Image Portability for Azure
The Image Portability for Azure connector is a specialized version of the Azure Deployments connector optimized for IPS tasks in Azure. This article describes the connector configuration settings. For more information about connector configurations and how to add new ones, see Connector configurations.
Additional information about Image Portability is available on our Image Portabillity page.
Identity
Information on the Identity field can be found on our Azure page.
Location
Location is the Azure region where Azure resources created by the connector are hosted.
Virtual Machine Settings
Virtual Machine Settings are the fields used to specify where and how virtual machines are created within Azure by the connector. Refer to the following descriptions for information on each required and optional field on the connector configuration screen.
Resource Group
The Azure Resource Group in which to create the temporary virtual machines that will be used to process images. All resources related to the virtual machines will be created in this resource group.
The managed identity or registration credentials specified in the Identity section must have permission to manage the following types of resources within this resource group:
- Managed Disks
- Network Interface Cards
- Virtual Machines
- Network Security Groups (for the optional Network Isolation field)
Assigning the general Contributor role to the managed identity or registration credentials on the resource group grants the required permissions.
Virtual Network/Subnet
The Azure Virtual Network/Subnet to which to connect the virtual machine.
Note:
The identity of the connector is configured to use must have permission to connect a device to this virtual network or subnet. If the virtual network isn’t located in any of the resource groups specified in the connector configuration, then roles assigned to the managed identity or registration credentials for those resource groups won’t apply to the virtual network and a role must be assigned directly to the virtual network.
Machine Size
The Machine Size determines the compute resources allocated to the virtual machine. This field defaults to a value of Standard_D2s_v3 if a value is not provided. For more information on machine sizes, refer to Azure’s documentation.
Network Isolation (Optional)
The Network Isolation feature prevents created VMs from communicating with anything outside of the specified virtual network. This helps prevent updates from occurring for the OS and Applications within an image while the image is being prepared.
Encryption at Host (Optional)
The Encryption at Host feature ensures that all data stored on the physical host machine is encrypted using platform-managed keys before being written to disk. For more information on disk encryption, refer to Azure’s documentation.
Output Settings
Output Settings are fields to identify where and how the prepared image will be created within Azure. Refer to the following descriptions for information on each required field on the connector configuration screen.
Resource Group
This is the Resource Group that will contain the output image.
The managed identity or registration credentials specified in the Identity section must have permission to manage the following types of resources within this resource group:
- Managed Disks
- Snapshots
Assigning the general Contributor role to the managed identity or registration credentials on the resource group grants the required permissions.
Type
The Type of image to be created, either a Managed Disk or Snapshot.
Optional Settings
Optional settings that apply to all resources created with this connector configuration. Refer to the following descriptions for information on each optional field on the connector configuration screen.
Resource prefix
A prefix to prepend to the name of all resources created with this connector configuration.
Tags
The tags to apply to all resources created with this connector configuration.