Protect your virtual machine settings with Azure Automation State Configuration.

Create a desired state configuration script that checks that IIS is installed.

In this lab I’ll show you how to create an Azure Automation account and upload a PowerShell DSC.

1. First Ill start by creating a username and generating a random password:

USERNAME=azureuser
PASSWORD=$(openssl rand -base64 32)

2. Just like in our previous labs I’ll use my Azure CLI command to create a new VM with the az vm create command:

az vm create \
— resource-group learn-85a01087-e760–47f4-bf64-d37ef4483501 \
— name myVM \
— image win2016datacenter \
— admin-username $USERNAME \
— admin-password $PASSWORD

3. We get our results of our newly created VM in JSON format.

4. Next we need to open port 80 for web traffic on the VM

az vm open-port \
— port 80 \
— resource-group learn-85a01087-e760–47f4-bf64-d37ef4483501 \
— name myVM

5. Our output will be a vast list firewall rules for our VM

6.If we try to access our webpage http://137.135.52.36 we are unable to access. Reason being, we must enable IIS on our VM.

Create an Azure Automation account

1. We’ll use the Azure Portal to login and create a resource
2. Search the marketplace for Automation and select create

3. In Azure Cloud Shell type pwsh to enable power shell.

4. Next we’ll start the code editor and create a file named MyDscConfiguration.ps1

code $HOME/MyDscConfiguration.ps1

4. Next I’ll run the following code which will create a configuration to intall IIS

Configuration MyDscConfiguration {
Node “localhost” {
WindowsFeature MyFeatureInstance {
Ensure = ‘Present’
Name = ‘Web-Server’
}
}
}

5.I’ll save with Ctrl+S and quit with Ctrl+Q

6. Next I uploaded my DSC script into my Azure Automation account

Import-AzureRmAutomationDscConfiguration `
-AutomationAccountName [your-automation-account-name] `
-ResourceGroupName learn-85a01087-e760–47f4-bf64-d37ef4483501 `
-SourcePath $HOME/MyDscConfiguration.ps1 `
-Force `
-Published

Compile the DSC script

1. Back in our Azure portal in the Azure Automation account navigate to Configuration Managent > State configuration (DSC)
2. Select Configurations
3. Make sure our uploaded config is in fact there
4. Select MyDscConfiguration
5. Select Compile

Register the VM with your Azure Automation account

1. On the State configuration (DSC) page, select Nodes > + Add.
2. On the Virtual Machines page, select the VM you created at the start of this unit, myVM.
3. On the myVM page, select + Connect.
4. Wait until the VM is connected, and then close the myVM page.
5. On the State configuration (DSC) page, select Refresh.
6. Verify that the node myVM appears in the list and that its status is Compliant.

Once the virtual Machine is finished, we will test http://[public-ip]

We should get presented with the following page below.