Contents x
    Adding Azure Template
    • 13 Jan 2025
    • 25 Minutes to read
    • Contributors
    • Print
    • Dark
      Light
    Contents

    Adding Azure Template

    • Updated on 13 Jan 2025
    • 25 Minutes to read
    • Contributors
    • Print
    • Dark
      Light
    Article summary

    Overview

    CloudLabs Template is the base of the Hands-on lab environment. You can do a variety of configurations under Templates such as adding prerequisites, enabling roles and policies for users, and much more.

    Here we will learn more about how to work with CloudLabs Template.

    Add Template

    1. Navigate to the Templates section that is available in the left menu and click on the + ADD button given in the top right corner.

    2. For your convenience, this page is divided into three sections:

    A. The fields and their functionality are listed below:

    • Name: To identify the lab, give the Template a name.

    • Cloud Platform: CloudLabs supports three cloud platforms - Microsoft Azure, Amazon Web Services & Google Cloud Platform. Based on your lab requirements you can pick a cloud platform from the drop down.

    • Cloud Usage Type: This feature helps the system in calculating the cost of a Virtual Machine or the total cost of all Cloud resources. There are 2 options available, namely Cloud Resource Usage and VM Usage. Cloud Resource Usage will calculate the cost of all the resources deployed in the lab environment, however, VM Usage will only calculate the cost of the virtual machines and the related resources present in your cloud environment. Therefore, it is always recommended to select Cloud Resource Usage for efficient cost calculation.

    • Code: Use a code as an internal identifier; this code will also be concatenated in the name of the user Resource Group. As an example, if you use the code demolab, you'll be able to tell that the template is about a demo lab. The user's Resource Group will be named ODL-demolab-xxxxxx, where demolab is a lab code, ODL is the default prefix, and xxxxx is the CloudLabs-assigned user unique ID.

    • Lab Code: Lab Code is also used as an internal identifier, however, it is not used as any suffix/prefix in any of the resources deployed in your cloud environment.

    • Subscription Type: This option is only available if you go for the Microsoft Azure cloud platform. For Amazon Web Services & Google Cloud Platform, it will be taken care of automatically.

      CloudLabs provides three types of subscriptions as listed below:

      • Shared Subscription - Here, a single subscription can be shared by multiple users giving them access to the Resource group level. Depending on the lab's needs and access constraints, you can use shared subscriptions.

      • Dedicated Subscription - A dedicated subscription is used when a lab requires subscription-level access. Here, each user gets access to a single subscription.

      • Dedicated Tenant - A dedicated tenant is used when a lab requires tenant-level access or Global admin access. Here, each user has access to the entire tenant.

      You can select one of these three as per the lab requirements.

    • Description: Provide a brief description to describe your lab, its resources and technologies as well as its learnings and benefits. It will be visible to the end users as well.

    • Lab Launch Page Description: The Lab Launch page is basically where you launch your lab environment. You can add any additional instructions to this page that you think are relevant for the users.

    B. Moving on to the next section, we will learn about the fields listed below:

    • Custom Page Title: In case you want to customize the title of the Hands-on-Lab Registration page, you can provide a title in this field.

    • Custom Logo URL: In case you want to customize the logo of the Hands-on-Lab Registration page, you can provide the URL of the logo in this field.

    Note: The default page title and logo will be displayed, but if you wish to change them, you can use this field. End-users will be able to see it on the Hands-on Lab registration page, allowing you to customize what you want them to see.

    • Owner Email: In this field, you have to provide the Email address of the person who is responsible for building the Template.

    • Reviewed By: This field can be used to include the information of the reviewer who will be reviewing the template configurations.

    • Deployment Plan: This allows you to choose several Resource Groups required in your lab. The selected number of Resource Groups will be pre-created in your environment.

    • Lab Guide URL: A lab guide is a document that gives users all of the directions they need to complete a hands-on lab. The Lab guide URL can be entered here, and it will appear on the users' lab details page. The lab guide will be available to them once they have accessed the URL.

    • Demo URL: If you want to provide any kind of demonstration like video, document, simulation, etc. for the lab to your users, provide the link to the content here. Users will be able to see the link and navigate to it once the lab starts.

