Using in Azure automation runbook

[dafunkphenomenon]

Issue Description

Hi

I am trying to get this working in an Azure Automation but it constantly fails. Not sure if I'm missing something or it just doesn't work. I have been using the example provided in the documentation. WinSCP is installed from the modules gallery into my automation account. Thanks

Example

$credential = Get-AutomationPSCredential -Name "sftpcredentialz"

# Set the options to open the WinSCPSession with
$sessionOption = New-WinSCPSessionOption -HostName ftp-site.com -Protocol Sftp -Credential $credential

# Open the session using the SessionOptions object.
# New-WinSCPSession sets the PSDefaultParameterValue of the WinSCPSession parameter for all other cmdlets to this WinSCP.Session object.
# You can set it to a variable if you would like, but it is only necessary if you will have more then one session open at a time.
New-WinSCPSession -SessionOption $sessionOption


# Close and remove the session object.
Remove-WinSCPSession

Expected Output

I would expect to see a connection established and details of the connecttion

Actual Output

System.Management.Automation.MethodInvocationException: Exception calling "Open" with "1" argument(s): "This program is blocked by group policy. For more information, contact your system administrator" ---> System.ComponentModel.Win32Exception: This program is blocked by group policy. For more information, contact your system administrator
   at System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo)
   at WinSCP.ExeSessionProcess.InitializeChild()
   at WinSCP.ExeSessionProcess.Start()
   at WinSCP.Session.Open(SessionOptions sessionOptions)
   at CallSite.Target(Closure , CallSite , Object , SessionOptions )
   --- End of inner exception stack trace ---
   at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
   at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
Error: Cannot process command because of one or more missing mandatory parameters: WinSCPSession.

WinSCP-PowerShell Version

5.17.10.0

Environment

Azure Automation

[Chadwick13]

I got the same error and submitted a ticket to Azure support. They responded that the WinSCP module is being blocked in Azure Runbooks for security purposes. The workaround is to use a User Hybrid Runbook Worker, and they provided this Get Started link: https://docs.microsoft.com/en-us/azure/automation/automation-windows-hrw-install Our whole goal of using the runbooks was to not involve any of our servers in this SFTP processing, but it looks like the hybrid worker requires a server to host it. Rather than set up the hybrid worker, I just put my scripts directly on the server that would have hosted the hybrid worker.

[Skatterbrainz]

Same for me as of today, so no update/resolution, as far as I can tell. Same code works fine from a desktop (PS 5.1 or 7.3.1) but not within Azure runbooks (PS 5.1, 7.1 or 7.2). FWIW neither does Posh-SSH or even [system.net.webclient]. Seems like SFTP client side requires a full OS environment?

[tomohulk]

This sounds like the WinSCP module is not at fault for this issue, im going to go ahead and close this ticket.

[Skatterbrainz]

This is correct. We compiled a custom DLL using the WinSCP library to test in Azure and it was also blocked. Apparently Microsoft sees FTP components running in Automation Accounts as a security risk.