0

I'm currently using Azure Resource Manager to create virtual machines with DSC to configure basic state and install IIS. I already have a build environment that dumps websites as .zip files to Azure Storage. But, I can't figure out how to make DSC reach out to Azure Storage to download the .zip and place it in wwwroot.

Ultimately, I want to run AzureRM so that it creates a new VM, runs DSC so that when it's finished my app is on the machine and running.

scottm
  • 359
  • 3
  • 5
  • 19

1 Answers1

1

How we do it is to use the xRemoteFile DSC resource, from the xPsDesiredState resource kit. This lets you specify a remote URL (such as Azure storage) and downloads the file for you. Works well.

                 xRemoteFile FileDownload
                    {
                        Uri = $packageUri
                        DestinationPath = $packageOutFile
                        MatchSource = $true
                        DependsOn=""
                    }

If your downloading sensitive data, your going to want to ensure you store that in a blob store with restricterd access, and then generate a SAS token to use in your URL here.

Sam Cogan
  • 38,736
  • 6
  • 78
  • 114
  • Do you have to setup a SAS token URL so it has permissions to read the file? – GregGalloway Nov 24 '16 at 20:01
  • I think a code sample or a pointer to a code sample would help the Op – GregGalloway Nov 24 '16 at 20:01
  • Depends whether you need to secure the files. If You can leave the container open to all read only the no, but it you need to secure them then yes you need a SAS token, you can just append that to the URL. – Sam Cogan Nov 24 '16 at 20:02
  • I can only imagine website code zip files have sensitive database connection info and other stuff in them. So a public blob storage container seems unwise. But I'm sure the Op can describe his scenario. – GregGalloway Nov 24 '16 at 21:12
  • How do I generate the SAS token to append to the URI? I think that's the thing I can't figure out. – scottm Nov 28 '16 at 15:43
  • There's a variety of ways, you can do it programatically, or the easiest way use a tool like Azure storage explorer – Sam Cogan Nov 28 '16 at 15:43