ARM deploymentScripts resource is GA

There is new resource in Azure called Microsoft.Resources/deploymentScripts ( which fills void of ability to run custom code as part of deployment where ARM code on it’s own is not sufficient.

In the background Azure creates ACI container for you with Managed Identity and Az CLI/Powershell tools so you can pretty much do anything your heart desired which you could have accomplished from command line.

Example which I run into and which was solved with new resource is ability to calculate future date with specific time where built-in time functions of ARM templates are insufficient.

Azure automation account softwareUpdateConfigurations resource requires scheduleInfo startTime property to be specified in future only which on it’s own not difficult to implement in just ARM date functions but impossible to set it to specific time of the day. (Say 10 AM EST which is required for recurrence of patching cycle). This is where sample use of deploymentScripts is shining since powershell can easily tackle this setup to calculate tomorrows day at specific time.

Example below adds startTime property to be tomorrows day at specific time as required by passing parameter to powershell script.

Template is below with highligted line referencing output of deploymentScripts providing information about next date/time.

         "type": "Microsoft.Automation/automationAccounts/softwareUpdateConfigurations",
         "apiVersion": "2017-05-15-preview",
         "copy": {
            "name": "deploymentScriptcopy",
            "count": "[length(parameters('other').schedule)]"
         "name": "[concat(parameters('management'), '/', parameters('other').schedule[copyIndex()].Name)]",
         "dependsOn": [
            "[resourceId('Microsoft.Automation/automationAccounts', parameters('management')]",
            "[concat('GetNextScheduledDate-script-', parameters('other').schedule[copyIndex()].Name)]"
         "properties": {
            "updateConfiguration": {
               "operatingSystem": "Windows",
               "windows": {
                  "includedUpdateClassifications": "Critical, Security, UpdateRollup, FeaturePack, ServicePack, Definition, Tools, Updates",
                  "rebootSetting": "IfRequired"
               "targets": {
                  "azureQueries": [
                        "scope": "[parameters('other').subscriptionList]",
                        "tagSettings": {
                           "tags": {
                              "patchgroup": [
                           "filterOperator": "All"
                        "locations": []
               "duration": "PT2H"
            "scheduleInfo": {
               "startTime": "[reference(concat('GetNextScheduledDate-script-', parameters('other').schedule[copyIndex()].Name)).outputs.text]",
               "expiryTime": "9999-12-31T17:59:00-06:00",
               "interval": 1,
               "frequency": "Month",
               "timeZone": "UTC",
               "advancedSchedule": {
                  "monthlyOccurrences": [
                        "occurrence": "[parameters('other').schedule[copyIndex()].weekNumber]",
                        "day": "[parameters('other').schedule[copyIndex()].weekDay]"

DeploymentScripts code is below which takes as a parameter Hour variable and returns next date at that specific hour via $DeploymentScriptOutputs['text'] variable

         "type": "Microsoft.Resources/deploymentScripts",
         "apiVersion": "2020-10-01",
         "copy": {
            "name": "deploymentScriptcopy",
            "count": "[length(parameters('other').schedule)]"
         "name": "[concat('GetNextScheduledDate-script-', parameters('other').schedule[copyIndex()].Name)]",
         "location": "[resourceGroup().location]",
         "kind": "AzurePowerShell",
         "properties": {
            "forceUpdateTag": "1",
            "azPowerShellVersion": "5.0",
            "scriptContent": "
             param (
                [Parameter(Mandatory = $true)]
             $output = (Get-Date -Hour $Hour -Minute 0 -Second 0).AddDays(1)
             $DeploymentScriptOutputs = @{}
             $DeploymentScriptOutputs['text'] = $output
            "arguments": "[concat(' -Hour ', parameters('other').schedule[copyIndex()].Hour)]",
            "timeout": "PT1H",
            "cleanupPreference": "OnSuccess",
            "retentionInterval": "P1D"

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s