What’s new with Azure Policy for Lab Services?

Azure Lab Services has added 4 built-in Azure policies. Azure Policy help IT administrators to manage and prevent issues automatically.  Policy definitions enforce rules and effects for your resource. This blogpost summarizes the new policies available in the August 2022 Update for Azure Lab Services.

1.  Lab Services should enable all options for auto shutdown
2. Lab Services should not allow template virtual machines for labs
3. Lab Services should require non-admin user for labs
4. Lab Services should restrict allowed virtual machine SKU sizes

For a full list of built-in policies, including policies for Lab Services, see Azure Policy built-in policy definitions.

Lab Services should enable all options for auto shutdown

This policy is used to enforce that all shutdown options are enabled while creating the lab. During policy assignment, lab administrators can choose the following effects.

Lab Services should not allow template virtual machines for labs

This policy can be used to restrict customization of lab templates. While creating a new lab, there is an option either to “create a template virtual machine” or “Use virtual machine image without customization”. If this policy is enabled, only the “Use virtual machine image without customization” is allowed . During policy assignment, lab administrators can choose the following effects.

Lab Services require non-admin user for labs

This policy is used to enforce using non-admin accounts while creating a lab. With the August 2022 Update, you can choose to add a non-admin account to the VM image. This new feature allows you to keep separate credentials for VM admin and non-admin users. For more information to create a lab with a non-admin user, see Tutorial: Create and publish a lab, which shows how to give a student non-administrator account rather than default administrator account on the “Virtual machine credentials” page of the new lab wizard.
During the policy assignment the lab administrator can choose the following effects.

Lab Services should restrict allowed virtual machine SKU sizes

This policy is used to enforce which SKUs are allowed to be used while creating the lab. For example, a lab administrator might want to prevent educators from creating labs with GPU SKUs since they are not needed for any classes being taught. This policy would allow lab administrators to enforce which SKUs are allowed to be used while creating the lab. During the policy assignment the Lab Administrator can choose the following effects.

In tomorrow’s blogpost we’ll see how to use the “Lab Services should restrict allowed virtual machine SKU sizes” azure policy.

Thanks,

Lab Services Team

References:

• List of Lab Services policies
• What is azure policy?