Configuring plug-in based Azure virtual machines in VMware Aria Automation

As a cloud administrator, you can leverage the Microsoft Azure plug-in to provision plug-in based virtual machines as you build out your infrastructure. You can also use allocation helpers to provide allocation logic for your VMs.

You can easily configure your VMs to support your infrastructure needs using the latest Azure properties. For example, if you want to enable boot diagnostics for your VM, you can use the boot_diagnostics property in your cloud template.

You can also run the following day 2 operations on Azure VMs:

Start
Power Off
Restart
Deallocate

See What actions can I run on Automation Assembler deployments or support resources for more information.

To learn more about plug-ins and allocation in VMware Aria Automation, see Plug-in based designs and deployments in Automation Assembler.

VM properties

The following properties are required for plug-in based Azure VMs.


Property	Description
`name`	The plug-in specific name for the resource. You can use the same value for the `virtual_machine_name` property.
`virtual_machine_name`	The name of the VM in the Azure portal. The Azure resources that you deploy with Automation Assembler must conform to Azure naming rules and restrictions. Otherwise, the deployment will fail. See Resource naming restrictions for more information.
`account`	The Microsoft Azure cloud account for account regions to which your team deploys cloud templates. See Create a Microsoft Azure cloud account in VMware Aria Automation for more information.
`location`	The location where the VM will be deployed.
`resource_group_name`	The name of the resource group. You must create the resource group in your Azure portal.

Provision an Azure VM with a data disk

The following template shows how you might provision a virtual machine using allocation helpers. In this example, you create a VM with an attached data disk.

Before you deploy this template, complete the following steps:

Create your Microsoft Azure cloud account in Automation Assembler, create a project, and add your cloud zones.
Create a resource group through the Azure portal.
Create a network interface in the resource group in the Azure portal. The network interface must be in the region you will use to deploy your Azure VM.

