List-SAPSystemInstances.ps1

<#PSScriptInfo

.DESCRIPTION Azure Automation runbook script to list SAP system instances with an SAP SID.

.VERSION 0.0.5

.GUID 3550f34f-4dfa-4a06-9007-13f3edd28774

.AUTHOR Goran Condric

.COMPANYNAME Microsoft

.COPYRIGHT (c) 2020 Microsoft . All rights reserved.

.TAGS Azure Automation SAP list SAP system instances Runbook

.LICENSEURI

.PROJECTURI

.ICONURI

.EXTERNALMODULEDEPENDENCIES

.REQUIREDSCRIPTS

.EXTERNALSCRIPTDEPENDENCIES

.RELEASENOTES
0.0.1: - Add initial version
0.0.4: - Support for using a system-assigned managed identity for an Azure Automation account, and multiple Azure subscriptions
0.0.5: - Update text message how to enable system identity

#>


#Requires -Module SAPAzurePowerShellModules

Param(
    
[Parameter(Mandatory=$True, HelpMessage="SAP System <SID>. 3 characters , starts with letter.")] 
[ValidateLength(3,3)]
[string] $SAPSID,

[Parameter(Mandatory=$false, HelpMessage="Subscription ID. If null, the current subscription of automation account is used instead.")] 
[ValidateLength(36,36)]
[string] $SubscriptionId

)

Write-WithTime "Make sure to enable appropriate RBAC permissions to the system identity of this automation account. Otherwise, the runbook may fail."

Write-Output ""
Write-Output "You can enable system identity on the Azure automation account:"
Write-Output "1. Go to: Azure automation acccount -> Identity -> System asigned -> Status -> <On>"
Write-Output "2. Go to: Azure automation acccount -> Identity -> System asigned -> Permissions -> Azure role assignments -> Add role assignment ->"
Write-Output "Scope: 'Subscription'"
Write-Output "Subscription: <Chose your Subscription>"
Write-Output "Role: 'Owner'"
Write-Output ""
Write-Output "More info on: https://docs.microsoft.com/en-us/azure/automation/enable-managed-identity-for-automation#assign-role-to-a-system-assigned-managed-identity "
Write-Output ""

# Connect to Azure with Automation Account system-assigned managed identity
Write-WithTime " Connecting to Azure with Automation Account system-assigned managed identity ...."
Write-Output ""

# Ensures you do not inherit an AzContext in your runbook
Disable-AzContextAutosave -Scope Process | out-null

try {
    # Connect to Azure with system-assigned managed identity
    $AzureContext = (Connect-AzAccount -Identity).context
}
catch{
    Write-Error "There is no system-assigned user identity. Aborting."; 
    Write-Error  $_.Exception.Message
    exit
}

if ($SubscriptionId){
    Write-Output "Using specified Subscription ID '$SubscriptionId'."
    $SubscriptionId = $SubscriptionId.trim()
    Select-AzSubscription -SubscriptionId $SubscriptionId -ErrorVariable -notPresent  -ErrorAction SilentlyContinue -Tenant $AzureContext.Tenant
}

# set and store context
$AzureContext = Set-AzContext -SubscriptionName $AzureContext.Subscription -DefaultProfile $AzureContext

$SAPSID = $SAPSID.Trim()

#Test if Tag 'SAPSystemSID' with value $SAPSID exist. If not exit
Test-AzSAPSIDTagExist -SAPSID $SAPSID

# Get SAP Appplication VMs
$SAPSIDApplicationVMs  = Get-AzSAPApplicationInstances -SAPSID $SAPSID

Write-Output ""

# List SAP Application layer VM
Write-Output ""
Write-WithTime "SAP Application layer VMs:"
Show-AzSAPSIDVMApplicationInstances -SAPVMs $SAPSIDApplicationVMs

# Get DBMS VMs
$SAPSIDDBMSVMs  = Get-AzSAPDBMSInstances -SAPSID $SAPSID

# List SAP DBMS layer VM(s)
Write-Output ""
Write-WithTime "SAP DBMS layer VM(s):"
Show-AzSAPSIDVMDBMSInstances -SAPVMs $SAPSIDDBMSVMs