    • Help Document URL: If you want to provide users with a help manual that will assist them in completing the lab, you can place that document URL here.

    • Prerequisites URL: If you wish to give people visibility into how the lab is set up or how the prerequisites for the lab are defined, you may write a document and enter the URL here.

      Note To allow the URLs to be entered here, all documents should be in GitHub or PDF format. The users will be able to access these documents by just clicking on the URLs.

    • Usage Policy URL: Usage policy is used to monitor cores/clusters of Azure resources. In the policy, we have to define a maximum limit of cores/clusters that is allowed for a user.

    The usage policy revolves around these Azure resources - Virtual Machines, CosmosDB Accounts, SQL Servers/Databases, Virtual Machine Scale Sets, and Databricks Clusters.

    For example: You prepared a policy in which the allowed value for VM is set to 4 vcpu cores. Now we have two users - User01 and User02, performing the same lab. User01 creates a VM that uses 2 cores and User02 creates a VM that uses 8 cores.

    Here, for both users, we will have two different cases as follows:

    • Case 1: User01 with 2 cores falls under the allowed value and will not violate the usage policy.

    • Case 2: User02 with 8 cores exceeds the allowed value resulting in violating the usage policy.

      • Once the policy is violated, you will get alerted via email.

      • To receive the alert emails, a person/team can provide their email address while setting up the Lab.

    To view a sample of the Usage Policy, go to this link - https://cloudlabsai.blob.core.windows.net/policy/usage-policy-sample.json

    • Github Master Document file URL: This is a JSON-formatted document that is used to arrange the lab guide in a coherent way. We should first prepare the document in JSON format, with section-by-section raw GitHub URLs, as it only supports GitHub raw URLs. Once the document is complete, we can upload it to an Azure blob storage account and use the blob storage URL as directed here.

    The URL is included here for a reason. We have a feature named Enable VM Access Over Http which allows you to connect to the VM via browser. When your lab is ready, the environment you receive includes a VM on the left side of the browser and the Lab Guide on the right as shown below:

    For a successful setup of both the VM and the Lab Guide, we have some configurations to be done. In the next sections, we will learn more about the Enable VM Access Over Http feature (involves the setup of VM) and for now, we will focus on the Master document that involves Lab guide setup.

    A master document contains the following information:

    1. Name: Here you have to provide a name for your Lab.

    2. Language: English

    3. Files: In this section, we provide the Raw File Path and Order of the file lab guide that should be available in GitHub.

      • Raw File Path: This is the raw URL of the pages in your lab guide.

      • Order: Defines the sequence of the pages in your lab guide such as what all should come first and so on.

    Example: You have a lab guide in GitHub which includes an Introduction to the Lab, three Exercises to be performed, and a Summary. Rather than preparing one lengthy document, we'll break it down into individual pages on GitHub and fetch the Raw URL for each page. We will add the Raw URL of the pages in Raw File Path, concerning the order value.

    Therefore, the lab guide's final output will follow the flow shown below:

    • Introduction of the Lab

    • Exercise 1

    • Exercise 2

    • Exercise 3

    • Summary

    For your reference, here is a Master document sample - https://cloudlabsai.blob.core.windows.net/master-doc/master-doc.json

    • Approx. Deployment Duration: Your environment's pre-requisite resources will take some time to deploy. The expected deployment duration will be defined throughout this time period. The period you enter in this area will be displayed to users as a countdown to the start of the Lab.

    • Region: Here you can choose one or more Azure regions where you want to have the Azure resource deployments. The selected regions will automatically be reflected in the Lab setup.

      • Enable Paired Region: This option is only valid if you have configured more than 1 resource group in the Deployment Plan. If checked, the resource groups will be sequentially deployed to the paired region of your main region.

        For example, considering the checkbox to be checked and you choose your deployment region to be East US, Deployment Plan is set to Resource Group - Two, and the paired region of East US is West US, then the first resource group will be deployed to the East US region, and the second resource group will be deployed to the paired region of East us, that is West US.

