What's new in Azure Automation?
Azure Automation receives improvements on an ongoing basis. To stay up to date with the most recent developments, this article provides you with information about:
- The latest releases
- New features
- Improvements to existing features
- Known issues
- Bug fixes
This page is updated monthly, so revisit it regularly. If you're looking for items older than six months, you can find them in Archive for What's new in Azure Automation.
April 2024
Changes in Process Automation subscription and service limits and quotas
Find the changes in Azure Automation limits and quotas here. These changes are aimed towards improving the reliability and performance of the service by ensuring fair access to cloud resources for all users. We recommend to use other regions or other subscriptions within the same Azure geography to create more Automation accounts.
February 2024
New version of Start/Stop VMs
Start/Stop VM during off-hours, version 1 is deprecated and unavailable in the marketplace now and we recommend that you start using version 2, which is now generally available. The new version of Start/Stop VMs v2 provides a decentralized low-cost automation option for customers who want to optimize their VM costs. It offers all of the same functionality as the original version that was available with Azure Automation. Learn more.
December 2023
Restore deleted Automation runbooks
Type: New change
You can now restore Runbooks deleted in the past 29 days. Learn more
October 2023
Retirement of Run As accounts
Type: Retirement
Azure Automation Run As Accounts, including Classic Run as accounts have retired on 30 September 2023 and replaced with Managed Identities. You would no longer be able to create or renew Run as accounts through the Azure portal. For more information, see migrating from an existing Run As accounts to managed identity.
May 2023
General Availability: Python 3.8 runbooks
Azure Automation announces General Availability of Python 3.8 runbooks. Learn more about Azure Automation Runbooks and Python packages.
March 2023
Retirement of Azure Automation Agent-based User Hybrid Runbook Worker
Type: Plan for change
On 31 August 2024, Azure Automation will retire Agent-based User Hybrid Runbook Worker (Windows and Linux). You must migrate all Agent-based User Hybrid Workers to Extension-based User Hybrid Runbook Worker (Windows and Linux) before the deprecation date. Moreover, starting 1 November 2023, creating new Agent-based User Hybrid Runbook Worker will not be possible. Learn more.
November 2022
General Availability: Azure Automation User Hybrid Runbook Worker Extension
User Hybrid Worker enables execution of the scripts directly on the machines for managing guest workloads or as a gateway to environments that are not accessible from Azure. Azure Automation announces General Availability of User Hybrid Worker extension, that is based on Virtual Machine extensions framework and provides a seamless and integrated installation experience. It is supported for Windows & Linux Azure VMs and Azure Arc-enabled Servers.
September 2022
Availability zones support for Azure Automation
Azure Automation now supports Azure availability zones to provide improved resiliency and reliability by providing high availability to the service, runbooks, and other Automation assets. Learn more.
July 2022
Support for Run As accounts
Type: Plan for change
Azure Automation Run As Account will retire on September 30, 2023 and will be replaced with Managed Identities.Before that date, you'll need to start migrating your runbooks to use managed identities. For more information, see migrating from an existing Run As accounts to managed identity to start migrating the runbooks from Run As account to managed identities before 30 September 2023.
March 2022
Forward diagnostic audit data to Azure Monitor logs
Type: New feature
Azure Automation can send diagnostic audit logs in addition to runbook job status and job streams to your Log Analytics workspace. Read here for more information.
February 2022
Permissions change in the built-in Reader role for the Automation Account.
Type: New change
To strengthen the overall Azure Automation security posture, the built-in RBAC Reader role would not have access to Automation account keys through the API call - GET /automationAccounts/agentRegistrationInformation. Read here for more information.
Restore deleted Automation Accounts
Type: New change
Users can now restore an Automation account deleted within 30 days. Read here for more information.
December 2021
New scripts added for Azure VM management based on Azure Monitor Alert
Type: New feature
New scripts are added to the Azure Automation GitHub organization to address one of Azure Automation's key scenarios of VM management based on Azure Monitor alert. For more information, see Trigger runbook from Azure alert.
- Stop-Azure-VM-On-Alert
- Restart-Azure-VM-On-Alert
- Delete-Azure-VM-On-Alert
- ScaleDown-Azure-VM-On-Alert
- ScaleUp-Azure-VM-On-Alert
November 2021
General Availability of Managed Identity for Azure Automation
Type: New feature
Azure Automation now supports Managed Identities in Azure operated by 21Vianet. System Assigned Managed Identities is supported for cloud as well as hybrid jobs, while User Assigned Managed Identities is supported only for cloud jobs. Read the announcement for more information.
Preview support for PowerShell 7.1
Type: New feature
Azure Automation support for PowerShell 7.1 runbooks is available as public preview in Azure operated by 21Vianet clouds. Read the announcement for more information.
October 2021
Preview support for Hybrid Runbook Worker extension for Azure VMs
Type: New feature
Azure Automation released native integration of User Hybrid Runbook Worker for Azure VMs.
Preview support for Azure Active Directory authentication
Type: New feature
Azure Automation added a critical security feature with Azure AD authentication support for all Automation service public endpoints. The feature has been implemented through Hybrid Runbook Worker extension support for Azure VMs.
This removes the dependency on certificates and enables you to meet your stringent audit and compliance requirements by not using local authentication methods.
Source control enabled to use managed identities
Type: New feature
Source control integration in Azure Automation can now use managed identities instead of a Run As account. For more information, see source control integration prerequisites.
September
Support for Az modules by default
Type: New Feature
Azure Automation now supports Az modules by default. New Automation accounts created include the latest version of Az modules - 6.4.0 by default. Automation also includes an option in the Azure portal - Update Az Modules enabling you to update Az modules in your existing Automation accounts. Read the announcement for more information.
August 2021
Azure Policy Guest Configuration
Type: Plan for change
Customers should evaluate and plan for migration from Azure Automation State Configuration to Azure Policy guest configuration. For more information, see Azure Policy guest configuration.
July 2021
Preview support for user-assigned managed identity
Type: New feature
Azure Automation now supports user-assigned Managed Identities for cloud jobs in Azure operated by 21Vianet regions. Read the announcement for more information.
General Availability of customer-managed keys for Azure Automation
Type: New feature
Customers can manage and secure encryption of Azure Automation assets using their own managed keys. With the introduction of customer-managed keys, you can supplement default encryption with an extra encryption layer using keys that you create and manage in Azure Key Vault. This additional level of encryption should help you meet your organization's regulatory or compliance needs.
For more information, see Use of customer-managed keys.
June 2021
Security update for Log Analytics Contributor role
Type: Plan for change
We intend to remove the Automation account rights from the Log Analytics Contributor role. Currently, the built-in Log Analytics Contributor role can escalate privileges to the subscription Contributor role. Since Automation account Run As accounts are initially configured with Contributor rights on the subscription, it can be used by an attacker to create new runbooks and execute code as a Contributor on the subscription.
As a result of this security risk, we recommend you don't use the Log Analytics Contributor role to execute Automation jobs. Instead, create the Azure Automation Contributor custom role and use it for actions related to the Automation account.