Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Azure DevTest Labs Reaches General Availability

In today’s Ask the Admin, I’ll take a look at what Azure DevTest Labs has to offer developers and sysadmins.

For organizations that don’t have the luxury of a private cloud, platforms like Azure allow quick and flexible deployment of test and DevOps environments. It wasn’t that many years ago that I remember deploying twelve physical servers for a development environment that needed to be procured and then configured and managed manually; all of which are time-consuming and resource intensive tasks.

Azure DevTest Labs (Image Credit: Russell Smith)

Azure DevTest Labs brings together many of Azure’s existing features, and some new ones, in a package providing self-service automation for the deployment of sandboxed test and development environments, isolating lab resources in a subscription so that access, costs and change control can be managed effectively.

Virtual machine deployment

Azure DevTest Labs utilizes Azure Resource Manager (ARM) templates to automate the deployment of virtual machines (VMs). VMs can be deployed in advance, using the latest gallery or custom image, so that they’re ready to go the next day and be claimed by a DevTest labs user. Auto start can also be set up to make sure there’s no waiting around for VMs to be started. As you configure a new VM, an ARM template is generated to represent the deployment and can later be exported and shared with other teams using a public repository.

There’s an audit log that keeps a track of lab deployment and configuration events, although currently the information there is limited. For example, it doesn’t show which user performed an action. There’s also a handy Cost by resource table showing a breakdown of the estimated lab cost by resource for the month.

Formulas and Artifacts

Formulas (reusable bases) are ARM JSON templates and are used to save you having to manually configure VMs each time using the Azure management portal. For more information on ARM templates, see “Provision a domain using a Microsoft Azure Resource Manager template” on the Petri IT Knowledgebase.

Artifacts in the default public repository (Image Credit: Russell Smith)

Artifacts allow components to be added automatically to VMs. For example, Office or the Azure PowerShell module are available in the list of default artifacts. Or you can run your own PowerShell or Chef script, and parameters can be specified. Artifacts can be used in conjunction with Formulas to provide an extra level of flexibility.

Cost thresholds and quotas

In a bid to help control costs, VMs can be set to automatically shut down at a specified time every day. There’s also the option to exclude VMs from auto shut down policy if needed. Each DevTest Lab can be configured with a monthly cost limit, and Azure will generate a warning when you’re approaching that figure. A limit can also be set for the number of VMs that each user can create, which can be overridden per user if required.

Role-Based Access Control (RBAC)

One issue I’ve found with Azure is that until now it hasn’t been possible to give users access to use and create resources, but also prevent them from accessing resources in a subscription that might not be connected to the project they’re working on.

DevTest Labs users have all rights to the Azure subscription removed, with just the ability to use resources that have been deployed in a lab. There are five roles in total to choose from, including Contributor (manage everything except user access to resources) and User Access Administrator (manage user access to resources).

Management locks

While not unique to DevTest Labs, locks allow sysadmins to apply read-only access or delete protection for all users on a particular resource or resource group (RG).

Support for containers and development tools

Labs can be provisioned from within Visual Studio. There’s also support for containers and a healthy GitHub community that provides Artifacts and ARM templates for use in DevTest Labs.

by Russell Smith
May 31, 2016

Editorial Director at Petri IT Knowledgebase. Russell has more than 20 years' experience working in IT. From small business to large government IT infrastructure projects. Russell started his writing career for Windows IT Pro magazine in the early...

Top Azure Cloud Security Controls to Understand

Oct 31, 2023
Jan 08, 2024
Making Microsoft Azure Penetration Testing Work to Combat Threats

Nov 21, 2023
Azure VMware Solution – Maximizing Security and Control with Customer-Managed Keys

Oct 3, 2023
Oct 10, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.