    • Attendee Lab Cost Limit:

    • Attendee Duration Limit(in Mins):

    • Excluding Output Parameters: Here, you specify values that are included in the ARM template outputs but want to exclude them from appearing in the parameters after creating a lab deployment. For instance, the values related to the trainer's username and password.

    • User Lab Experience Types: This feature is particularly useful when you have Databricks workspaces deployed within your lab environment. This contains 2 options, namely RDP over HTTP and Integrated Databricks Workspace (IFrame Concept). You can select them if you want to enable the functionality to switch the experience from a Virtual Machine to the Databricks cluster over HTTP in your lab environment.

    • Control Panel Resources: Here, you can specify which resources you want to be visible and controlled from the Control Panel on the CloudLabs Admin Portal. The current options available to configure are Virtual Machine, SQL Data Warehouse, and Azure DevTest Labs. Once selected, you can perform operations like start, stop, restart, etc. directly from the Control Panel on the CloudLabs Admin Portal.

    C. In the last section, we will learn about the features that can be enabled:

    • Create Service Principal: This feature is used to create a Service Principal as a part of pre-requisites. On the checking this box, a Service Principal will automatically get created in the user environment. On checking Create Service Principal box, two more features will appear on the page as given below:

      • Send Service Principal: The details of the Service Principal, such as Application ID, Application secret key, subscription ID, Tenant ID, and Tenant domain, will be exposed to users in the lab details page.

      • Is Service Principal Dependent: Enable this check box if you need to use the SPN in your pre-requisite configuration OR if any pre-requisite resources require the SPN during deployment.

    • Allow Global Admin Privilege: Check the box if you want to assign Global Admin Privileges to the users.

      • Users that hold this role have access to all Azure Active Directory administration functions as well as services that use Azure Active Directory identities like Microsoft 365 security center, SharePoint Online, and much more.

      • Global Administrators also have the authority to manage all Azure subscriptions and management groups by elevating their access.

      • Using the corresponding Microsoft Entra ID Tenant, Global Administrators can have complete access to all Azure resources.

    • Enable Lab Validation: Lab validation enables you to check whether lab tasks are completed appropriately. In case the user had issues performing the lab, that can be checked under validations.

    • Enable Leaderboard: If desired, a leaderboard can be utilized to track a user's score based on their performance as measured by Lab validation.

    • Enable Custom RG Name: Checking this box will create resource groups with custom-suffix as its name. [Once the RG is deployed, it will have -RG as the suffix.

      For example: You provide a name say Demo. So in your environment, the Resource Group name will be Demo-RG. ]

    • Enable VM Access Over HTTP: This option allows you to access the virtual machine through a web browser. If the Microsoft RDP client does not allow you to connect to the VM, here is another method is to connect to the VM via a browser. After enabling this functionality, we must complete further setups in order to set up RDP over HTTPS access, which we will cover in Virtual Machine Configuration. For mor details, refer to Enable RDP/SSH over HTTPS.

    • Enable VM Shadow: COVID-19 has changed the way training and workshops are conducted. Virtual workshops are the new normal in the learning industry now. Shadow feature allows instructors to shadow the user's environment/VMs (virtual machines) and provide support in real time.

      • Shadow student’s lab environment

      • Provide Support in real time

      • Observe progress

      • Collaboration

    • Dynamic RGs Available: Check the box in order if you want CloudLabs to fetch Dynamic Resource Groups created by the deployments in your lab just for internal tracking.

    • Delete Deployment Info After Success: Check the box if you wish to clean up the deployment history from the Azure portal. Deleting this won't affect the deployed resources.

    • Any Post-Manual Steps Required: There are some steps that cannot be automated as part of a lab's prerequisites, therefore you may have to do them manually. This feature serves as a reminder to you that there are manual actions that must be completed after your lab's automated deployment is complete.

    • Any Pre-Manual Steps Required: We may need to create VM Images or Snapshots in some scenarios because some VM customization is not feasible with the ARM template's custom script extensions. There are various requirements for using VM images or snapshots, such as having the images available in the expected regions and subscriptions taht we are using for a lab.

