Azure Virtual Desktop - Terraform - Create Host Pools, Desktop Application Pools, and Workspaces for Clustered Remote Applications (aka Published Applications) (Part 3) (2023)

In a previous blog post, we discussed using Terraform to create individual desktops (1 x 1 map) and clustered desktops (1 x many).Azure Virtual Desktop: Terraform - Create Host Pools, Desktop Application Pools, and Personal Desktop Workspaces (Part 1) | Ask AresyesAzure Virtual Desktop: Terraform - Create Host Pools, Desktop Application Pools, and Workspaces for Centralized Desktops (Part 2).In this series of blog posts, I will show how to use Terraform to create AVD host pools, application pools, and workspaces for cluster remote applications (also known as published (1xMany) applications).

We will use Terraform to create the following three types of configurations:

• Azure Virtual Desktop - Personal Desktop (1×1) - Part 1
• Azure Virtual Desktop - Pooled Desktops (Multi-session Full Desktop Experience) - Part 2
• Azure Virtual Desktop - Remote Applications (Multi-session applications, also known as published applications), Part 3

use– We created Pooled RemoteApp in this article, other types will be created in next article. In this article, I won't show the case of creating master and secret services, see Part 1 for this activity.

previous request

The following are prerequisites before starting

• Azure Subscription
• CLI de Terraform
• Azure CLI
• emptyUsing Terraform with your Azure subscription

Terraform: Authentication via service principal and secret client

Before we run any Terraform code, we'll run the following powershell (make sure you're running as administrator) and save the credentials as environment variables. If we do this through environment variables, there is no need to store the following information in the provider.tf file. In a future blog post, there are better ways to store the following details, and I look forward to showing them:

# PowerShell$env:ARM_CLIENT_ID = "9e453b62-0000-0000-0000-00000006e1ac"$env:ARM_CLIENT_SECRET = "Z318Q~000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000$ M_TENANT_ID = " a02e602c-0000-000-0000-0e0000008bba61"$env:ARM _SUBSCRIPTION_ID = " 7b051460-00000 -00000-00000-000000ecb1"

• Azure Subscription ID: Azure Portal Subscription Copy Azure Subscription ID.
• Customer ID: You will get the details from the previous step
• Client Secret - In the previous step you will get the details
• Tenant ID – you will get details when you create a company application in ADD

Terraform folder structure

Here is the folder structure for the terraform code:

Azure Remote Cluster Virtual Desktop Application– Create a directory to publish the following Terraform code (providers.tf, main.tf, variables.tf, and output.tf)

+---Configuration-AVD-Pooled-RemoteApp| |Mr.tf| |Salida.tf||Vendor.tf||Variables.tf

AVD Configuration - Pooled RemoteApp - Providers.tf

Create a file called providers.tf and insert the following code:

terraform { require_providers { azurerm = { source = "hashicorp/azurerm" version = "3.49.0" } azuread = { source = "hashicorp/azureread" } }}provider "azurerm" { attributes {}}

AVD Configuration - Pooled RemoteApp - main.tf

Create a file called main.tf and insert the following code. Let me explain what we are trying to achieve here:

• Create a resource group
• create workspace
• Create a host group
• Create a Remote Application Group (RAG)
• Partner Workplace and RAG
• Map an Azure AD group to a desktop application group (RAG)
• Map Azure AD group to RBAC resource group for Session Host (VM user login)

# El nombre del grupo de recursos se genera cuando se aplica el plan de ejecución.resource "azurerm_resource_group" "rg" { name = var.rg_name location = var.resource_group_location tags = var.tags}# 创建 AVD workspaceresource "azurerm_workspace_de" " { name = var .workspace resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location friendly_name = "${var.prefix} Workspace" description = "${var.prefix} Workspace" tags = var.tags}# 创建 AVD主机池资源“ azurerm_virtual_desktop_host_pool” “hostpool” { resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location name = var.hostpool friendly_name] #hostpool = var.hostpool truev custom_rdp_properties = "targetisaadjoin :i:1; drivestoredirect:s:*;modo de audio:i:0;modo de reproduction de video:i:1;redirectionar portapapeles:i:1;redirectionar impresoras:i:1;devicestoredirect:s:*;redirectionarcomports :i:1; redirecciontarjetas inteligentes:i:1;usbdevicestoredirect: s:*;enablecredsspsupport:i:1;redirectwebauthn:i:1;use multimon:i:1;enablerdsaadauth:i:1;" description = "${var.prefix} HostPool" type = "Pooled" #[Pooled o Personal] preference_app_group_type = "RailApplications" #[Desktop o RailApplications] maximum_sessions_allowed = 5 #[Tweak basado en el tamaño de su camiseta_balancerm] "DepthFirst " #[BreadthFirst o DepthFirst] etiquetas = var.tagsscheduled_agent_updates { habilitado = verdadera zona horaria = "AUS Eastern Standard Time" # Actualice este valor con el horario de zona horaria que desee "Sála_mana_" [ 1 aquí significa 1:00 AM] }}}resource "azurerm_virtual_desktop_host_pool_registration_info" "registrationinfo" { hostpool_id = azurerm_virtual_desktop_host_pool.hostpool.id expiration_date = var.rfual}Durazreat3 top_application_group" "rag" {resource_group_name = azurerm_resource _group.rg。名称 host_pool_id = azurerm_virtual_desktop_host_pool.hostpool。 id ubicación = azurerm_resource_group.rg.tipo de ubicación = "RemoteApp" nombre = var.app_group_name friendly_name = "RemoteApp AppGroup" descripción = "${var.prefix} grupo de applicacionet_oppualz AVD pool.hostpool, azurerm_virtual_desktop_workspace.workspace ] etiquetas =变种。 tags}# Asociar espacio de trabajo y DAGresource "azurerm_virtual_desktop_workspace_application_group_association" "ws-dag" { application_group_id = azurerm_virtual_desktop_application_group.ragidwork.idworkspace_desktop_workspace_application_group_ id}# 从 AAD 到远程应用程序组 (RAG) 迭代的组分配 "azurerm _role _asignación" "AVDGroupRemoteAppAssignment" { scope = azurerm_virtual_desktop_application_group.rag.id role_definition_name = "usuario de virtualización de escritorio.azupignedGroid" principal_virtual_desktop_application_group.rag.id role_definition_name = "Usuario de virtualización de escritorio.azupignogrid}data.azupigneD_id}: o AAD al gr Upo de recursos para RBAC para el host de sessionresource “azurerm_role_assignment” “RBAAssignment” { scope = azurerm_resource_group.rg.id role_definition_name = “Inicio de sesión de usuario de usuario de máquina virtual” principal_id = data.azuread_group.AVD_Group。

