In this post, I would like to demonstrate the following using an Azure Function App and Logic App.
Function App:
Use the Az.Compute module to execute Get-AzVM to get the list of virtual machines and store it in an array
- Loop through the virtual machines and retrieve the name, resource group, location, vmsize, and os type
- Retrieve the VM status
- Store all fields in an array
- Create an HTML header, body
- Convert data into HTML format
- Return a HTML formatted email for delivery
- The Function App will use a System Assigned Managed Identity for authentication and authorization
Logic App:
- Set up a recurring Logic App that runs everyday
- Executes the Function App to retrieve the HTML formatted email report
- Send an email with the HTML formatted email report
Step #1 – Create a Function App that will retrieve the list of Virtual Machines, generate and return an HTML email report
Begin by creating a Function App that will retrieve Cylance Device List and return it in HTML format. This Function App collects the data that will in turn be call by a Logic App to generate an email and send the report off to an email address.
Proceed to create a Function App with the following parameters:
Publish: Code
Runtime stack: PowerShell Core
Version: 7.2
Operating System: Windows
Configure the rest of the parameters as required by the environment.
With the Function App created, proceed to create the function trigger:
Select HTTP trigger as the template and provide a meaningful name:
With the trigger created, navigate to Code + Test and paste the following code into run.ps1:
https://github.com/terenceluk/Azure/blob/main/Function%20App/Get-AzureVMs.ps1
The following are changes you’ll need to apply to the code:
The client name:
Save the Function App and navigate back out to the Function App > App files, switch to the requirements.psd1, then add the following line to load the Az.Compute module, which will allow Get-AzVM to be executed:
'Az.Compute' = '5.*'
Save the file and navigate to the Identity blade then turn on the System assigned identity:
Once the system assigned managed identity is created, you should see the Function App created in the Enterprise applications:
Click on Azure role assignments while still in the Identity blade of the Function App:
Configure Reader permissions on the subscription containing the VMs:
With the Reader role granted, navigate back to the Function App and execute the Test/Run feature with HTTP method POST and without any body submitted:
You should see a HTTP response code 200 OK with the contents of your report displayed:
Step #2 – Create a Logic App that is scheduled to run every day to call the Azure Function App to retrieve the device list report and then send an email report out
With the Azure Function App created and tested, proceed to create the Logic App that will be scheduled to run every day to call the Azure Function App to retrieve the device list report and then send an email report out.
Navigate to the Logic app designer blade and begin to configure the steps for the Logic App. The following are the steps we’ll be configuring:
The first is the Recurrence step that will schedule this logic app to run at 9:00a.m. EST every day:
Create an additional step by clicking on the + button, select Add an action then type in Function, select the Function that was created:
We won’t need to pass a parameter so leave it unconfigured:
Proceed to create two additional steps:
- Initialize variable
- Set variable
These two steps will place the retrieved HTML report into the body of the email:
Initialize variable
Name: EmailBody
Type: String
Value: <leave blank>
Set variable
Name: EmailBody
Value: Select the Body
Configure the last step as Send an email (V2) that will email this report to the email address required:
Save the logic app and proceed to use the Run Trigger feature to execute the Logic App and confirm that the report is generated and sent:
One of the steps I did not include in this post is to secure the Function App to require authentication so allow the Logic App can execute it. Please see one of my previous posts for the steps:
Securing Azure Function App to require authentication and granting access to a Logic Apps’ Managed Identity
http://terenceluk.blogspot.com/2022/09/securing-azure-function-app-to-require.html
I hope this helps anyone who may be looking for instructions on how to configure automated reports with virtual machine details.
No comments:
Post a Comment