      We will ensure that the Images are available in the required regions and subscriptions as a pre-manual step.

    • Enable Optimize Disk Cost: This feature helps in optmizing the virtual machine's disk cost in your lab environment. Once checked you will providing the related Virtual Machine name whose disk cost needs to be optimized. If you have attached a Premium disk to your virtual machine, CloudLabs will replace the disk with more economical disk like Standard HDD when the VM is shut down, and replaces it back to the Premium disk when it is restarted without any data loss. This way, it helps avoiding a higher cloud bill when the resource is not being used.

    • Show Resources Tab: If checked, users will be able to see the tab named Resources in their lab environment, from where they can perform some resource operations like starting a VM, stopping a VM, etc.

    • Install VM Agent for Idle Detection: Check this if you want to configure the VM Idle Timeout feature for your lab, which includes turning your VM off automatically when it is not in use to help you avoid unnecessary cloud bills. When checked, CloudLabs will install the required VM agent for detecting the idle state in your virtual machine.

    • Enable Lab Preview: If checked, this feature allows attendees to get insights about the lab's content before launching any lab environment. For more details, refer to Lab Preview

    • Pre-deployment allocation of CloudLabs Licenses: When checked, the CloudLabs licenses will be allocated to your deployments even before the user registers for it. If not checked, the CloudLabs license allocation will only happen to the deployments when some user registers for it.

    • Enable User-Specific Deployments for Hackathon: If checked, you will be able to deploy the resource groups and/or the resources present inside it to each user in the group separately. You will be able to do so by checking the checkbox named Group Member in the ARM Template settings. If not checked, all the resource groups and/or the resources present inside it will be shared to all the users within a group as there will be no Group Member checkbox in the ARM Template settings.

    1. At last, click on the SUBMIT button to save all the configurations. Once you've submitted the template, you'll be directed to the main Template page where the template you created will be listed as shown in the image below.

    1. Now you have to reopen the template to configure other available functionalities, so click on the Edit button.

    2. Here you will have access to the following functionalities to fully configure a CloudLabs Template:

    • ARM Template

    • Template Permissions

    • Custom Handlers

    • MS Cloud Licenses

    • Deployment Script Repository

    • Virtual Machine Configuration

    • Course Details

    • Template Audit

    1. Now we'll have a look at each of the features to understand how they work.

    ARM Template

    As the name suggests, you will provide the ARM template files here to provision your lab environment.

    • ARM template file: The ARM Template is a JavaScript Object Notation (JSON) file that outlines your project's infrastructure and settings. The resources required for deployment as well as their properties must be specified in the template.

      An ARM Template has the following sections:

      •  Parameters - In the parameters section of the template, you specify which values you can input when deploying the resources.

      •  Variables - In the variables section, you construct values that can be used throughout your template. You don't need to define variables, but they often simplify your template by reducing complex expressions.

      •  Resources - In the resources section, you define the resources that are deployed.

      •  Outputs - In the outputs section, you specify values that are returned from deployment. Typically, you return values from resources that were deployed.

    For your reference, here is an ARM Template sample: https://cloudlabsai.blob.core.windows.net/sample-templates/deploy-arm-01.json

    • Parameter file: Rather than passing parameters as inline values in your ARM Template, you can use a JSON file that contains the parameter values. The parameter names in your parameter and template files The parameter names in your parameter file must match.

    Both files can be stored in Azure Blob Storage from where you can have the URL of the stored file that can be accessible.....

    For your reference, here is a Parameter file sample: https://cloudlabsai.blob.core.windows.net/sample-templates/deploy-parameters-01.json

    To learn more about ARM Template, check Create and deploy your first ARM template.

    Take the steps below to get started:

    1. Click on the + ADD button.

    2. Fill up the below-given sections:

    • Resource Group: Select a resource group from the drop-down.

    • Custom Suffix: This option will be available only if you select the Enable Custom RG Name box that was mentioned in the previous section. Here you can give a custom name to your Resource Group.

    • ARM Template URL: Add the ARM Template file URL here.

    • Parameter Template URL: Add the Parameter file URL here.

