PPL.AzUtils.psm1

#Requires -Modules Az.Accounts, Az.Automation, Az.Storage


$Script:PSModuleRoot = $PSScriptRoot
# Importing from [/home/vsts/work/1/s/PPL.AzUtils\Public]
# ./PPL.AzUtils/Public/Connect-AzAutomationConnectionAccount.ps1


function Connect-AzAutomationConnectionAccount {

    [CmdletBinding()]
    Param (

    )


    Process {
        $connectionName = "AzureRunAsConnection"
        try
        {
            # Get the connection "AzureRunAsConnection "
            $servicePrincipalConnection = Get-AutomationConnection -Name $connectionName
            Write-Information "Logging in to Azure..."
            Connect-AzAccount -Tenant $servicePrincipalConnection.TenantID `
                                    -ApplicationId $servicePrincipalConnection.ApplicationID   `
                                    -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint `
                                    -ServicePrincipal
            Write-Verbose "Logged in."
        }
        catch {
            if (!$servicePrincipalConnection)
            {
                $ErrorMessage = "Connection $connectionName not found. ${_.Exception}"
                throw $ErrorMessage
            } else{
                Write-Error -Message $_.Exception
                throw $_.Exception
            }
        }
    }

}

# ./PPL.AzUtils/Public/Enable-FrontDoorBackend.ps1

function Enable-FrontDoorBackend {


    [CmdletBinding()]
    param (
        [Parameter(ValueFromPipeline)]
        [Microsoft.Azure.Commands.FrontDoor.Models.PSFrontDoor] $Frontdoor,

        [Parameter (Mandatory = $true)]
        [string] $Pool,

        [Parameter (Mandatory = $true)]
        [string] $Backend
    )

    Process {
        $_backend = $Frontdoor | Get-FrontDoorBackend -Pool $Pool -Address $Backend
        $_backend.EnabledState = "Enabled"
    }
}

# ./PPL.AzUtils/Public/Get-FrontDoorBackend.ps1

function Get-FrontDoorBackend {


    [CmdletBinding()]
    [OutputType([Microsoft.Azure.Commands.FrontDoor.Models.PSBackend])]
    param (
        [Parameter(ValueFromPipeline)]
        [Microsoft.Azure.Commands.FrontDoor.Models.PSFrontDoor] $Frontdoor,

        [Parameter (Mandatory = $true)]
        [string] $Pool,

        [Parameter (Mandatory = $true)]
        [string] $Address
    )

    Process {
        $_address = $Address;
        $_pool = $Frontdoor | Get-FrontDoorBackendPool -Pool $Pool
        return ($_pool.Backends | Where-Object { $_.Address -eq $_address })[0]

    }



}

# ./PPL.AzUtils/Public/Get-FrontDoorBackendPool.ps1

function Get-FrontDoorBackendPool {


    [CmdletBinding()]
    param (
        [Parameter(ValueFromPipeline)]
        [Microsoft.Azure.Commands.FrontDoor.Models.PSFrontDoor] $Frontdoor,

        [Parameter (Mandatory = $true)]
        [string] $Pool
    )


    Process {
        $_pool = $Pool;
        return ($Frontdoor.BackendPools | Where-Object { $_.Name -eq $_pool })[0]
    }



}

# ./PPL.AzUtils/Public/Publish-PSModuleToAzAutomationAccount.ps1

<#
    .SYNOPSIS
    Publish a PowerShell module to an Azure Automation Account

    .DESCRIPTION
    Azure Automation can only import module from either the PowerShellGallery,
    or via a zip file fetched from a publically-accessible URL.

    This function takes a zip file containing a module and uploads it to an
    Azure Storage Blob, generates a short-lived SAS URL for accessing it and then
    passes this URL to the named AzureAutomation account so that it can import it.

    Once the module has been imported the storage blob will be deleted.

    .PARAMETER ModuleName
    Name of the module being published.

    .PARAMETER ModuleVersion
    Module version

    .PARAMETER ModuleZip
    Path to a zip file containing the module you wish to publish.

    .PARAMETER AutomationResourceGroup
    Name of the resource group containing your AutomationAccount.

    .PARAMETER AutomationAccount
    Name of the AutomationAccount to publish to.

    .PARAMETER StorageResourceGroup
    Name of the resource group containing the transfer storage account.

    .PARAMETER StorageAccount
    Name of the storage account to use for module transfer.

    .PARAMETER StorageContainer
    Name of the container in the storage account to use for module transfer.

    .PARAMETER DontCleanUpStorage
    Set this switch to *not* remove the transfer storage blob once transfer is complete.
    Useful for debugging issues.


