Describe the feature end to end, including deployment scenario details under which the feature would occur.
All of the configuration scripts are located in GitHub and the endpoints are hard-coded as a URI in the code. It would be great if during the deployment, the files were uploaded to the Azure network and downloaded from there.
1) During deployment a storage account gets created. If Private Link is enabled for AVD, the storage account uses Private Link, if not, the storage account allows anonymous blob read access from the vNET where AVD is deployed.
2) All of the dependent scripts get uploaded to the storage blob and the artifacts location is stored in a variable to be used during the AVD deployment
3) During the AVD deployment at part where the Session Hosts get joined to the Host Pool and they do other configuration items, instead of pulling the configuration script from GitHub, pull the configuration script from the storage account.
Why is this feature important. Describe why this would be important for your organization and others. Would this impact similar orgs in the same way?
Security improvement. When an organization has their firewall locked down, it usually won't allow github as a place to download from. Some organizations will have to download the AVDAccelerator Repo from a middle-tier machine and then move those files to their internal network before running the bicep code and deploying to Azure.
Please provide the correlation id associated with your error or bug.
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Can you describe any alternatives that you have taken since this feature does not exist?
Currently, I had to punch a whole in the firewall for GitHub IPs to allow downloading of the AVD Accelerator configuration scripts
Describe the feature end to end, including deployment scenario details under which the feature would occur.
All of the configuration scripts are located in GitHub and the endpoints are hard-coded as a URI in the code. It would be great if during the deployment, the files were uploaded to the Azure network and downloaded from there. 1) During deployment a storage account gets created. If Private Link is enabled for AVD, the storage account uses Private Link, if not, the storage account allows anonymous blob read access from the vNET where AVD is deployed. 2) All of the dependent scripts get uploaded to the storage blob and the artifacts location is stored in a variable to be used during the AVD deployment 3) During the AVD deployment at part where the Session Hosts get joined to the Host Pool and they do other configuration items, instead of pulling the configuration script from GitHub, pull the configuration script from the storage account.
Why is this feature important. Describe why this would be important for your organization and others. Would this impact similar orgs in the same way?
Security improvement. When an organization has their firewall locked down, it usually won't allow github as a place to download from. Some organizations will have to download the AVDAccelerator Repo from a middle-tier machine and then move those files to their internal network before running the bicep code and deploying to Azure.
Please provide the correlation id associated with your error or bug.
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Can you describe any alternatives that you have taken since this feature does not exist?
Currently, I had to punch a whole in the firewall for GitHub IPs to allow downloading of the AVD Accelerator configuration scripts
Feature Implementation
No response