    • Group Member: Check this box if you want the resource group and/or the resources present inside it to be deployed for each user separately. If not checked, all the users will share the resource group and/or the resources deployed through the ARM template. This feature is only available if you have checked the Enable User Specific Deployments for Hackathon checkbox previously.

    • Click on SUBMIT to save the configurations.

    TEMPLATE PERMISSIONS

    To provide access at a certain scope, such as resource group and subscription, you assign roles to users, groups, and service principals. Template permissions allow you to control who has access to Azure resources, along with what they can do with them and what areas they may access.

    Here are some examples of what you can do with Template permissions:

    1. Allow one user to create/manage Azure resources in a particular Resource Group by assigning them a Contributor role on the resource group.

    2. Allow users to view all resources in a subscription, but do not allow them to make any changes by assigning them a Reader role on the subscription level.

    3. Allow a specific size of the virtual machine and restrict all other sizes.

    4. Allow users to create only a storage account and a Linux Virtual Machine.

    Now we will learn how to assign permissions on the CloudLabs Template.

    1. Click on the + ADD button.

    Note: If you have pre-deployed ODLs. Click here to view the steps on how to apply these permissions.

    1. Now fill up the following sections:

    • Permission Type: Here we have three types of Permissions -

      • Azure Built-in Role: Roles that are available in Azure itself.

      • Azure Custom Role: If the Azure built-in roles don't meet the specific needs of your lab, you can create your custom roles.

      • Custom ARM Policy: Restricts a user by scaling the compliance of Azure resources.

    1. All further configurations are based on the permission type you select. To make it easier for you to understand how each permission type works, we have divided them into three cases:

    Case 1: If you select Azure Built-in Role, then you will have the following configurations available:

    • Profile Type: Here we have three types of Profiles:

      • Attendee: Select this option if you want to assign permission to a User.

      • Instructor: Select this option if you want to assign permission to an Instructor/Mentor/Proctor.

      • Group Member: Select this option if you want to assign permission to a user who is an Azure Active Directory Group Member.

    • Identity: Select AAD User from the drop-down.

    • Scope Type: Select Azure from the drop-down.

    • Scope Level: With Azure Built-in Role selected as permission type, you can specify a scope at the resource group level.

    • Permission: Here we have four permissions available, they are:

      • Reader: You can view all resources but you are not allowed to make any changes in the resource group.

      • Contributor: Allows you to manage all resources in the resource group, however, you can't assign roles in Azure RBAC.

      • Owner: Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.

      • Storage Blob Data Owner: Provides full access to Azure Storage blob containers and data.

    • Launch Type: We have two options available here, they define when should the restriction be applied.

      • Apply at Launch: This will apply for the role before starting the deployment of the lab.

      • Apply Manually: Here, you have to apply for the role manually, it won't get assigned automatically.

    • At last, click on the SUBMIT button to save it.

    Case 2: If you select Azure Custom Role, then you will have the following configurations available:

    • Profile Type: Here we have three types of Profiles:

      • Attendee: Select this option if you want to assign permission to a User.

      • Instructor: Select this option if you want to assign permission to an Instructor/Mentor/Proctor.

      • Group Member: Select this option if you want to assign permission to a user who is an Azure Active Directory Group Member.

    • Identity: Select AAD User from the drop-down.

    • Scope Type: Select Azure from the drop-down.

    • Scope Level: With Azure Built-in Role selected as permission type, you can specify a scope at the resource group level.

    • Permission Data:

    • Launch Type: We have two options available here, they define when should the restriction be applied.

      • Apply at Launch: This will apply for the role before starting the deployment of the lab.

      • Apply Manually: Here, you have to apply for the role manually, it won't get assigned automatically.

    • At last, click on the SUBMIT button to save it.

    Case 3: If you select Custom ARM Policy, then you will have the following configurations available:

    • Scope Type: Select Azure from the drop-down.

    • Scope Level: With Azure Built-in Role selected as permission type, you can specify a scope at the subscription as well as resource group level.

    • Permission Data:

    • Launch Type: We have two options available here, they define when should the restriction be applied.

