Creating an Engineering Workstation in Azure

Josh Rolstad
5 min readApr 17, 2018

Engineering workstations are always difficult or tedious to set up. Everyone has their own set of tools they like, custom configurations, and other settings it takes to set up their machine before it’s functional. As a Software Craftsman, my development machine is one of my most important tools and I need it available anywhere I am in the world. In the past, this has been a tedious process and has taken days to accomplish. Now, using Azure Virtual Machines, Chocolatey, and Powershell I can create a fully functional engineering workstation in 2–3 hours that is ready for use.

Provision the Machine

This can be done with any cloud provider, but I prefer Microsoft Azure since I can use my monthly Azure credits to offset the cost and effectively run without any out of pocket costs to myself. The follow steps are performed in the Azure Portal, but could be accomplished ARM Templates as well.

  1. Create a new resource group to place the VM and related resource into.
  2. Create an Azure KeyVault for the resource group. Populate with two secrets: the virtual machine admin user and the virtual machine admin password.
  3. Create a Storage Account in the resource group. This will hold diagnostic logs for the VM or any other storage concerns.
  4. Create the Virtual Machine in the resource group. My current preference is the Visual Studio Enterprise on Windows 10 image since it already has the Visual Studio ecosystem installed. Use the storage account and credentials created above.
  5. Once the Virtual Machine is created, set it automatically shutdown at 7pm. this saves money so I am not charged for the entire evening.

Azure Active Directory (AAD) Join the Machine

After the virtual machine is created, we need to join it to either my employer’s domain, or my own personal one. In either case, both use Azure Active Directory. All steps are performed on the newly created virtual machine and reference the documentation at https://docs.microsoft.com/en-us/azure/active-directory/device-management-azuread-joined-devices-setup.

  1. Use Remote Desktop to connect to the virtual machine using the admin user / password defined previously.
  2. Open the Settings app. Once open, click on ‘Accounts’
  3. Select ‘Access Work or School’, then press ‘Connect’.
  4. Under Alternate Actions, select ‘Join this Device to Azure Active Directory’. Once selected, sign in with your email and password.
  5. Work through the steps until your machine is joined.

Enable AAD Credentials

Once the machine is AAD joined, it still needs to be configured to use your Active Directory credentials when authenticating.

  1. In the Virtual machine, Turn off Network Level Authentication. This is performed by opening the System add-in, opening the ‘Remote’ tab, and unchecking the box for ‘Allow connections only from computers running Remote Desktop with Network Level Authentication’. Once unchecked, be sure to apply changes.
  2. Disconnect from the machine and open the .rdp file for the machine in notepad or another text editor. Add the lines below, save, and re-connect using your AAD credentials.

enablecredsspsupport:i:0
authentication level:i:2

Install Software and Configure

By this time, the machine is configured and ready for software installation. After connecting to the machine via Remote Desktop, open the Powershell ISE in Administrator mode and run the following commands.

Install Chocolatey

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString(‘https://community.chocolatey.org/install.ps1'))

Show File Extensions

$key = ‘HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced’
Set-ItemProperty $key Hidden 1
Set-ItemProperty $key HideFileExt 0
Set-ItemProperty $key ShowSuperHidden 0
Stop-Process -processname explorer

Install Git

choco install git -y
choco install tortoisegit -y

# Add Git to path:
if (($env:Path.Split(‘;’) -contains “C:\Program Files\Git\bin”) -eq $false) {
$env:Path += “;C:\Program Files\Git\bin”;
[System.Environment]::SetEnvironmentVariable(“Path”, $env:Path, [System.EnvironmentVariableTarget]::Machine );
}

# Verify Git is in path:
[System.Environment]::GetEnvironmentVariable(“Path”, [System.EnvironmentVariableTarget]::Machine );

Install Visual Studio

choco install visualstudio2022enterprise -y

Install Tools (Round 1)

choco install powershell-core -y
choco install psget -y
choco install poshgit -y
Install-Module oh-my-posh
choco install visualstudiocode -y
choco install googlechrome -y
choco install git-credential-manager-for-windows -y
choco install microsoft-windows-terminal — pre -y
Restart-Computer -Confirm

