Configuring an Azure VM using PowerShell DSC

PowerShell Team

Update 8/7/2014: We just published the Azure PowerShell DSC Extension, which simplifies the configuration of Azure VMs with PowerShell DSC. Please refer to this blog post for more information

At the //build/ conference today, Jeffery Snover demonstrated bringing up an Azure virtual machine and configuring it using DSC and the Custom Script VM extension.  We are sharing the scripts he used to accomplish this.

These scripts present an example of how PowerShell DSC can be used with the Azure boot agent to create and automatically configure Azure VMs. In order to use these scripts you must have an active Azure account and some knowledge of the Azure PowerShell SDK. (In other words, these examples are not for the faint of heart…) 

NOTE: before adapting these scripts for your own use, you should review the scripts and make sure that you update the scripts to comply with your security patterns and practices.

This example will provision a virtual machine using your Windows Azure account. It will upload the configuration defined in myConfigScript.ps1, any modules required by that configuration, and the DscBoot.ps1 script to blobs located in your Azure storage account. Once the virtual machine has been provisioned, the Azure script handler extension will download and run DSCBoot.ps1 to enact the configuration specified in MyConfigScript.ps1.

The provided MyConfigScript.ps1 uses the OneGet package management toolkit and DSC to configure the applications installed on the VM, and sets up an IIS website. 

In order to use these scripts, you will need a few things:

1)      A Microsoft Azure account

2)      The most recent version of the Azure Powershell SDK

  1. You can install it from here
  2. Then as administrator, copy the Azure module into the common shared modules folder:

copy “C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\azure” $env:ProgramFiles\WindowsPowerShell\Modules -Recurse –force

3)      The file (attached to the blog post)

  1. Unblock the file so you are able to run the scripts contained within it.

unblock-file .\

  1. Extract the zip to a known location (ie “c:\temp\DSC”)
  2. As administrator, copy the module definitions contained within these folders into the $PSHome\Modules folder

copy .\xOneGet $env:ProgramFiles\WindowsPowerShell\Modules -Recurse

copy .\xWebAdministration $env:ProgramFiles\WindowsPowerShell\Modules -Recurse


Initial Setup

This script is dependent on several properties linked to your Azure account. You will need to obtain the values for the following variables in the config.ps1 file contained in the

  • Publish settings
  • Run the following commands to obtain information you will need to configure the scripts for your own usage.
    • Run the following command in Powershell, replacing $publishSettingsFile with the file name:

Import-Module azure; Import-AzurePublishSettingsFile -PublishSettingsFile $publishSettingsFile

    • Run the following command and note the SubscriptionName property


  • If you already have an Azure storage account you use, skip the next step.
    • Create a new Azure storage accoung by running the following command in powershell, replacing “demostorage001” with a unique identifier.

New-AzureStorageAccount -storageaccountname demostorage001 -location “West US”

  • Get secondary storage key for your storage account.
    • Run the following command in powershell, replacing “demostorage001” with your storage account name:

Get-AzureStorageKey demostorage001

(Storage account names can only contain lowercase letters, numbers or “-“, and must start with a letter. See Azure documentation for more details on storage account name restrictions).

  • Open config.ps1 to change the following variable assignments:
    •  Change the value of the variable below such that it points to the .publishsettings file.

$publishSettingsFile = “<your.publishsettings>

    • Change the value of the variable below to reflect the SubscriptionName property

$subscriptionName = “”

    • Change the two variable assignments below to reflect your storage account and key.

$AccountName = “demostorage”

$AccountKey = “<your-account-key>”

Running the Demo

  • Ensure config.ps1 has been set up correctly as described in the previous section. In particular, the $vmName needs to be unique. $VMServiceName will throw an error if it is not unique, but can continue regardless:

$vmName = “<myUserid-machineName-01>”

$VMServiceName = “<myUserid-serviceName-01>”

  • Open the demo.ps1 file and follow through the steps it contains to see how the VM is created and configured. Be sure to create your own username/password for the VM.
    • Connect to the Azure Management Portal  and select the Virtual Machines slice
    • Find the VM you created by name and wait for the VM to be in “Ready OR Stopped” mode
    • Connect on to the VM with the credentials you created in demo.ps1
  • On the target VM, verify that the configuration has been properly applied. Check that
    • that the Chrome, FireFox and Opera web browsers have been installed
    • that the vim and sysinternals packages have been installed
    • that the Fourth Coffee website has been created.


Discussion is closed.

Feedback usabilla icon