formatVersion: 1
inputs:
  UUID:
    type: string
    title: UUID
resources:
  Allocations_Compute_1:
    type: Allocations.Compute
    properties: {}
  Allocations_Flavor_1:
    type: Allocations.Flavor
    properties:
      flavor: medium
  Allocations_Image_1:
    type: Allocations.Image
    properties:
      image: ubuntu
  Cloud_Azure_ResourceGroup_1:
    type: Cloud.Azure.ResourceGroup
    properties:
      name: e2e-a8n-RG-${input.UUID}
      useExisting: false
  Idem_NETWORK:
    type: Idem.AZURE.NETWORK.VIRTUAL_NETWORKS
    properties:
      name: e2e-a8n-idem-virtual-net-${input.UUID}
      account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
      location: ${resource.Allocations_Compute_1.selectedRegion.id}
      address_space:
        - 10.0.0.0/24
      subnets:
        - name: ${resource.Idem_NETWORK.name}
          address_prefix: 10.0.0.0/24
      resource_group_name: ${resource.Cloud_Azure_ResourceGroup_1.resourceName}
      virtual_network_name: ${resource.Idem_NETWORK.name}
  Idem_NETWORK_INTERFACE:
    type: Idem.AZURE.NETWORK.NETWORK_INTERFACES
    properties:
      name: e2e-a8n-idem-net-interface-${input.UUID}
      account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
      location: ${resource.Allocations_Compute_1.selectedRegion.id}
      ip_configurations:
        - primary: true
          name: ipconfig2
          private_ip_address: 10.0.0.13
          private_ip_address_allocation: Static
          private_ip_address_version: IPv4
          subnet_id: ${'/subscriptions/' + resource.Idem_NETWORK.subscription_id + '/resourceGroups/' + resource.Idem_NETWORK.resource_group_name + '/providers/Microsoft.Network/virtualNetworks/' + resource.Idem_NETWORK.name + '/subnets/' + resource.Idem_NETWORK.subnets[0].name}
      resource_group_name: ${resource.Idem_NETWORK.resource_group_name}
      network_interface_name: ${resource.Idem_NETWORK_INTERFACE.name}
  Idem_DATA_DISK:
    type: Idem.AZURE.COMPUTE.DISKS
    properties:
      name: e2e-a8n-idem-data-disk-${input.UUID}
      account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
      location: ${resource.Allocations_Compute_1.selectedRegion.id}
      resource_group_name: ${resource.Idem_NETWORK.resource_group_name}
      disk_name: ${resource.Idem_DATA_DISK.name}
      disk_size_gb: 10
      creation_data:
        create_option: Empty
      encryption:
        disk_encryption_set_id: ${'/subscriptions/' + resource.Idem_NETWORK.subscription_id + '/resourceGroups/DND-static-RG-for-automation/providers/Microsoft.Compute/diskEncryptionSets/DND-e2e-a8n-disk-encryption'}
        type: EncryptionAtRestWithCustomerKey
  Idem_VM:
    type: Idem.AZURE.COMPUTE.VIRTUAL_MACHINES
    properties:
      name: e2e-a8n-idem-vm-${input.UUID}
      account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
      location: ${resource.Allocations_Compute_1.selectedRegion.id}
      resource_group_name: ${resource.Idem_NETWORK.resource_group_name}
      virtual_machine_name: ${resource.Idem_VM.name}
      network_interface_ids:
        - ${resource.Idem_NETWORK_INTERFACE.resource_id}
      os_profile:
        admin_username: my-admin-username
        computer_name: machine-name
        admin_password: admin
      virtual_machine_size: ${resource.Allocations_Flavor_1.selectedInstanceTypeName}
      storage_image_reference:
        image_sku: ${split(resource.Allocations_Image_1.selectedImageId, ':')[2]}
        image_publisher: ${split(resource.Allocations_Image_1.selectedImageId, ':')[0]}
        image_version: ${split(resource.Allocations_Image_1.selectedImageId, ':')[3]}
        image_offer: ${split(resource.Allocations_Image_1.selectedImageId, ':')[1]}
      storage_os_disk:
        storage_account_type: Standard_LRS
        disk_name: e2e-a8n-idem-os-disk-${input.UUID}
        disk_caching: ReadWrite
        disk_size_in_GB: 30
        disk_create_option: FromImage
        disk_delete_option: Delete
      storage_data_disks:
        - disk_id: ${resource.Idem_DATA_DISK.resource_id}
          disk_logical_unit_number: 3
          disk_create_option: Attach
          disk_delete_option: Delete
          disk_size_in_GB: 10
          disk_name: ${resource.Idem_DATA_DISK.disk_name}
  Cloud_Service_Azure_SQL_Server_1:
    type: Cloud.Service.Azure.SQL.Server
    properties:
      name: e2e-a8n-db-server-puca-${input.UUID}
      region: ${resource.Allocations_Compute_1.selectedRegion.id}
      account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
      version: ''
      administrator_login: [email protected]
      resource_group_name: ${resource.Cloud_Azure_ResourceGroup_1.resourceName}
      administrator_login_password: admin
  Idem_AZURE_SQL_DATABASE_DATABASES_1:
    type: Idem.AZURE.SQL_DATABASE.DATABASES
    properties:
      name: e2e-a8n-idem-sql-db-${input.UUID}
      database_name: e2e-a8n-idem-sql-db-${input.UUID}
      server_name: ${resource.Cloud_Service_Azure_SQL_Server_1.name}
      account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
      location: ${resource.Allocations_Compute_1.selectedRegion.id}
      tags:
        tag-key: tag-value
      sku:
        name: GP_Gen5
        tier: GeneralPurpose
        family: Gen5
        capacity: 2
      requested_backup_storage_redundancy: Local
      resource_group_name: ${resource.Idem_NETWORK.resource_group_name}
      read_scale: Disabled
  Idem_AZURE_STORAGE_RESOURCE_PROVIDER_STORAGE_ACCOUNTS_1:
    type: Idem.AZURE.STORAGE_RESOURCE_PROVIDER.STORAGE_ACCOUNTS
    dependsOn:
      - Idem_NETWORK
    properties:
      name: e2ea8nidemstacct${input.UUID}
      account: ${resource.Allocations_Compute_1.selectedCloudAccount.name}
      location: ${resource.Allocations_Compute_1.selectedRegion.id}
      sku_name: Standard_LRS
      account_name: e2ea8nidemstacct${input.UUID}
      resource_group_name: ${resource.Cloud_Azure_ResourceGroup_1.resourceName}
      identity:
        type: UserAssigned
        user_assigned_identities:
          /subscriptions/svpvln45-brk0-mzca-7yxh-dla7h19zxyn3/resourceGroups/DND-static-RG-for-automation/providers/Microsoft.ManagedIdentity/userAssignedIdentities/DND-user-assigned-managed-identity: {}
      encryption_service:
        encryption_key_source: Microsoft.Keyvault
        blob_encryption_key_type: Account
        file_encryption_key_type: Account
      customer_managed_key:
        key_name: DND-e2e-a8n-key
        key_vault_uri: https://dnd-e2e-a8n-key-vault.vault.azure.net/
        key_version: ''
        user_assigned_identity_id: ${'/subscriptions/' + resource.Idem_NETWORK.subscription_id + '/resourceGroups/DND-static-RG-for-automation/providers/Microsoft.ManagedIdentity/userAssignedIdentities/DND-user-assigned-managed-identity'}
      immutability_policy:
        allow_protected_append_writes: true
        period_since_creation_in_days: 5
        state: Unlocked

If you want to attach additional disks to the VM, you can update the blueprint for the VM resouce and add the new data disk in the storage_data_disks property.

Provision an Azure VM using cloud-init

The following templates show how you might provision an Azure VM using cloud-init.

First, you define the cloud-init code as an input in the cloud template, and use the value in the custom_data property. The custom_data property only accepts a base64-encoded string, so you convert the custom data using the base64_encoded function.

The following code sample shows how you would define the cloud-init code as an input:

inputs:
  init-data:
    type: string
    default: |
      some
      multiline
      
    maxLength: 9999

The following code sample shows how to convert the custom data to base64:

resources:
  Idem_AZURE_COMPUTE_VIRTUAL_MACHINES_1:
    type: Idem.AZURE.COMPUTE.VIRTUAL_MACHINES
    properties:
      ...
      os_profile:
        ...
        custom_data: ${base64_encode(input.init-data)}