#>

function Publish-PSModuleToAzAutomationAccount {

    [CmdletBinding()]
    Param (
        [Parameter (Mandatory = $true)]
        [string]  $ModuleName,

        [Parameter (Mandatory = $true)]
        [version] $ModuleVersion,

        [Parameter (Mandatory = $true)]
        [string]  $ModuleZip,

        [Parameter (Mandatory = $true)]
        [string]  $AutomationResourceGroup,

        [Parameter (Mandatory = $true)]
        [string]  $AutomationAccount,

        [Parameter (Mandatory = $true)]
        [string]  $StorageResourceGroup,

        [Parameter (Mandatory = $true)]
        [string]  $StorageAccount,

        [Parameter (Mandatory = $false)]
        [string]  $StorageContainer = "tmp",

        [Parameter (Mandatory = $false)]
        [switch]  $DontCleanUpStorage = $false

    )

    Process {


        Write-Output "Writing module to storage container"

        $storage = Get-AzStorageAccount `
            -ResourceGroupName $StorageResourceGroup    `
            -Name $StorageAccount

        $guid = New-Guid
        $blobName = "transfer-$($guid.ToString())"
        Write-Output "Uploading module [$ModuleName] as blob [$blobName]..."
        Set-AzStorageBlobContent            `
            -File $ModuleZip                `
            -Container $StorageContainer    `
            -Blob $blobName                 `
            -Context $storage.Context       `
            -Force


        Write-Output "Generating SAS token for resource blob..."
        $blobUrl = New-AzStorageBlobSASToken -FullUri       `
            -Context $storage.Context           `
            -Container $storageContainer        `
            -Blob $blobName                     `
            -Permission "r"                     `
            -Protocol "HttpsOnly"               `
            -ExpiryTime (Get-Date).AddMinutes(15)



        Write-Output "Checking if module [$ModuleName] is already present on automation account [$AutomationAccount]..."
        try
        {
            $module = Get-AzAutomationModule                `
                -Name $ModuleName                           `
                -ResourceGroupName $AutomationResourceGroup           `
                -AutomationAccountName $AutomationAccount   `

        }
        catch
        {
            $module = $null
        }


        if (!$module)
        {
            Write-Output "Module [$ModuleName] does not yet exist on automation account [$AutomationAccount], creating..."
            New-AzAutomationModule -Name $ModuleName        `
                -ContentLinkUri $blobUrl                    `
                -ResourceGroupName $AutomationResourceGroup           `
                -AutomationAccountName $AutomationAccount
        }
        else
        {
            Write-Output "Updating module [$ModuleName] on automation account [$AutomationAccount] to version [$ModuleVersion]..."
            Set-AzAutomationModule                          `
                -Name $ModuleName                           `
                -ContentLinkUri $blobUrl                    `
                -ContentLinkVersion $ModuleVersion          `
                -ResourceGroupName $AutomationResourceGroup           `
                -AutomationAccountName $AutomationAccount
        }


        Write-Output "Waiting for module [$ModuleName] to be imported..."
        $status = $null
        while ( $status -ne "Succeeded")
        {
            $module = Get-AzAutomationModule -Name $ModuleName -ResourceGroupName $AutomationResourceGroup -AutomationAccountName $AutomationAccount
            $status = $module.ProvisioningState
            if ($status -eq "Succeeded")
            {
                break;
            }
            Write-Verbose " ProvisioningState is [$status]. Waiting 2 seconds..."
            Start-Sleep -Seconds 2
        }


        if( ! $DontCleanUpStorage ) {
            Write-Output "Deleting transfer blob..."
            Remove-AzStorageBlob                `
                -Context $storage.Context       `
                -Container $StorageContainer    `
                -Blob $blobName                 `
                -Force -Verbose
        }

    }

}

# ./PPL.AzUtils/Public/Update-AzFrontDoorBackendEnabledState.ps1


function Update-AzFrontDoorBackendEnabledState {


    [CmdletBinding()]
    param (
        [Parameter (Mandatory = $true)]
        [string] $Subscription,

        [Parameter (Mandatory = $true)]
        [string] $ResourceGroup,

        [Parameter (Mandatory = $true)]
        [string] $FrontDoor,

        [Parameter (Mandatory = $true)]
        [string] $BackendPool,

        [Parameter (Mandatory = $true)]
        [string] $BackendAddress,

        [Parameter (Mandatory = $true)]
        [string] $EnabledState
    )


    Process {
        Set-AzContext -SubscriptionName $Subscription
        $_frontdoor = Get-AzFrontDoor -Name $FrontDoor -ResourceGroupName $ResourceGroup
        $_backend = $_frontdoor | Get-FrontDoorBackend -Pool $BackendPool -Address $BackendAddress
        $_backend.EnabledState = $EnabledState
        Set-AzFrontDoor -InputObject $_frontdoor
    }
}