" = "$subname"; "SubscriptionID" = "$subid"; "ResourceGroup" = "$rgname"; "ResourceID" = "$resourceID"; "computerName" = "$vmname"; "ostype" = "$ostype"; "CreatorID" = "$caller"; "PrivateIP" = "$IPconfig"; "Location" = "$Location"; "VMSize" = "$VMsize"; "Date" = "$Date"; "Time" = "$Time"}
}
}} }
else {"Call this via webhook only"}