Being a fan of PowerShell DSC, and have benefited by the ease of use, I wanted to test the extensions on my Azure infrastructure. I have y VM configured with the Azure PowerShell SDK and can use this for the DSC setup. The next step is to create an authentication for the subscription by using the Azure AD.
To create an authentication method and manage your subscription using the Azure AD, follow the below given steps.
- Use the Add-AzureAccount cmdlet and login to the portal to select a subscription. If you have multiple subscriptions, then you can use the Get-AzureSubscription cmdlet to view all your subscriptions and choose one. If you have a single subscription, the Add-AzureAccount cmdlet chooses the default subscription and uses it.
- Later if you want to choose another subscription, you can use the Select-AzureSubscription cmdlet.
- After authentication, Azure saves your credentials and closes the dialog window.
- Once you have the account and authentication setup completed, you can create and work on the configurations.
- To check whether DSC extension is available on the VM, you can use the Get-Command cmdlet to check whether the DSC modules are available as given below.
Create and push configurations on the Azure VM’s
You can create the configurations denoting the desired state for the VM by adding the resource configurations and save it to a config file. In the below sample, I’ve used the Registry resource to add a key to the registry for saving the settings for my application.
Key = "HKEY_LOCAL_MACHINE\SOFTWARE\MySite"
ValueName = "AllowedFunctions"
ValueData = "READ:CONTRIBUTE"
When it comes to save a configuration on Azure, its bit different from the on premise machines. For Windows Azure, you need to publish the configuration to a storage container on the cloud services. The default storage container for DSC is windows-powershell-dsc container. You can provide another storage container by using the –ContainerName parameter for the Publish-AzureVMDscConfiguration cmdlet.
You can use the get-help command and check the options for the Publish-AzureVMDscConfiguration cmdlet for more customizations.
Before publishing the configuration, you need to create a storage context and use that to publish the configuration to. The storage context can be created by using the New-AzureStorageContext cmdlet. Once the context is created you can publish the configuration to the container created in the context using the Publish-AzureVMDscConfiguration as given below.
As you can see from the screenshot, the configuration is archived and stored on the storage container mentioned in the storage context created.
Next step is to enact to the configuration using the Set-AzureVMDscConfiguration cmdlet. You can use the cmdlet as given below.