Install Tools (Round 2)

After the machine is rebooted, and re-connected.

choco install dotnetcore-sdk -y
choco install nuget.commandline -y
choco install sysinternals -y
choco install procexp -y
choco install fiddler4 -y
choco install papercut -y
choco install rsat -y
choco install rdcman -y
choco install phantomJS -y
choco install windirstat -y
choco install treesizefree -y

Install Tools (Round 3)

Sql Server Management Studio is installed on it’s own since it’s a large product and can fail intermittently.

choco install sql-server-management-studio -y

Install Tools (Round 4)

choco install microsoft-teams -y
choco install zoom -y
choco install slack -y
choco install mouse-jiggler -y
choco install office365proplus -y

Add .NET tools to the path

$pathToAdd = “C:\Windows\Microsoft.NET\Framework\v4.0.30319”;
if (($env:Path.Split(‘;’) -contains $pathToAdd ) -eq $false) {
$env:Path += “;$pathToAdd “;
[System.Environment]::SetEnvironmentVariable(“Path”, $env:Path, [System.EnvironmentVariableTarget]::Machine );
}

Add VS Code Extensions

$extensions = @(
“aaron-bond.better-comments”,
“austincummings.razor-plus”,
“CoenraadS.bracket-pair-colorizer-2”,
“derivitec-ltd.vscode-dotnet-adapter”,
“eamodio.gitlens”,
“formulahendry.dotnet”,
“formulahendry.dotnet-test-explorer”,
“hashicorp.terraform”,
“hbenl.vscode-test-explorer”,
“IBM.output-colorizer”,
“jmrog.vscode-nuget-package-manager”,
“k — kato.intellij-idea-keybindings”,
“littlefoxteam.vscode-python-test-adapter”,
“ms-azuretools.vscode-azurefunctions”,
“ms-azuretools.vscode-azureresourcegroups”,
“ms-azuretools.vscode-cosmosdb”,
“ms-azuretools.vscode-docker”,
“ms-dotnettools.csharp”,
“ms-python.python”,
“ms-toolsai.jupyter”,
“ms-vscode-remote.remote-containers”,
“ms-vscode-remote.remote-wsl”,
“ms-vscode.azure-account”,
“ms-vscode.js-debug-nightly”,
“ms-vscode.powershell”,
“ms-vsliveshare.vsliveshare”,
“ms-vsliveshare.vsliveshare-audio”,
“ms-vsliveshare.vsliveshare-pack”,
“pflannery.vscode-versionlens”,
“samverschueren.yo”,
“vscode-icons-team.vscode-icons”,
“yzhang.markdown-all-in-one”
)

$extensions | ForEach-Object {
$extension = $_

Invoke-Command -ScriptBlock {code — install-extension $extension — force}
}

Remove Unneeded Software (Optional)

This section is to remove unnecessary software that is part of Windows 10 installations.

$packages = @(
“3dbuilder”,
“skypeapp”,
“solitairecollection”,
“king.com.CandyCrushSodaSaga”,
“Microsoft.ZuneMusic”,
“Microsoft.BingWeather”,
“Microsoft.Getstarted”,
“Microsoft.WindowsMaps”
“Microsoft.Office.OneNote”
“828B5831.HiddenCityMysteryofShadows”
“Microsoft.BingNews”,
“A278AB0D.DisneyMagicKingdoms”,
“89006A2E.AutodeskSketchBook”
“DolbyLaboratories.DolbyAccess”,

)

foreach ($package in $packages) {
get-appxpackage “*$package*” -allusers | remove-appxpackage
get-appxprovisionedpackage -online | ? {$_.packagename -like “*$package*”} | remove-appxprovisionedpackage -online
}

Additional Tools

Some tools are not available via chocolatey. The biggest one is to install MS Office related tools, including Visio. If you have an office subscription, this can be done by navigating to https://portal.office.com/OLS/MySoftware.aspx and installing the appropriate software.

Conclusion

Once all the steps above are complete, all required tools are now on the machine. For software such as Office, you will need to log in / authenticate to ensure full functionality. Once that is complete, this is a fully functional software engineering machine that can be used anywhere around the world.

--

--