Publishing & Sharing Automation Tasks
Publishing automation tasks enables self-service automation by making tasks available to end users without requiring Operator privileges. This guide explains how to publish tasks, configure role-based access, and manage published tasks in AZExecute.
What is Task Publishing?
Publishing an automation task makes it available in a user-friendly interface where authorized users can execute it with minimal technical knowledge. Published tasks appear in a dedicated section with simplified execution options, hiding the complexity of the underlying automation steps.
Publishing a Task
To publish an automation task, you need Operator privileges or higher. Follow these steps:
Step 1: Open the Task Configuration
Navigate to the automation task you want to publish and open its configuration page.
Step 2: Click the Publish Button
In the task configuration toolbar (usually on the Steps tab), click the Publish button.
Step 3: Configure Publishing Settings
The publishing dialog allows you to configure how the task appears to end users:
Published Title:
A user-friendly title that appears in the published tasks list. This should clearly describe what the task does (e.g., "Restart Application Services", "Deploy Certificate to Web Servers").
Published Description:
Detailed description explaining what the task does, what parameters are required, and any prerequisites or warnings users should know about.
Required Role:
The minimum role required to execute this task. Options include:
• User - All authenticated users can execute
• Operator - Only Operators and TenantAdmins can execute
• TenantAdmin - Only TenantAdmins can execute
• None - All authenticated users (same as User)
Step 4: Confirm Publication
Review the publishing settings and click Publish to make the task available to users. A confirmation dialog will appear showing who will have access to the task.
Un-Publishing a Task
To remove a task from the published tasks list:
1. Navigate to the task configuration page
2. Click the Un-Publish button (appears where the Publish button was)
3. Confirm that you want to un-publish the task
How Users Execute Published Tasks
When users access AZExecute, they see a simplified interface showing only the published tasks they're authorized to execute.
Published Tasks List
Users navigate to the Published Tasks section where they see a card-based interface showing available tasks:
• Each task displays its Published Title and Description
• Tasks are grouped or filterable by category
• An Execute button allows users to run the task
Executing a Published Task
When a user clicks Execute, they see a simplified dialog:
1. If the task has custom parameters, users are prompted to provide values
2. The dialog shows clear labels and help text from the parameter definitions
3. Mandatory parameters are clearly marked
4. After providing parameters, users click Execute to start the task
5. Users see a progress indicator and can view the execution status
Role-Based Access Control
The Published Role setting determines which users can see and execute a published task:
User Role (Most Permissive)
Any authenticated user in your tenant can execute the task. Use this for safe, low-risk operations that all users should be able to perform.
Example Use Cases:
• Restart personal development environments
• Request resource provisioning (with approval workflows)
• Run read-only reports or health checks
Operator Role
Only users with Operator or TenantAdmin roles can execute the task. Use this for operations that require elevated privileges or technical knowledge.
Example Use Cases:
• Deploy applications to staging environments
• Perform database maintenance tasks
• Restart shared services
TenantAdmin Role (Most Restrictive)
Only TenantAdmins can execute the task. Use this for critical or sensitive operations that should be tightly controlled.
Example Use Cases:
• Production deployments
• Security configuration changes
• Disaster recovery procedures
Managing Published Tasks
As an Operator or TenantAdmin, you can manage published tasks from the Automation Tasks list:
View Publication Status:
Published tasks are marked with a badge or icon in the tasks list, making it easy to identify which tasks are available to users.
Update Published Settings:
You can change the Published Title, Description, or Required Role at any time by clicking Publish again. Changes take effect immediately.
Monitor Usage:
The execution history shows all runs of a published task, including who executed it. This provides an audit trail for self-service operations.
Best Practices for Publishing
Write Clear Descriptions:
Published descriptions should explain in plain language what the task does, what it affects, and any important warnings. Remember, users executing published tasks may not have technical backgrounds.
Use User-Friendly Titles:
Avoid technical jargon in titles. Instead of "Execute IIS AppPool Recycle RunbookJob", use "Restart Web Application".
Configure Parameters Carefully:
Ensure all custom parameters have clear titles and helpful descriptions. Use dropdowns instead of text fields when possible to prevent user errors.
Set Appropriate Role Restrictions:
Be conservative with role assignments. Start with more restrictive roles and loosen them only after confirming the task is safe for broader use.
Test Before Publishing:
Always test a task thoroughly as an Operator before publishing it to users. Ensure error handling works correctly and error messages are user-friendly.
Include Validation in Tasks:
Add validation steps at the beginning of tasks to check prerequisites and fail fast with clear messages if requirements aren't met.
Document Parameter Requirements:
In the published description, explain what values are expected for parameters, including examples or valid value ranges.
Monitor and Review:
Regularly review execution history for published tasks to identify issues, common errors, or opportunities to improve the task or its documentation.
Security Considerations
Validate All User Input:
Scripts should validate parameter values to prevent injection attacks or unintended behavior. Don't trust user input, even from authenticated users.
Limit Task Scope:
Design published tasks to perform specific, limited operations. Avoid creating "Swiss Army knife" tasks that can be misused.
Use Least Privilege:
Ensure automation accounts and service accounts used by tasks have only the minimum permissions required.
Audit Task Executions:
Regularly review who is executing published tasks and what parameters they're providing. Execution history provides a complete audit trail.
Protect Sensitive Operations:
For tasks that modify production systems or access sensitive data, use TenantAdmin role restrictions and consider adding approval workflows.
Updating Published Tasks
When you modify a published task (adding steps, changing parameters, etc.), the changes immediately affect future executions:
• Changes to steps take effect immediately for all future executions
• Adding new mandatory parameters requires users to provide values on next execution
• Removing parameters that users previously provided will not cause errors (they're simply ignored)
• Changing the Published Title or Description updates the user interface immediately
If you encounter any issues or need further assistance, please contact us at
info@azexecute.com. Our support team is here to help you.