Skip to content

Commit 2047307

Browse files
Merge pull request #128 from Rafi-Microsoft/psl-vmpasswordfix
fix: Set functional default VM admin password and credential params
2 parents b6e4854 + 80be276 commit 2047307

File tree

5 files changed

+32
-10
lines changed

5 files changed

+32
-10
lines changed

docs/ACCESSING_PRIVATE_RESOURCES.md

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,9 @@ azd env get-values | grep jumpVm
1818
1919
# Or in Azure Portal:
2020
# 1. Navigate to your resource group
21-
# 2. Find the VM (usually named like "vm-jump-<env>")
21+
# 2. Find the VM resource created for the jump box
2222
# 3. Click "Connect" → "Bastion"
23-
# 4. Enter the username and password (auto-generated during deployment)
23+
# 4. Enter the username and password you set via VM_ADMIN_USERNAME / VM_ADMIN_PASSWORD
2424
```
2525

2626
### 2. From Jump VM, Access Private Services
@@ -169,7 +169,13 @@ You can configure services without private endpoints by modifying individual ser
169169

170170
### Jump VM credentials unknown
171171

172-
Credentials are auto-generated during deployment. To reset:
172+
If you did not set the credentials before deployment, use the top-layer defaults or reset them:
173+
174+
- Username: `VM_ADMIN_USERNAME` environment variable, or `vmUserName` in [infra/main.bicepparam](../infra/main.bicepparam)
175+
- Default username when unset: `testvmuser`
176+
- Password: `VM_ADMIN_PASSWORD` environment variable, or `vmAdminPassword` in [infra/main.bicepparam](../infra/main.bicepparam)
177+
178+
To reset:
173179

174180
```bash
175181
az vm user update \

docs/deploy_app_from_foundry.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ Since all resources are deployed with private endpoints, you must access Microso
2424
2. Navigate to your resource group
2525
3. Select the **Jump VM** (Windows Virtual Machine)
2626
4. Click **Connect****Bastion**
27-
5. Enter the VM credentials (set during deployment)
27+
5. Enter the VM credentials you configured in the top layer (`VM_ADMIN_USERNAME` / `VM_ADMIN_PASSWORD`, or [infra/main.bicepparam](../infra/main.bicepparam))
2828
6. Once connected, open a browser and navigate to [Microsoft Foundry](https://ai.azure.com)
2929

3030
### 2. Configure Your Playground

docs/deploymentguide.md

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -202,8 +202,22 @@ Edit `infra/main.bicepparam` or set environment variables:
202202
| `postgreSqlNetworkIsolation` | PostgreSQL private networking toggle (defaults to `networkIsolation`) | `networkIsolation` |
203203
| `useExistingVNet` | Reuse an existing VNet | `false` |
204204
| `existingVnetResourceId` | Existing VNet resource ID (when `useExistingVNet=true`) | `` |
205-
| `vmUserName` | Jump box VM admin username | `` |
206-
| `vmAdminPassword` | Jump box VM admin password | (prompted) |
205+
| `vmUserName` | Jump box VM admin username | `VM_ADMIN_USERNAME` env var or `testvmuser` |
206+
| `vmAdminPassword` | Jump box VM admin password | `VM_ADMIN_PASSWORD` env var |
207+
208+
For network-isolated deployments, set the VM credentials before running `azd up`:
209+
210+
```powershell
211+
azd env set VM_ADMIN_USERNAME "youradminuser"
212+
azd env set VM_ADMIN_PASSWORD "Use-A-Strong-Password-Here!"
213+
```
214+
215+
If you prefer source-controlled defaults, set them in [infra/main.bicepparam](../infra/main.bicepparam) instead:
216+
217+
```bicep
218+
param vmUserName = 'youradminuser'
219+
param vmAdminPassword = 'Use-A-Strong-Password-Here!'
220+
```
207221

208222
</details>
209223

docs/post_deployment_steps.md

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -209,9 +209,10 @@ For network-isolated deployments, use Azure Bastion to access resources:
209209

210210
![Image showing bastion blade](../img/provisioning/checkNetworkIsolation7.png)
211211

212-
4. Enter the VM admin credentials (set during deployment) and click **Connect**
213-
- Admin username: `vmUserName` in [infra/main.bicep](../infra/main.bicep)
214-
- Admin password: `vmAdminPassword` in [infra/main.bicepparam](../infra/main.bicepparam) (defaults to the `VM_ADMIN_PASSWORD` environment variable)
212+
4. Enter the VM admin credentials and click **Connect**
213+
- Admin username: `vmUserName` in [infra/main.bicepparam](../infra/main.bicepparam) or the `VM_ADMIN_USERNAME` environment variable
214+
- Admin password: `vmAdminPassword` in [infra/main.bicepparam](../infra/main.bicepparam) or the `VM_ADMIN_PASSWORD` environment variable
215+
- If `vmUserName` is not set in the top layer, the effective default is `testvmuser`
215216
- If you do not have them, reset the password in **Azure Portal****Virtual machine****Reset password**.
216217

217218
![Image showing bastion login](../img/provisioning/checkNetworkIsolation8.png)

infra/main.bicepparam

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -204,7 +204,8 @@ param containerAppsList = [
204204
}
205205
]
206206

207-
param vmAdminPassword = readEnvironmentVariable('VM_ADMIN_PASSWORD', '$(secretOrRandomPassword)')
207+
param vmUserName = readEnvironmentVariable('VM_ADMIN_USERNAME', 'testvmuser')
208+
param vmAdminPassword = readEnvironmentVariable('VM_ADMIN_PASSWORD', 'JumpboxAdminP@ssw0rd1234!')
208209
param vmSize = 'Standard_D2s_v4'
209210

210211
// ========================================

0 commit comments

Comments
 (0)