      • Apply at Launch: This will apply for the role before starting the deployment of the lab.

      • Apply Manually: Here, you have to apply for the role manually, it won't get assigned automatically.

    • At last, click on the SUBMIT button to save it.

    MS CLOUD LICENSES

    There are some conditions that must be met before a user can access Microsoft products. To fulfill those conditions, we have Microsoft licenses to provide software services and hosted applications for the users performing your lab.

    This function grants you access to a variety of Microsoft licenses which include Power BI Pro, Office 365 Business Essentials, Azure Active Directory Premium P1, and much more. Some of those are shown in the image below:

    Now we have a set of instructions listed below that will show you how to add a License:

    1. Click on the + ADD button.

    1. Perform the following steps to pick a license:

    • MS Cloud License: Select the required license from drop-down.

    • Click on SUBMIT to save the configurations.

    DEPLOYMENT SCRIPT REPOSITORY

    This feature allows you to run any or multiple PowerShell scripts which can be utilized for automation in different scenarios like creation of any kind of Azure resources, Microsoft Entra ID objects, deletion of resources etc. You can also choose to run the script at different instances of your choice, like creation of a new deployment, success of a new deployment and more.

    Follow the below steps to get started:

    1. Click on the + ADD button.

    1. Under Add Deployment Script, add the following values:

    • Type: PowerShellV2

    • Name: Provide a name for your deployment script.

    • Script: Here, provide the PowerShell script you created which performs certain actions in your lab. Note that you don't need to configure the authorisation code block in your script as CloudLabs does that for you!

    • Parameters: Here, you can add the custom parameters you have used in your script (if any). To do so, select ADD+ and provide the Name and Value of the parameters in the respective fields. The value you provide in the Value field will be passed to the parameter you have set, which can then be used by the deployment script.

    • Run: Choose Per User to run the script for every user of your lab environment specifically.

    • Run As: You can run the deployment script either using the CloudLabs or any service principal you create. Select System to run the script through CloudLabs, or select AAD Service Principal if you want to run the script through other service principal, conditionally it has the authorization to do so.

    • Run On: Here, you can choose when to run your script. You are provided with the following options, each running your script differently:

      • Deployment Initiation: This will run the script as soon as the deployment starts. You can choose this if your script doesn't have any dependencies on any of the resources deployed using ARM template.

      • Deployment Success: This will run the script only after the deployment is succeeded. Choose this option if you have any kinds of dependencies on any resource(s) deployed through the ARM template, which requires your ARM template to be deployed before the script runs.

      • Manual Run: This will not run the script automatically anytime during the complete deployment. You will only be able to run the script manually using the Run button on the CloudLabs Admin Portal whenever you want.

      • Deployment Deletion: This will run the script only after the deployment is deleted.

    VIRTUAL MACHINE CONFIGURATION

    This feature allows you to configure your host virtual machine and complete the setup for RDP over HTTPS access. As we stated earlier, once your lab is ready, the environment you receive will include a VM on the left side of the browser and the Lab Guide on the right.

    Therefore, by providing the required configuration here, it will reflect your host VM in your lab environment.

    Take the steps below to get started:

    1. Click on the + ADD button.

    1. Under Add VM Configuration, add the following values:

    • Name: In this column, you must enter the exact name of the VM that you supplied in your ARM Template.

    • Type: Here you have to choose the type of your virtual machine. There are two options available - RDP and SSH, so choose one based on the type of your VM.

    • Server DNS Name: From your ARM Template, pick up the output parameter that has the VM DNS name stored in it and paste it into this field.

    • Server User Name: From your ARM Template, pick up the output parameter that has the VM Username stored in it and paste it into this field.

    • Server Password: From your ARM Template, pick up the output parameter that has the VM Password stored in it and paste it into this field.

    • Server Domain:

    • Server Layout:

    • Enable Hyper-V Guest VMs over HTTPS: If this lab is based on the Hyper-V and you required to access the Hyper-V Guest VMs over HTTPS (from browser) just like Main Host VM then only mark this flag as enabled.

