New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request: DevTest lab settings enhancements (network/motd/repos/custom Images/announcements) #5544
Comments
Any update on the above request? |
I'm also highly interested in this feature. In our system we're providing DevTest Labs instances on-demand and the goal is to set them up with preconfigured custom artifact repositories containing various ARM templates for creating environments. Are there any plans to add support for that? What are possible workarounds for now? null_resource? |
Back then I did something like this which may help you: # main.tf
locals {
dtl_name = "dtl-prod"
subnet_name = "snet-dtl"
}
resource "azurerm_resource_group" "dtl" {
name = "rg-devtestlab"
location = "West Europe"
}
resource "azurerm_dev_test_lab" "dtl" {
name = local.dtl_name
location = azurerm_resource_group.dtl.location
resource_group_name = azurerm_resource_group.dtl.name
storage_type = "Standard"
}
resource "azurerm_virtual_network" "dtl" {
name = "vnet-dtl"
location = azurerm_resource_group.dtl.location
resource_group_name = azurerm_resource_group.dtl.name
address_space = ["10.0.0.0/16"]
subnet {
name = local.subnet_name
address_prefix = "10.0.1.0/24"
}
}
resource "azurerm_resource_group_template_deployment" "dtl_virtualnetworks" {
name = "dtl_virtualnetworks"
deployment_mode = "Incremental"
resource_group_name = azurerm_resource_group.dtl.name
template_content = file("${path.module}/dtl_virtualnetworks.json")
parameters_content = jsonencode({
devTestLabsName = {
value = azurerm_dev_test_lab.dtl.name
}
virtualNetworkName = {
value = azurerm_virtual_network.dtl.name
}
virtualNetworkResourceGroupName = {
value = azurerm_virtual_network.dtl.resource_group_name
}
subnetName = {
value = local.subnet_name
}
})
lifecycle {
ignore_changes = [template_content]
}
}
locals {
dtl_virtualnetworks = jsondecode(azurerm_resource_group_template_deployment.dtl_virtualnetworks.output_content).dtl_virtualnetworks.value
} The // dtl_virtualnetworks.bicep
param devTestLabsName string
param virtualNetworkName string
param virtualNetworkResourceGroupName string
param subnetName string
resource dtl_lab 'Microsoft.DevTestLab/labs@2018-09-15' existing = {
name: devTestLabsName
}
// Get existing VNET
resource virtualNetwork 'Microsoft.Network/virtualnetworks@2020-11-01' existing = {
name: virtualNetworkName
scope: resourceGroup(virtualNetworkResourceGroupName)
}
// Get existing Subnet
resource subnet 'Microsoft.Network/virtualnetworks/subnets@2020-11-01' existing = {
parent: virtualNetwork
name: subnetName
}
resource dtl_virtualnetworks 'Microsoft.DevTestLab/labs/virtualnetworks@2018-09-15' = {
parent: dtl_lab
name: virtualNetwork.name
location: resourceGroup().location
properties: {
allowedSubnets: [
{
resourceId: subnet.id
labSubnetName: subnet.name
allowPublicIp: 'Deny'
}
]
description: virtualNetwork.name
externalProviderResourceId: virtualNetwork.id
subnetOverrides: [
{
resourceId: subnet.id
labSubnetName: subnet.name
useInVmCreationPermission: 'Allow'
usePublicIpAddressPermission: 'Deny'
}
]
}
}
output dtl_virtualnetworks object = dtl_virtualnetworks |
It would be great if the devtest lab provider/resource could support more policies/config management options set when we first setup a lab. Things like support announcement and MOTD, but also allowed VM sizes, allowed market place images, formulas to be used (and allowed), external repositories, custom images and also all the lab settings (all VMs in their own RG vs. all VMs in the lab RG).
Some of these like max VM number per lab, and max VM number per user appear to be supported already (although that looks to be not working according to issue #2145).
Also - we have our IT dept setup labs (currently) and as they own the corp VNET, the labs are only allowed to setup VMs in the lab joined to that existing VNET/SNET in the existing "network" resource group - with no public IPs allowed. Be nice if we could setup a new lab using TF with this setting set out of the box.
The text was updated successfully, but these errors were encountered: