Setup an on-prem Run As Account for Azure Automation Hybrid Worker

When using a Hybrid Worker by default Azure Automation will run as the machine context. This is fine until you start trying to do things like make changes in Active Directory or other services that require a login other than the machine. This is fairly easy to setup and assumes that you’ve already setup a Credential Asset in Azure Automation, if you have not there are plenty of resources out there, its very straight forward on how to do that.

In the Azure Automation Portal select Hybrid Worker Groups. Then select the Hybrid Worker you want to add the credential too.

Then select Hybrid Workers under Details, then Hybrid worker group settings. And finally select Custom and select your Credentials.

Now any runbooks that you select to run on your hybrid worker will run as that credential. Event # 5532 in the Event Viewer -> Microsoft-SMA -> Operational log will show you what account a runbook was run as.