kalmstrom.com logotype
Home >Tips >PowerShell with SharePoint from Scratch >Run scheduled task from Azure kalmstrom.com site map icon Site map  

Run Scheduled Task from Azure

A PowerShell with SharePoint tutorial

PowerShell iconIn the previous article, Peter Kalmström explained how to use the Windows Task Scheduler to automatically run a PowerShell script. In the demo below, Peter will use a Microsoft Azure Function instead of the Task Scheduler.

The main benefit of running a script in Azure is that you don't have to maintain or update a virtual machine where the scripts run.

Note that you need to use a certificate that allows modifications to SharePoint without login, if you want to run a PowerShell script that connects to SharePoint automatically. In an earlier article, we described in detail how to create such an auto-connect certificate.

For the Azure certificate you need to add a certificate password parameter and perform some steps in Azure, but some of the steps are the same as when you create the auto-connect certificate.

Azure

The first step is to create a Function App, to contain the function and any other functions for the organization.
  1. Under Azure Services, click on Create a resource.
  2. Select to create a Function App.
  3. Select a hosting option.
  4. Give the app a name. A default Resource group will be created automatically.
  5. Set the Runtime stack to PowerShell Core.
  6. Set the Version to Powershell 7.4.
  7. Select Operating System.
  8. Click on Review + create.
  9. Change any defaults you prefer (Peter keeps them) and click on Create.

VS Code

You need to use a specific certificate to run a script from an Azure funtion. It is created in VS Code.
  1. Start a new script and import the PnP.PowerShell module.
  2. Create two string variables and their values: $URL = the path to a SharePoint site and $Tenant = the path to the tenant.
  3. Create two more string variables: $Cid (for app ID) and $Thumb (for thumbprint value). For now, they have no values.
  4. Enter a Connect-PnPOnline command with the four variables: 

    Connect-PnPOnline -Url $URL -Thumbprint $Thumb -Tenant $Tenant -ClientId $CId
  5. Create a Lists variable and give it the value Get-List
  6. Enter a Write-Host command with the Lists variable and the Count property.
  7. Create a secure string variable: 

    [securestring] $PWD = (ConvertTo-S[ecureString -String "pass@word1" -AsPlainText -Force)
  8. Enter the cmdlet New-PnPAzureCertificate with the parameters CommonName, OutPfx and OutCert.
  9. Add the CertificatePassword parameter with the value of the secure string variable: 

    New-PnPAzureCertificate -CommonName "kPNPAZFunc" -OutPfx "C:\Cert\kPNPAZFunc.pfx" -OutCert "C:\Cert\kPNPAZFunc.cer" -CertificatePassword $PWD
  10. Run the secure string variable and the New-PnPAzureCertificate command, to declare the variable and create the certificate files.
  11. Comment out the two commands, as they are no longer needed.
  12. Copy the Thumbprint ID from the Terminal and add it as the value of the Thumb variable.
To be able to test, you should now import the PFX file. Input a password for the certificate in the process.

Azure

  1. Go back to your Function App resource and open the Settings >Certificates.
  2. Open the Bring my own certificate tab.
  3. Click on Add certificate and upload the PFX file.
  4. Enter the certificate password and validate and add it.
  5. Copy the Function App's Thumbprint ID.
  6. Open Environmental variables from the left menu and click on +Add.
  7. Enter WEBSITE_LOAD_CERTIFICATES in the first field and paste the Thumbprint ID in the second field.

    Azure Function app settings
  8. Apply twice and confirm.

Microsoft Entra

  1. Open the App registrations in Microsoft Entra and click on New registration to allow access to SharePoint.
  2. Give the registration a name and register it.
  3. In the new regitration's API permissions, add a SharePoint permission.
  4. Select Application permissions and grant Full control.
  5. Grant Admin consent.
  6. Open Certificates & secrets and upload the CER file.
  7. Open the application's Overview page and copy the Client ID.

VS Code

  1. Go back to the script in VS Code and paste the Client ID as the CId variable value.
  2. Run the whole script and check that you get the correct output in the Terminal - the number of lists in the SharePoint site.
  3. Copy all code except the two lines that are commented out.

    Import-Module PnP.PowerShell
[string] $URL = "https://m365x61537192.sharepoint.com/sites/ScheduledPSImports"
[string] $Tenant = "m365x61537192.onmicrosoft.com"

[string] $CId = "fc66c6b2-f788-4382-a59d-681ccd762a91"
[string] $Thumb = "E535CDC30BDC0B1CF35B3DA5692DEA4EEC1C54DE"

Connect-PnPOnline -Url $URL -Thumbprint $Thumb  -Tenant $Tenant -ClientId $CId 
$Lists = Get-PnPList
write-host $Lists.Count

Azure

  1. From the Azure Function App Overview page, create a new function in the Azure portal.
  2. Select the Timer trigger option.
  3. Keep the default every 5 minutes or change the minutes number.
  4. The new function opens with a default script. Keep the timer parameter and remove the rest.
  5. Paste the code you copied from VS Code below the parameter and save the script.
  6. Go back to the Function App and open the App files page. Here, make two changes that only need to be made once, even if you have many functions:
    • In the profile.ps1 file, comment out the If statement (the only lines that are not commented out by default). Save.
    • In the requirements.psd1 file, add the line 'PnP.PowerShell' = '2.*’. This updates PowerShell to the latest version. Save.
  7. Go back to the function and click on Test/Run.
  8. Confirm that you want to Run and check that correct output (the number of lists) is displayed in the Terminal.

Now you can continue working with the script in VS Code and then paste the finished code into Azure. It is also possible to edit scripts in VS Code via Azure extensions.
back icon next icon
Products Buy FAQ Services Tips Books Contact About Us Tools

Security and integrity
Copyright  Kalmstrom Enterprises AB  All rights reserved