Headless automation with Azure PowerShell
When trying to manage your Auzre environment in an automated way it is very important to be able to do everything in a headless manner (no pop up windows or administrator interaction).
For this reason I was very excited to find "Non-interactive login support for Microsoft Organizational accounts" in the 0.8.6 release of the Azure PowerShell.
Here is a great article showing the three ways you can interact with your Azure accounts now:
- Add-AzureAccount - pops up and authentication window
- *NEW* Add-AzureAccount - username and password specified in the script
- Cert based with publisher settings file
How to check your version of Azure PowerShell module?
Cached accounts issue
I had been looking for a method to get headless automation to work and had tried several. In doing so I had put my machine into a weird state where I had a few accounts available when trying to do things like Get-AzureStorageAccount where it didn't know which credentials to use.
Get-AzureStorageAccount : Value cannot be null.
Parameter name: resourceAt S:\QA\Azure Scripts\playground.ps1:26 char:16
+ $storage = Get-AzureStorageAccount | where AffinityGroup -eq 'CMTestAffinity ...
+ CategoryInfo : NotSpecified: (:) [Get-AzureStorageAccount], AadAuthenticationFailedException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.Utilities.Common.Authentication.AadAuthenticat
It turned out that I had more than one set of credentials cached somewhere. Once I removed the offending set of credentials I found that everything started to work once again. Start by performing a get azure account to see which credentials you have in your powershell session.
Get-AzureAccount : http://msdn.microsoft.com/en-us/library/dn495234.aspx
Choose the account that you don't want in the way and run the remove azure account command.
Remove-AzureAccount -Name <account nmae> : http://msdn.microsoft.com/en-us/library/dn722529.aspx
Then confirm that you want the account removed. Performing the get azure account command again should show that you only have the appropriate account remaining.