On 30 September 2023, Azure Automation will retire Run As accounts, and completely move to Managed identities. All runbook executions using Run As accounts, including Classic Run As accounts would not be supported after this date. Moreover, starting 1 April 2023, creation of new Run As accounts in Azure Automation will not be possible. Renewing of certificates for existing RunAs accounts would be possible only till the end of support.
To ensure you are using a supported authentication method, you must migrate all your runbooks to Managed Identities.
Benefits of Managed identities
- Secure authentication to any Azure service that supports Azure AD authentication.
- Minimised management overhead with easy access to resources.
- No need of Certificate renewals as in case of Run As accounts.
- Simplified runbooks with no requirement to use multi-line code.
Take immediate action
- Review your Automation accounts, Runbooks, GitHub code samples to identify whether you are using Run As accounts. Remove all references to Run As accounts and make necessary changes to reflect Managed Identities only.
- If you have existing Azure Automation runbooks using Run As accounts, you must migrate them to Managed identities.
- If your Run As account certificate is expiring, it’s a good time to start using Managed identities for authentication instead of renewing the certificate.
- Do not create new Run As accounts, ensure to use Managed identities.
Resources
- Migrate from a Run As account to a managed identity | Microsoft Learn
- Azure Automation migration to managed identity FAQ | Microsoft Learn
If you have questions, ask community experts in Microsoft Q&A.
Updated Feb 23, 2023
Version 4.0Nikita_Bajaj
Microsoft
Joined June 30, 2022
Azure Governance and Management Blog
Follow this blog board to get notified when there's new activity