    • Is Default VM: If there are more than one VM Configurations in your CloudLabs template, then you can check this box for the VM you want users to navigate to by default as soon as the lab launches. The users will always be able to switch to different VM(s) using a drop-down present on the top-right on their lab.

    • Enable Audio Input: Check this flag to enable audio input for the virtual machine. It is an Accessibility feature whch reads out the contents of the screen aloud for those with visual impairment.

    • Instructor Username: From your ARM Template, pick up the output parameter that has the Instructor Username stored in it and paste it into this field. It will be used in setting up the CloudLabs VM Shadow connection.

    • Instructor Password: From your ARM Template, pick up the output parameter that has the Instructor Password stored in it and paste it into this field. It will be used in setting up the CloudLabs VM Shadow connection.

    • At last, click on SUBMIT to save the configurations.

    For more details, refer to Enable RDP/SSH over HTTPS.

    Course Details

    This section allows you to configure PowerShell based Validations for your labs. Validations are used by CloudLabs to enable Instructors to verify whether the students/attendees have done their labs in the way they are expected to.CloudLabs currently enables Admins to author custom PowerShell validations based on Azure and AWS. In addition to Cloud specific PowerShell commands, you can utilize the capabilities of PowerShell to call APIs to author even more specific validation commands. For further details, refer to PowerShell Based Validations.

    Best Practices: Adding Azure Templates

    1. While selecting the Subscription Type, first analyze your lab requirements and then proceed forward. If the users only need access at the RG level, then go with the Shared Subscription type, if the users need access at the subscription level, then go with the Dedicated Subscription type and if the users need access at the tenant level then go with the Dedicated Tenant type.

    2. It is recommended that you provide the Description at the template level, so that whenever you create multiple ODLs from the same template, you do not need to add a description at each ODL level as it is automatically fetched from the template and displayed to the users.

    3. Add Owner Email to identify the person responsible for building the template, so that whenever there is an issue with the template configurations or while accessing the lab environment, you can reach out to the template owner.

    4. Usage Policy URL and GitHub Mater Document URL must be in JSON format.

    5. Make sure to follow the below format while creating a GitHub Master Document:

      • Name: Here you must provide a name for your Lab.

      • Language: English

      • Files: In this section, we provide the Raw File Path and Order of the file lab guide that should be available in GitHub.

        • Raw File Path: This is the raw URL of the pages in your lab guide.

        • Order: Defines the sequence of the pages in your lab guide such as what all should come first and so on.

    6. Choose one or more Azure regions where you want to have the Azure resource deployments to avoid any service/SKU quota issues. In case your lab requires to use Azure images, it is recommended that you deploy the VM in the same Azure region and use the nearest region to avoid latency.

    7. It is required to complete the setup to allow users to access the VM over HTTPS (over the web) automatically which means CloudLabs will automatically take the VM inputs like: VM DNS Name, VM Admin Username, and VM Password from this VM configuration and will not ask users to enter these details manually and give a smooth experience to the users. This feature only works if you enable the VM Access Over Https.

    8. The Enable VM Shadow feature also allows the instructors to shadow the user's environment / VMs (virtual machines) virtually and provide support in real time without disturbing the user’s environment. This feature only works if you enable the VM Access Over HTTP.

    9. While adding the ARM template, always name the files as [template_file_name].json and [parameter_file_name].parameters.json. Both the files can be stored in Azure Blob Storage from where you can have the URL of the stored file that can be accessible. For example,

      • Template file: deploy-01.json

      • Parameter file: deploy-01.parameters.json

    10. While developing a new lab (dev - phase), you can grant the Owner for the user, so that there are no conflicts/errors while deploying any kind of resources and once the lab development is completed. The custom policy must only have the permissions over the resources needed to complete the lab so that the users cannot deploy anything besides the lab guide. Following this practice eliminates any misuse/abuse of the Azure resources by the users and is cost-effective.

    11. If a lab requires any kind of Microsoft License, then you can add the available licenses from the drop-down menu under the MS CLOUD LICENSES section. This feature grants you access to a variety of Microsoft licenses which include Power BI Pro, Office 365 Business Essentials, Azure Active Directory Premium P1, and many more.

    What's Next