Skip to main content
Version: 2024.1

Azure VM From Custom Image Deployment Path Attributes

The following attributes would be used to define the Azure VM From Custom Image:

AttributeAzure shell versionDescription
Cloud ProviderAllName of the Azure cloud provider resource to be used
Azure ImageAllName of the custom image. The image name is listed in the Images blade of the Azure portal.
Azure Resource GroupAllName of the resource group in which the custom image resides.
VM SizeAll

(Optional) Size of the Microsoft Azure computing resources, including CPU, memory and networking capacity of the VM. Leave it empty to use the default VM Size that was set in the cloud provider resource. For example: "Standard_A1_v2”.

Make sure the VM size you specify is supported by the image you defined in the App.

important

For Azure Apps that will run configuration management operations, specify a VM size of Standard_A2_v2 or larger.

For additional information, see the Azure help page Sizes for virtual machines in Azure or use Azure CLI to get a list of your region's supported sizes.

Disk TypeAll

Type of disk to use for the VM's operating system. Possible options depend on the shell version:

Azure 1G shell:

  • HDD (default)
  • SSD

Azure 2G shell:

  • Standard HDD
  • Standard SSD
  • Premium SSD
  • Standard SSD (zone-redundant storage)
  • Premium SSD (zone-redundant storage)
Disk SizeAll

(Optional) Disk size (in GB) of the VM's operating system. For example, "17” or "35”.

If you leave it empty, CloudShell will determine the disk size according to the App's VM Size.

Data Disks2G

Semicolon-separated list of data disks that will be added to the VM.

The syntax is: disk_name:disk_size,disk_type

For example:

disk1:10;disk2:20,Premium SSD;disk3:20,Standard SSD (zone-redundant storage)

Supported disk types are:

  • Standard HDD (default)
  • Standard SSD
  • Premium SSD
  • Ultra SSD
  • Standard SSD (zone-redundant storage)
  • Premium SSD (zone-redundant storage)
License Type2G

Optionally apply an OS license you own to the VM.

Options are:

  • No License: None
  • Windows OS: Windows_Client
  • Windows Server OS: Windows_Server
  • Red Hat Enterprise Linux (RHEL): RJE:_BYOS
  • SUSE Linux Enterprise Server (SLES): SLES_BYOS
Enable Boot Diagnostics2G

Enable Boot diagnostics for the VM. For additional information, see Microsoft Docs' Azure boot diagnostics article.

Boot Diagnostics Storage Account2G

The name of a storage account where boot diagnostic artifacts will be stored. Enter "Sandbox Storage" to use the storage account created by the sandbox. By default: the managed storage account is used if Enable Boot Diagnostics is enabled.

Resource Group Name2G

(Optional) The name of the predefined resource group where the VM will be deployed. This resource group will contain all cloud resources created for the VM (such as network interfaces, security groups, disks and the VM itself). When the VM tears down, its cloud resources will be deleted from the resource group but the resource group will remain.

Add Public IPAll

Set to True to use a public IP address to communicate with the VM from outside the virtual network.

In most cases the public IP address is associated with the VM until the VM is stopped or terminated, after which the IP is no longer available. To ensure that the IP is available to your subscription at any time, reserve it by setting the Public IPType attribute to Static.

Wait for IPAll

Determines if the App deployment process waits for the VM to get an IP. Default is False.

Extension Script File / ConfigurationAll

(Optional) Custom extension script (PowerShell, Python, batch, etc.) to execute on the deployed VM.

  • Extension Script File: Raw URL of the script file

  • Extension Script Configuration: Space-separated value containing the tool to be used to execute the script, such as Python or PowerShell, the script's file name and extension, and any inputs that need to be passed to the script. For example: python my_script.py input1 input2

    Notes

    • For non-PowerShell scripts, the tool to be used to execute the script must be installed on the VM.

    • For Linux VMs, you must specify the tool to be used. For Windows VMs, PowerShell is used by default, unless a different tool is specified.

    • Extension scripts are not supported on Kali Linux images in Azure Marketplace. To fix this issue, you will need to use a modified version of the Marketplace image:

      1. Deploy a VM based on the Kali Linux Marketplace image.

      2. Run the following command:

        sudo nano /usr/lib/python3/dist-packages/azurelinuxagent/common/osutil/factory.py

      3. Find the line:

        from .debian import DebianOSModernUtil

      4. Replace with:

        from .debian import DebianOSModernUtil,DebianOSBaseUtil

      5. Press [CTRL] + [O] and [Enter] keys.

      6. Press [CTRL] + [X] and [Enter] keys.

      7. Restart the walinuxagent.service service.

      8. Create a custom image out of the VM.

note

To support the execution of extension scripts, custom images created outside of Azure Marketplace must include the ProvisionGuestAgent agent. For additional information, see Virtual machine extensions and features for Windows.

Public IP TypeAll

Set to Static to ensure that the VM always uses the same public IP. By default, public IPs are Dynamic and the address associated to them may change when the VM is powered off.

Inbound PortsAll

(Optional) Semi-colon separated list of ports and protocols to open for inbound traffic. Note that by default access from the management VPC is allowed and all ports are open for traffic between Azure App VMs within the sandbox, but this can be changed using the Allow All Sandbox Traffic attribute.

In addition, all outbound traffic is allowed.

The syntax is:

port[single/range]:protocol[tcp(default)/udp]

For example: "80;443:tcp;200-220:udp".

note

If not specified, the protocol defaults to TCP.

Tips
  • To allow QualiX in-browser connections to the VM from the sandbox, include port "22".
  • To set more specific security groups, it is recommended to use the TestShell API's SetAppSecurityGroups method instead. Unlike the Inbound Ports attribute, it enables you to define different port settings per subnet and allow inbound access to specific source CIDRs. For additional information, see SetAppSecurityGroups Code Example.
Custom Tags2G

Semi-colon separated list of up to 9 tags to be applied to all related Azure objects created during the App deployment, such as the sandbox's resource group, VNETs, subnets, NSGs and VMs. Attribute supports the following syntax: [TagName]=[TagValue]; [TagName]=[TagValue]. For example: "Tag1=Val1;Tag2=Val2”

Allow All Sandbox TrafficAll

Determines if the App allows inbound traffic from all other Azure Apps in the sandbox. If set to False, the App's VM will be isolated. Access from specific Apps or subnets can be defined using the Inbound Ports attribute or API.

note

By default, this attribute is True, and access is allowed to all ports from all Apps in the sandbox. By default, all ports are open for traffic within the sandbox.

Enable IP Forwarding2G

Enables IP forwarding on all network interfaces of the app in order to support virtual appliances like routers and firewalls that are connected to multiple subnets.

Autoload2G

Enables the automatic execution of the Autoload command during reservation Setup.

Availability Zones2G

Specify the Availability Zone (1, 2, or 3) in which the App’s VM, managed disk and public IP (if available) will be deployed. Leave empty to inherit the Availability Zones defined on the cloud provider resource. For details and supported regions, see Regions and availability zones.