No certificate was found in the certificate store with thumbprint You receive one of the following errors when you work with the Connect-AzAccount cmdlet: Unknown_user_type: Unknown User Type Scenario: Sign-in to Azure account failed Issue ResolutionĮnsure that your Run As account has permissions to access any resources used in your script. Run As accounts might not have the same permissions against Azure resources as your current Automation account. Your runbook fails with a No permission or Forbidden 403 error, or equivalent. Scenario: Runbook fails with a No permission or Forbidden 403 error Issue With an enabled firewall, access can only be made by using a Hybrid Runbook Worker and a virtual network service endpoint. Access will be blocked even when the firewall exception to allow trusted Microsoft services is enabled, as Automation is not a part of the trusted services list. ResolutionĮnabling the Azure Firewall on Azure Storage, Azure Key Vault, or Azure SQL blocks access from Azure Automation runbooks for those services. The Azure Firewall on Azure Storage is enabled. HTTP Status Code: 403 - HTTP Error Message: This request is not authorized to perform this operation. IssueĪttempting to access Azure Storage from a Runbook results in an error similar to the following message: The remote server returned an error: (403) Forbidden. This scenario uses Azure Storage as an example however, the information is equally applicable to Azure Key Vault and Azure SQL. Scenario: Access blocked to Azure Storage, or Azure Key Vault, or Azure SQL If you're running your runbooks on a Hybrid Runbook Worker instead of in Azure Automation, you might need to troubleshoot the hybrid worker itself. Handle any exceptions that are thrown by your job.ĭo this step if the runbook job or the environment on Hybrid Runbook Worker doesn't respond.Add additional output to the runbook to identify what happens before the runbook is suspended.Check job statuses to determine current runbook statuses and some possible causes of the issue.Renew the webhook if you're trying to use an expired webhook to start the runbook.Renew the certificate if the Run As account has expired.If your runbook is suspended or unexpectedly fails: For more troubleshooting information, see Troubleshoot modules.
Update your PowerShell modules to the latest version by following the instructions in Update Azure PowerShell modules in Azure Automation. If your runbook imports any modules, verify that they're available to your Automation account by using the steps in Import modules. Look at these streams for specific messages, and compare them to the errors documented in this article.Įnsure that your nodes and Automation workspace have the required modules. Running your script locally can discover and resolve common errors, such as: When you receive errors during runbook execution in Azure Automation, you can use the following steps to help diagnose the issues:Įnsure that your runbook script executes successfully on your local machine.įor language reference and learning modules, see the PowerShell Docs or Python Docs. For general information, see Runbook execution in Azure Automation.
This article describes runbook issues that might occur and how to resolve them.