use– Individual applications have not yet been published. Once you create session hosts, they can be published. Later, using Terraform, it is also possible to publish individual applications. The application exe path must be assigned to the operating system. I plan to create a separate blog post on how to create session hosts through Terraform.

AVD Configuration - Pooled RemoteApp - variables.tf

Create a file called variables.tf and insert the following code:

variable "resource_group_location" { default = "australiaeast" description = "Resource Group Location - Australia East"} variable "rg_name" { type = string default = "AE-DEV-AVD-01-PO-A-RG" description = " Name used to deploy the service object to "}variable "workspace" {type=string description="Name of the Azure Virtual Desktop Workspace" default="AE-DEV-AVD-01-WS"}variable "hostpool"{type=string description = "Azure Virtual Desktop Host Group Name" default = "AE-DEV-AVD-01-PO-A-HP"}variable "app_group_name" { description = "Name Azure Virtual Desktop group application" type = string default = "AE -DEV-AVD-01-RAG"} variable "rfc3339" { type = string default = "2023-05-20T12:43:13Z" #Update this value with a future date description = "Registration Token Expiration"} variable " prefix " { type = string default = "AE-DEV-AVD-01-HP-" description = "AVD host pool name prefix" } variable "label" { type = map(string) default = {environment = "development" Department = "IT" Location = "AustraliaEast" ServiceClass = "DEV" Workload = "Host Pool 01" }}data "azuread_client_config" "AzureAD" {}data "azuread_group" "AVDGroup" { display_name = "Win365 Users" }

AVD Configuration - Pooled RemoteApp - output.tf

Create a file called output.tf and insert the following code. This will display the output being developed to the console.

output "azure_virtual_desktop_compute_resource_group" { description = "会话主机开发资源池的名称" value = azurerm_resource_group.rg.name} output "azure_virtual_desktop_host_pool" { description = "Azure hosttophostpoolrm 的名称" ol.hostpool .name}output "azurerm_virtual_desktop_application_group " { description = "Azure Virtual Desktop Name DAG" value = azurerm_virtual_desktop_application_group.rag.name}output "azurerm_virtual_desktop_workspace" { description = "Azure Virtual Desktop namespace ace.workspace.name }output "location" { description = "Azure region" value = azurerm_resource_group. rg.location}data "azuread_group" "aad_group" { display_name = "Win365-Users"}output "AVD_user_groupname" { description = "Azure Active Directory Group for AVD Users Value = data .azuread_group.aad_group.display_name}

Start Terraform - AVD - Bundled RemoteApp

Run terraform init to initialize the Terraform implementation. This command downloads the Azure providers required to manage Azure resources. (Pull AzureRM and AzureAD)

Initialize terrain - update

Create Terraform Execution Plan - AVD - Bundled RemoteApp

Run a partition plan to create an execution plan.

terrain-plan-out mainavdremoteapp.tfplan

Implementing Terraform Execution Plan – AVD – Bundled RemoteApp

Run Terraform applications to apply execution plans to your cloud infrastructure.

terraform application mainavdremoteapp.tfplan

Verify the output in the Azure portal

Go to the Azure portal, select Azure Virtual Desktop, and then select Managed Pools, Application Pools, and Workspaces created with Terraform.

Clean up old resources (optional)

If you want to remove all previous resources, you can use the following command to destroy them. Execute the renovation plan and set the break flag.

terraform plan -destroy -out mainavdremoteapp.destroy.tfplan

Terraform execution application for executing execution plans.

terraform application mainavdremoteapp.destroy.tfplan

quick start link

The goal here is to get you up and running with Terraform on Azure Virtual Desktop Solution:

I hope you found this information useful to get started with Terraform for Azure Virtual Desktop - Clustered Remote App deployment. If I've missed any steps or details please let me know and I'll be happy to update the post.

Thanks,
you are sakari

Tag:AVD,blue,Azure Virtual Desktop,Hash Company,International Exchange Association,Microsoft,power shell,Terraformar