Automate AVD ARM template deployment with inline parameters.
Hello all, We use persistent desktops in AVD, and currently I have created custom templates, which customize the gallery image as per our requirements (Using custom script extensions) it works well in production. Just by selecting few parameters you get the machines spin-up. the parameters are as below. 1. SAS tokens 2. VMinitial number 3. VM instance number 4. hostpool token. These are currently generating this parameters and spining up the machines. Now, that approach I wanted is to automatically deploys the template, when the unassigned machine count in hostpool is less than a specific number. So, started working on powershell stuff to get the above parameters and configured in runbook. The plan is to schedule a runbook that checks if the unassigned machine count is lesser, it should using the custom template and generate it's parameters and deploy the machines. Overall story is above- now time for question. What are the ways we can pass the inline parameters which creates by powershell in runbook to ARM template? Logic apps? I am finding difficulties in passing the parameters to the custom template. Please let me know the best way or a document that can help me to setup this kind of. Thanks in advance 🙂 @ciraltos #Azure, #ARM #template.
How to assign policies by updating ARM template?
Hello all! I need to assign policies to my subscription for it to be compliant. How will I be able to assign the policies by updating the ARM template of the subscription? Also, I found out a way to assign policies through azure portal, will the policies assigned through portal will be also included in the ARM template? Where can I find and edit the ARM template for my subscription? And how will I deploy it? Thank you in advance!
assign an logic apps system assigned managed identity to a role with terraform and arm template
Hi there, i am trying to assign an logic apps system assigned managed identity to a role for starting/stopping a virtual machine. i use terraform to deploy the logic app template like this: resource "azurerm_template_deployment" "myterraformscheduledvmdown" { name = "scheduledvmdown" resource_group_name = "j14t23resources" template_body = <<DEPLOY { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { }, "variables": { }, "resources": [ { "type": "Microsoft.Logic/workflows", "apiVersion": "2019-05-01", "name": "scheduledvmdown", "location": "westus2", "identity": { "type": "SystemAssigned" }, "properties": .... } } ], "outputs": { "appid": { "type": "string", "value": "[reference(resourceId('Microsoft.Logic/workflows/', 'scheduledvmdown'), '2019-05-01', 'Full').Identity.tenantId]" } } } DEPLOY parameters = { } deployment_mode = "Incremental" } output "appid" { value = "${lookup(azurerm_template_deployment.myterraformscheduledvmdown.outputs, "appid")}" } resource "azurerm_role_assignment" "scheduletovmdown" { scope = azurerm_linux_virtual_machine.myterraformvm.id role_definition_name = "Virtual Machine Contributor" principal_id = azurerm_template_deployment.myterraformscheduledvmdown.outputs["appid"] } i get the following error message while trying to deploy: Error: authorization.RoleAssignmentsClient#Create: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="PrincipalNotFound" Message="Principal xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx does not exist in the directory xxxxx-x-x-x-xxxx." my assumption is, that i do not get the right id with the templates Output: "[reference(resourceId('Microsoft.Logic/workflows/', 'scheduledvmdown'), '2019-05-01', 'Full').Identity.tenantId]" do you have any idea what i did wrong? or a nicer approach to assign the apps generated identity to a vm? thanks tbz
