How do I invoke Azure runbooks with a webhook?

One of the greatest things about running applications in the cloud is ease of automation.

Take the Azure Automation service as an example. It allows users to automate tasks in the cloud without requiring any infrastructure. For example, instead of using a virtual machine to kick off a script on a regular basis using a scheduled task, administrators can create Azure runbooks in the cloud that contain all of the logic to automate a process.

Azure runbooks are built with PowerShell scripts or workflows. Admins can configure them to run on a regular basis, but can also invoke them remotely though a webhook. Allowing administrators or developers to kick-off a runbook through a webhook opens the doors to some interesting capabilities.

Allowing administrators or developers to kick-off a runbook through a webhook opens the doors to some interesting capabilities.

A webhook is basically an API that can be called from anywhere. For example, when you create a webhook for a particular runbook, it generates a unique HTTP endpoint. External systems or applications can send an HTTP post to this endpoint to trigger the runbook. These external systems could be custom applications or external services, such as Visual Studio Team Services or GitHub.

Since a webhook is called over HTTP, there are no special decencies for client-side software or tools. Any device running any operating system with internet access can get the job done. Administrators can invoke webhooks with simple command-line tools like curl or PowerShell.

Users can also provide input to Azure runbooks when calling a webhook. For example, if the runbook is configured to use input parameters, the caller can send the values for those parameters in the HTTP request body in the form of structured JSON or XML.

Keep in mind that webhooks are invoked over the public internet and there is no authentication system in place. However, users need to provide a token along with the HTTP request, which provides a basic security mechanism. In practice, users should include additional functionality within the runbook to authenticate the request, or avoid using webhooks for processes that require strict security and authentication.