# Configure Azure

## Admin Right

You are going to be mounting wim files, so yes, this is an absolute with no way around it

## Function

For this we have a single function **invoke-AzOSDAzureConfig** that admits several *parameters*. It has two **parameterSetName** one for Bicep and one for Terraform

* <mark style="color:blue;">**ParameterSetName Bicep**</mark>
* Location : corresponding Azure region
* ResourceGroupName : corresponding the resource group create in Azure

```
invoke-AzOSDAzureConfig -Location westeurope -ResourceGroupName osdclouddemo
```

* <mark style="color:blue;">**ParameterSetName Terraform**</mark>
* UseTerraform : Is boolean parameter

```
PS C:\Users\JM2K69> invoke-AzOSDAzureConfig -UseTerraform $true
```

The function uses the command *Connect-AzAccount -UseDeviceAuthentication* for the authentication part with <mark style="color:purple;">**Bicep**</mark> and for the <mark style="color:purple;">**Terraform**</mark> part we will use ***Azure Cli*** with *az login --use-device-code*

## Terraform execution

### Terraform.tfvars&#x20;

```
osdcloud_containers = ["server", "retail", "insiders", "driverpack", "bootimage"]
osdscript_containers = ["scripts", "packages", "unattend", "others"]
osdcloud_resourcegroup = "AzOSDClouddemo"
osdcloud_StorageAccountOSDScripts = "osdscriptsdemo"
osdcloud_StorageAccountOSDCloud = "osdclouddemo2"
osdcloud_Location = "westeurope"
subscription_id = "9b288c1f-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
technicien_id = "1618bbc9-bdce-45af-a3bd-a86c224d8094"
tenant_id = "d1c6xxxx-d6xx-4xx-xxxx-313xxxxxxx86be"

```

### Execution

![](https://344220114-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVSV22dcsjKDdOxDA6n%2Fuploads%2FCe76bolTVVdTjhW2rPfG%2FIAC9.png?alt=media\&token=1df813a1-db36-4135-b015-6d2520b7cd84)

![](https://344220114-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVSV22dcsjKDdOxDA6n%2Fuploads%2FOlsDgTu5dtGD8Mn2tCfM%2FIAC12.png?alt=media\&token=0b700c4c-13a2-4cdd-9a57-ffad212a6e43)

### Verify in Azure

#### Resource groups

![Resource Group in Azure portal](https://344220114-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVSV22dcsjKDdOxDA6n%2Fuploads%2F5C8hMigHGZmkGIDjODyy%2FIAC13.png?alt=media\&token=13b712b4-069a-4112-9d49-96c4e1d54a30)

#### Storage account properties

![Tag, all properties are set.](https://344220114-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVSV22dcsjKDdOxDA6n%2Fuploads%2FhUrYgONvKEY5u7DbpwST%2FIAC15.png?alt=media\&token=a50edf54-b060-41f8-a16b-99016b7a2a52)

#### Acces Control (IAM)

![](https://344220114-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVSV22dcsjKDdOxDA6n%2Fuploads%2FkQQFGEOkbJZ65N2fUnSK%2FIAC16.png?alt=media\&token=f0f1211e-a146-4bd6-8959-5de639d99edd)