Explore hybrid management
The Hybrid Runbook Worker feature of Azure Automation allows you to run runbooks that manage local resources in your private data center on machines located in your data center. Azure Automation stores and manages the runbooks and then delivers them to one or more on-premises machines.
The Hybrid Runbook Worker functionality is presented in the following graphic:
Hybrid Runbook Worker workflow and characteristics
The following are characteristics of the Hybrid Runbook Worker workflow:
- Worker selection: You can select one or more computers in your data center to act as a Hybrid Runbook Worker and then run runbooks from Azure Automation.
- Worker groups: Each Hybrid Runbook Worker is a member of a Hybrid Runbook Worker group, which you specify when you install the agent.
- High availability: A group can include a single agent, but you can install multiple agents in a group for high availability.
- Firewall requirements: There are no inbound firewall requirements to support Hybrid Runbook Workers, only Transmission Control Protocol (TCP) 443 is required for outbound internet access.
- Agent communication: The agent on the local computer starts all communication with Azure Automation in the cloud.
- Runbook execution: When a runbook is started, Azure Automation creates an instruction that the agent retrieves. The agent then pulls down the runbook and any parameters before running it.
Configuring Hybrid Runbook Workers with DSC
To configure your on-premises servers that support the Hybrid Runbook Worker role with DSC, you must add them as DSC nodes. For more information about onboarding them for management with DSC, see Onboarding machines for management by Azure Automation State Configuration.
Additional resources
For more information on installing and removing Hybrid Runbook Workers and groups, see: