Translations: "Dutch" |

Invoke Scripts on Multiple Azure VMs

Jan 8, 2025 Azure PowerShell DevOps IaaS
Share on:

Need to quickly run a script on multiple Azure VMs? This guide walks you through the process of creating and executing PowerShell scripts across multiple Azure virtual machines using the AzVMRunCommand feature.

Before getting started, ensure you have:

  • PowerShell Az modules installed
  • Active Azure authentication
  • Appropriate permissions to access and modify target VMs

In this guide, we'll walk through a practical example of creating local Windows accounts across multiple Azure VMs. We'll break down the implementation into two main components:

This script runs directly on each target VM to create the local user account:

 1$Password = ConvertTo-SecureString "<your password here or even better, use an input parm" -AsPlainText -Force
 2$UserParams = @{
 3    Name = "<your username here>"
 4    Password = $Password
 5    FullName = "<Full name>"
 6    Description = "Local user account created via PowerShell"
 7    PasswordNeverExpires = $true
 8    UserMayNotChangePassword = $false
 9}
10
11try {
12    New-LocalUser @UserParams
13    Write-Host "User account 'inspark' created successfully!"
14    Add-LocalGroupMember -Group "Administrators" -Member "inspark"
15    Write-Host "User 'inspark' added to Administrators group"
16} catch {
17    Write-Error "Failed to create user account: $_" 
18}
19
20Get-LocalUser -Name $UserParams.Name | Select-Object Name, Enabled, PasswordExpires, LastLogon
powershell

This script handles the deployment of our local account creation script across multiple VMs:

 1# Filter VMs based on tags
 2$vms = Get-AzVM | Where-Object { 
 3    $_.Tags -and 
 4    $_.Tags["Tag key"] -eq "Tag value" 
 5}
 6
 7# Execute script on each VM
 8foreach($vm in $vms) {
 9    Write-Host "Creating local admin user on VM: $($vm.name)"
10    try {
11        Set-AzVMRunCommand `
12         -ResourceGroupName $vm.resourceGroupName `
13        -VMName $vm.name `
14        -Location $vm.location `
15        -RunCommandName "RunCommandName" `
16        SourceScript $script
17    }
18    catch {
19        Write-Error "Failed to execute script on VM $($vm.name): $_"
20    }
21    
22    # Verify execution status
23    Try {
24        $result = Get-AzVMRunCommand `
25        -ResourceGroupName $vm.resourceGroupName `
26        -VMName $vm.name `
27        -RunCommandName "RunCommandName" `
28        -Expand InstanceView
29    }
30    catch {
31        Write-Error "Failed to get script execution status on VM $($vm.name): $_"
32    }
33    Write-Host "Script execution status on VM $($vm.name)"
34    $result.InstanceView
35}
powershell

Here's the complete script that combines both components:

 1# Define the script to be executed on VMs using here-string
 2$script = @'
 3$Password = ConvertTo-SecureString "<your password here or even better, use an input parm" -AsPlainText -Force
 4$UserParams = @{
 5    Name = "<your username here>"
 6    Password = $Password
 7    FullName = "<Full name>"
 8    Description = "Local user account created via PowerShell"
 9    PasswordNeverExpires = $true
10    UserMayNotChangePassword = $false
11}
12
13try {
14    New-LocalUser @UserParams
15    Write-Host "User account 'inspark' created successfully!"
16    Add-LocalGroupMember -Group "Administrators" -Member "inspark"
17    Write-Host "User 'inspark' added to Administrators group"
18} catch {
19    Write-Error "Failed to create user account: $_" 
20}
21
22Get-LocalUser -Name $UserParams.Name | Select-Object Name, Enabled, PasswordExpires, LastLogon
23'@
24
25# Load and filter VMs
26$vms = Get-AzVM | Where-Object { 
27    $_.Tags -and 
28    $_.Tags["Tag key"] -eq "Tag value" 
29}
30
31# Execute on each VM
32foreach($vm in $vms) {
33    Write-Host "Creating local admin user on VM: $($vm.name)"
34    try {
35        Set-AzVMRunCommand `
36         -ResourceGroupName $vm.resourceGroupName `
37        -VMName $vm.name `
38        -Location $vm.location `
39        -RunCommandName "RunCommandName" `
40        SourceScript $script
41    }
42    catch {
43        Write-Error "Failed to execute script on VM $($vm.name): $_"
44    }
45    Try {
46        $result = Get-AzVMRunCommand `
47        -ResourceGroupName $vm.resourceGroupName `
48        -VMName $vm.name `
49        -RunCommandName "RunCommandName" `
50        -Expand InstanceView
51    }
52    catch {
53        Write-Error "Failed to get script execution status on VM $($vm.name): $_"
54    }
55    Write-Host "Script execution status on VM $($vm.name)"
56    $result.InstanceView
57}
powershell
  1. Tag-gebaseerd Filteren: Selecteer specifieke VMs met behulp van Azure-tags
  2. AzVMRunCommand: Voer PowerShell scripts uit vanaf jouw systeem op Azure virtual machines
  3. Here-string: Gebruik here-string om een inline script in jouw script te laden
  • Always use secure password management practices
  • Consider using Azure Key Vault for credential storage
  • Implement proper access controls for the automation account
  • Regularly audit and review local administrator accounts

Reactions

Cookies.

By using this website, you automatically accept that we use cookies. What for?

Understood