CloudWiki
Resource

Image

Microsoft Azure
Compute
An Azure Image is a pre-configured virtual hard disk (VHD) that can be used to create new virtual machines (VMs). It is essentially a template that contains a customized operating system image, application software, and other configurations that are specific to an organization's needs. Azure Images can be used to simplify the deployment process of virtual machines, especially when creating multiple VMs with similar configurations. Users can create a custom image with their preferred configurations and software installed, and then use that image to create new VMs with the same configuration. This saves time and effort, and helps to ensure consistency across multiple VMs. Azure Images can also be shared across different Azure subscriptions and regions, allowing users to deploy the same custom images in multiple locations. This can be useful for organizations with multiple departments or teams that need to use the same software and configuration.‍
Terraform Name
terraform
azurerm_image
Image
attributes:

The following arguments are supported:

  • name - (Required) Specifies the name of the image. Changing this forces a new resource to be created.
  • resource_group_name - (Required) The name of the resource group in which to create. Changing this forces a new resource to be created. the image. Changing this forces a new resource to be created.
  • location - (Required) Specified the supported Azure location where the resource exists. Changing this forces a new resource to be created. Changing this forces a new resource to be created.
  • source_virtual_machine_id - (Optional) The Virtual Machine ID from which to create the image.
  • os_disk - (Optional) One or more os_disk elements as defined below. Changing this forces a new resource to be created.
  • data_disk - (Optional) One or more data_disk elements as defined below.
  • tags - (Optional) A mapping of tags to assign to the resource.
  • zone_resilient - (Optional) Is zone resiliency enabled? Defaults to false. Changing this forces a new resource to be created.
  • hyper_v_generation - (Optional) The HyperVGenerationType of the VirtualMachine created from the image as V1, V2. The default is V1. Changing this forces a new resource to be created.

Note:

zone_resilient can only be set to true if the image is stored in a region that supports availability zones.

The os_disk block supports the following:

  • os_type - (Optional) Specifies the type of operating system contained in the virtual machine image. Possible values are: Windows or Linux.
  • os_state - (Optional) Specifies the state of the operating system contained in the blob. Currently, the only value is Generalized. Possible values are Generalized and Specialized.
  • managed_disk_id - (Optional) Specifies the ID of the managed disk resource that you want to use to create the image.
  • blob_uri - (Optional) Specifies the URI in Azure storage of the blob that you want to use to create the image. Changing this forces a new resource to be created.
  • caching - (Optional) Specifies the caching mode as ReadWrite, ReadOnly, or None. The default is None.
  • size_gb - (Optional) Specifies the size of the image to be created. The target size can't be smaller than the source size.

The data_disk block supports the following:

  • lun - (Optional) Specifies the logical unit number of the data disk.
  • managed_disk_id - (Optional) Specifies the ID of the managed disk resource that you want to use to create the image. Changing this forces a new resource to be created.
  • blob_uri - (Optional) Specifies the URI in Azure storage of the blob that you want to use to create the image.
  • caching - (Optional) Specifies the caching mode as ReadWrite, ReadOnly, or None. The default is None.
  • size_gb - (Optional) Specifies the size of the image to be created. The target size can't be smaller than the source size.

Associating resources with a
Image
Resources do not "belong" to a
Image
Rather, one or more Security Groups are associated to a resource.
Create
Image
via Terraform:
The following HCL manages a custom virtual machine image that can be used to create virtual machines
Syntax:

resource "azurerm_resource_group" "example" {
 name     = "example-resources"
 location = "West Europe"
}

resource "azurerm_network_interface" "example" {
 name                = "test-nic"
 location            = azurerm_resource_group.example.location
 resource_group_name = azurerm_resource_group.example.name

 ip_configuration {
   name                          = "testconfiguration1"
   private_ip_address_allocation = "Static"
 }
}

resource "azurerm_virtual_machine" "example" {
 name                  = "acctestvm"
 location              = azurerm_resource_group.example.location
 resource_group_name   = azurerm_resource_group.example.name
 network_interface_ids = [azurerm_network_interface.example.id]
 vm_size               = "Standard_D1_v2"

 storage_os_disk {
   name          = "myosdisk1"
   create_option = "FromImage"
 }
}

resource "azurerm_image" "example" {
 name                = "acctest"
 location            = azurerm_resource_group.example.location
 resource_group_name = azurerm_resource_group.example.name

 os_disk {
   os_type  = "Linux"
   os_state = "Generalized"
   blob_uri = azurerm_virtual_machine.example.storage_os_disk[0].vhd_uri
   size_gb  = 30
 }
}

Create
Image
via CLI:
Parameters:

az image create --name
               --resource-group
               --source
               [--data-disk-caching {None, ReadOnly, ReadWrite}]
               [--data-disk-sources]
               [--edge-zone]
               [--hyper-v-generation {V1, V2}]
               [--location]
               [--os-disk-caching {None, ReadOnly, ReadWrite}]
               [--os-type {Linux, Windows}]
               [--storage-sku {PremiumV2_LRS, Premium_LRS, Premium_ZRS, StandardSSD_LRS, StandardSSD_ZRS, Standard_LRS, UltraSSD_LRS}]
               [--tags]
               [--zone-resilient {false, true}]

Example:

az image create -g MyResourceGroup -n image1 --os-type Linux \
   --source /subscriptions/db5eb68e-73e2-4fa8-b18a-0123456789999/resourceGroups/rg1/providers/Microsoft.Compute/snapshots/s1

aws cost
Costs
Direct Cost
Indirect Cost
No items found.
Best Practices for
Image

Categorized by Availability, Security & Compliance and Cost

High
AWS DynamoDB Table Export
No items found.
Medium
AWS EC2 VM Export Failure
No items found.
High
AWS IAM Activity Using S3 Browser Utility
No items found.
Medium
AWS IAM User Created Access Keys
No items found.
High
AWS RDS Snapshot Export to S3
No items found.
Low
Access allowed from VPN
No items found.
Low
Auto Scaling Group not in use
No items found.
Low
Azure AD Privileged Role Changes
No items found.
High
Azure/EntraID: Reset password for Global Admin user
No items found.
Medium
Connections towards DynamoDB should be via VPC endpoints
No items found.
High
Container Escape Detection
No items found.
Medium
Container in CrashLoopBackOff state
No items found.
Low
EC2 with GPU capabilities
No items found.
Medium
EC2 with high privileged policies
No items found.
Medium
ECS cluster delete alarm
No items found.
Critical
ECS task with Admin access (*:*)
Medium
ECS task with high privileged policies
No items found.
Critical
EKS cluster delete alarm
No items found.
Medium
ElastiCache cluster delete alarm
No items found.
Medium
Ensure Container liveness probe is configured
No items found.
Medium
Ensure ECS task definition has memory limit
No items found.
Critical
Ensure EMR cluster master nodes are not publicly accessible
No items found.
More from
Microsoft Azure