Best way to automate actions on newly created VMs

JP Alfaro 1 Reputation point
2020-02-10T17:42:09.403+00:00

Hello experts,

I would like for some guidance regarding the best ways to automate actions on newly created virtual machines.

What I would like to do is to develop someway to automate the creation of managed system identities, install certain extensions, or enabling diagnostic settings as soon as a new VM is created.

My initial thought was to use log analytics to create an alert that runs every 5 minutes and queries for newly created VMs, then use an automation runbook as the action group, to run a piece of powershell code to enable the desired features.

Would anyone suggest a better approach to accomplish my requirement?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,102 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Stanislav Zhelyazkov 20,786 Reputation points MVP
    2020-02-11T16:06:59.907+00:00

    The best way to automate this is to use Azure Policy. With deployIfNotExists effect you can deploy some resources when certain things do not exits (not compliant). I would still recommend if you are deploying these resources trough some automation like CI/CD and ARM Templates is to deploy these additional settings along with the actual deployment of resources.

    1 person found this answer helpful.
    0 comments
  2. JP Alfaro 1 Reputation point
    2020-02-13T00:43:56.697+00:00

    Hi Stan,

    Thank you for your suggestion.

    I don't seem to be able to find for a way to automate the deployIfNotExists remediation.

    Do you know if that is possible?

    0 comments