In some scenarios it is not possible to generate a ServicePrincipal for automation in Azure, although this is the recommended way. In this case, credentials can also be stored and used in Azure Automation. In the following I used the scripts for Start-AzureV2VMs and Stop-AzureV2VMs and modified them a bit. They

  • now use credentials
  • a TenantID and SubscriptionID are additionally required
  • the script finds and uses a specific VM or all VMs of a resource group or all VMs of a subscription.

The scripts can be downloaded in my GitHub-Account:

The decisive lines for authentication with credentials are defined in the script in line 20 – 28:

param (
    [String]  $TenantId,
    [String]  $SubscriptionId,

    [String]  $AzureCredentialName,

    [String] $ResourceGroupName,

    [String] $VMName

try {
	$Cred = Get-AutomationPSCredential -Name $AzureCredentialName
	$userName = $Cred.UserName
	$securePassword = $Cred.Password
	Write-Output "using user $userName"
	$PsCred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $userName, $securePassword
	Write-Output $myPsCred
	Write-Output "try to connect..."
    Connect-AzAccount -TenantId $TenantId -Subscription $SubscriptionId -Credential $PsCred
    Write-Output "connection succeeded"
    #Write-Output "set subscrioption..."
    #Set-AzContext -SubscriptionId $SubscriptionId -TenantId $TenantId
catch {
	Write-Error $_.Exception
    throw $_.Exception

The user name and password are read out, converted into a PSCredential object and then applied to the Connect-AzAccount.

So it is really easy to change the authentication or add some parameters for personal needs, even in existing scripts.