From 529d37b6227afdd88dd6176835e71c9685d662ad Mon Sep 17 00:00:00 2001 From: Rafi-Microsoft Date: Wed, 8 Apr 2026 17:56:11 +0530 Subject: [PATCH 1/3] fix: Update VM credential instructions for clarity and consistency across documentation --- docs/ACCESSING_PRIVATE_RESOURCES.md | 12 +++++++++--- docs/deploy_app_from_foundry.md | 2 +- docs/deploymentguide.md | 18 ++++++++++++++++-- docs/post_deployment_steps.md | 7 ++++--- 4 files changed, 30 insertions(+), 9 deletions(-) diff --git a/docs/ACCESSING_PRIVATE_RESOURCES.md b/docs/ACCESSING_PRIVATE_RESOURCES.md index f1b50c4..4071e3c 100644 --- a/docs/ACCESSING_PRIVATE_RESOURCES.md +++ b/docs/ACCESSING_PRIVATE_RESOURCES.md @@ -18,9 +18,9 @@ azd env get-values | grep jumpVm # Or in Azure Portal: # 1. Navigate to your resource group -# 2. Find the VM (usually named like "vm-jump-") +# 2. Find the VM resource created for the jump box # 3. Click "Connect" → "Bastion" -# 4. Enter the username and password (auto-generated during deployment) +# 4. Enter the username and password you set via VM_ADMIN_USERNAME / VM_ADMIN_PASSWORD ``` ### 2. From Jump VM, Access Private Services @@ -169,7 +169,13 @@ You can configure services without private endpoints by modifying individual ser ### Jump VM credentials unknown -Credentials are auto-generated during deployment. To reset: +If you did not set the credentials before deployment, use the top-layer defaults or reset them: + +- Username: `VM_ADMIN_USERNAME` environment variable, or `vmUserName` in [infra/main.bicepparam](../infra/main.bicepparam) +- Default username when unset: `testvmuser` +- Password: `VM_ADMIN_PASSWORD` environment variable, or `vmAdminPassword` in [infra/main.bicepparam](../infra/main.bicepparam) + +To reset: ```bash az vm user update \ diff --git a/docs/deploy_app_from_foundry.md b/docs/deploy_app_from_foundry.md index bd21729..db42c3c 100644 --- a/docs/deploy_app_from_foundry.md +++ b/docs/deploy_app_from_foundry.md @@ -24,7 +24,7 @@ Since all resources are deployed with private endpoints, you must access Microso 2. Navigate to your resource group 3. Select the **Jump VM** (Windows Virtual Machine) 4. Click **Connect** → **Bastion** -5. Enter the VM credentials (set during deployment) +5. Enter the VM credentials you configured in the top layer (`VM_ADMIN_USERNAME` / `VM_ADMIN_PASSWORD`, or [infra/main.bicepparam](../infra/main.bicepparam)) 6. Once connected, open a browser and navigate to [Microsoft Foundry](https://ai.azure.com) ### 2. Configure Your Playground diff --git a/docs/deploymentguide.md b/docs/deploymentguide.md index 8ae20b6..ca930a2 100644 --- a/docs/deploymentguide.md +++ b/docs/deploymentguide.md @@ -202,8 +202,22 @@ Edit `infra/main.bicepparam` or set environment variables: | `postgreSqlNetworkIsolation` | PostgreSQL private networking toggle (defaults to `networkIsolation`) | `networkIsolation` | | `useExistingVNet` | Reuse an existing VNet | `false` | | `existingVnetResourceId` | Existing VNet resource ID (when `useExistingVNet=true`) | `` | -| `vmUserName` | Jump box VM admin username | `` | -| `vmAdminPassword` | Jump box VM admin password | (prompted) | +| `vmUserName` | Jump box VM admin username | `VM_ADMIN_USERNAME` env var or `testvmuser` | +| `vmAdminPassword` | Jump box VM admin password | `VM_ADMIN_PASSWORD` env var | + +For network-isolated deployments, set the VM credentials before running `azd up`: + +```powershell +azd env set VM_ADMIN_USERNAME "youradminuser" +azd env set VM_ADMIN_PASSWORD "Use-A-Strong-Password-Here!" +``` + +If you prefer source-controlled defaults, set them in [infra/main.bicepparam](../infra/main.bicepparam) instead: + +```bicep +param vmUserName = 'youradminuser' +param vmAdminPassword = 'Use-A-Strong-Password-Here!' +``` diff --git a/docs/post_deployment_steps.md b/docs/post_deployment_steps.md index aac6b8f..8438d16 100644 --- a/docs/post_deployment_steps.md +++ b/docs/post_deployment_steps.md @@ -209,9 +209,10 @@ For network-isolated deployments, use Azure Bastion to access resources: ![Image showing bastion blade](../img/provisioning/checkNetworkIsolation7.png) -4. Enter the VM admin credentials (set during deployment) and click **Connect** - - Admin username: `vmUserName` in [infra/main.bicep](../infra/main.bicep) - - Admin password: `vmAdminPassword` in [infra/main.bicepparam](../infra/main.bicepparam) (defaults to the `VM_ADMIN_PASSWORD` environment variable) +4. Enter the VM admin credentials and click **Connect** + - Admin username: `vmUserName` in [infra/main.bicepparam](../infra/main.bicepparam) or the `VM_ADMIN_USERNAME` environment variable + - Admin password: `vmAdminPassword` in [infra/main.bicepparam](../infra/main.bicepparam) or the `VM_ADMIN_PASSWORD` environment variable + - If `vmUserName` is not set in the top layer, the effective default is `testvmuser` - If you do not have them, reset the password in **Azure Portal** → **Virtual machine** → **Reset password**. ![Image showing bastion login](../img/provisioning/checkNetworkIsolation8.png) From 7e302097657ab24d69bf65f433b31cdfec40dfb9 Mon Sep 17 00:00:00 2001 From: Rafi-Microsoft Date: Wed, 8 Apr 2026 19:36:17 +0530 Subject: [PATCH 2/3] added vm username param --- infra/main.bicepparam | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/main.bicepparam b/infra/main.bicepparam index 947940c..aa78276 100644 --- a/infra/main.bicepparam +++ b/infra/main.bicepparam @@ -204,6 +204,7 @@ param containerAppsList = [ } ] +param vmUserName = readEnvironmentVariable('VM_ADMIN_USERNAME', 'testvmuser') param vmAdminPassword = readEnvironmentVariable('VM_ADMIN_PASSWORD', '$(secretOrRandomPassword)') param vmSize = 'Standard_D2s_v4' From 80be27674434f103b396ec12df8f030f58bc1efd Mon Sep 17 00:00:00 2001 From: Rafi-Microsoft Date: Wed, 8 Apr 2026 19:43:40 +0530 Subject: [PATCH 3/3] added default password for vm --- infra/main.bicepparam | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/main.bicepparam b/infra/main.bicepparam index aa78276..c1b617a 100644 --- a/infra/main.bicepparam +++ b/infra/main.bicepparam @@ -205,7 +205,7 @@ param containerAppsList = [ ] param vmUserName = readEnvironmentVariable('VM_ADMIN_USERNAME', 'testvmuser') -param vmAdminPassword = readEnvironmentVariable('VM_ADMIN_PASSWORD', '$(secretOrRandomPassword)') +param vmAdminPassword = readEnvironmentVariable('VM_ADMIN_PASSWORD', 'JumpboxAdminP@ssw0rd1234!') param vmSize = 'Standard_D2s_v4' // ========================================