Top / Microsoft Azure / Azure Compute / Gallery

Azure Compute Gallery

This page shows how to write Terraform and Azure Resource Manager for Compute Gallery and write them securely.

terraform-logo

Review your .tf file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

azurerm_shared_image_gallery (Terraform)

The Gallery in Compute can be configured in Terraform with the resource name azurerm_shared_image_gallery. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L8
resource "azurerm_shared_image_gallery" "example" {
  name                = "example_image_gallery"
  resource_group_name = "testrg"
  location            = "West Europe"
  description         = "Shared images and things."
resource.tf#L1
resource "azurerm_shared_image_gallery" "sig" {
  name                = var.res_sig_name
  resource_group_name = var.res_sig_rg_name
  location            = var.res_location
  tags                = var.res_tags
shared_image_gallery.tf#L14
resource "azurerm_shared_image_gallery" "gallery" {
  name                = azurecaf_name.sig_name.result
  resource_group_name = var.resource_group_name
  location            = var.location
  description         = var.settings.description
}
image_gallery.tf#L1
resource "azurerm_shared_image_gallery" "image_gallery" {
  count               = var.deploy_shared_image_gallery ? 1 : 0
  name                = format("%s", "global_image_gallery")
  resource_group_name = module.rg-global.name
  location            = var.location
  description         = "Global Images"
sig.tf#L1
resource "azurerm_shared_image_gallery" "main" {
  name                = var.sig_name
  resource_group_name = azurerm_resource_group.main.name
  location            = var.location
}
azurerm_shared_image.tf#L6
resource "azurerm_shared_image_gallery" "shared_image_gallery" {
  name                = "Clariun_image_gallery"
  resource_group_name = azurerm_resource_group.resource_group.name
  location            = azurerm_resource_group.resource_group.location
  description         = "Shared images"
shared_image_gallery.tf#L1
resource "azurerm_shared_image_gallery" "gallery" {
  name                = var.image_gallery_name
  resource_group_name = azurerm_resource_group.rg_services.name
  location            = azurerm_resource_group.rg_services.location

  tags = {
main.tf#L6
resource "azurerm_shared_image_gallery" "sig" {
  name                = "sig"
  resource_group_name = azurerm_resource_group.rg.name
  location            = azurerm_resource_group.rg.location
}
main.tf#L1
resource "azurerm_shared_image_gallery" "example" {
  name                = var.name
  resource_group_name = module.resource_group.azurerm_resource_group.example.name
  location            = module.resource_group.azurerm_resource_group.example.location
  description         = var.description
shared_image_gallery.tf#L14
resource "azurerm_shared_image_gallery" "gallery" {
  name                = azurecaf_name.sig_name.result
  resource_group_name = var.resource_group_name
  location            = var.location
  description         = var.settings.description
}

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Manages a Shared Image Gallery.

>> from Terraform Registry

Tips: Best Practices for The Other Azure Compute Resources

In addition to the azurerm_linux_virtual_machine, Azure Compute has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

azurerm_linux_virtual_machine

Ensure to use SSH authentication for virtual machines

It is better to use SSH authentication for virtual machines instead of password authentication to enforce more secure ways.

risk-label

azurerm_managed_disk

Ensure to enable the encryption on managed disks

It is better to enable the encryption on managed disks.

risk-label

azurerm_virtual_machine

Ensure to use SSH authentication for virtual machines

It is better to use SSH authentication for virtual machines instead of password authentication to enforce more secure ways.

Review your Azure Compute settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

Microsoft.Compute/galleries (Azure Resource Manager)

The galleries in Microsoft.Compute can be configured in Azure Resource Manager with the resource name Microsoft.Compute/galleries. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

SharedImageGallery.json#L20
            "type": "Microsoft.Compute/galleries",
            "apiVersion": "2020-09-30",
            "name": "[concat(parameters('prefix'),'_imggal_',parameters('location'))]",
            "location": "[parameters('location')]",
            "properties": {}
        },
template.json#L17
            "type": "Microsoft.Compute/galleries",
            "apiVersion": "2019-03-01",
            "name": "[parameters('galleries_testsharedgallery_name')]",
            "location": "eastus",
            "tags": {
                "type": "test"
SharedImageGallery.json#L14
            "type": "Microsoft.Compute/galleries",
            "name": "[parameters('deploymentParameters').galleryName]",
            "apiVersion": "2018-06-01",
            "location": "[resourceGroup().location]",
            "properties": {
                "description": "My Private Gallery"
sharedimagegallery.json#L32
            "type": "Microsoft.Compute/galleries",
            "name": "[parameters('galleryName')]",
            "apiVersion": "2018-06-01",
            "location": "[parameters('location')]",
            "properties": {
                "description": "[parameters('description')]"
Deployment_m2-vm-rhel-image-gallery.json#L14
            "type": "Microsoft.Compute/galleries",
            "name": "[parameters('galleryDefinition').galleries.Name]",
            "apiVersion": "2018-06-01",
            "location": "[parameters('galleryDefinition').galleries.Location]",
            "properties": {
                "description": "[parameters('galleryDefinition').galleries.description]"
avd-sig-module.json#L34
      "type": "Microsoft.Compute/galleries",
      "apiVersion": "2020-09-30",
      "name": "[parameters('sigName')]",
      "location": "[parameters('sigLocation')]"
    },
    {
aig.deploy.json#L26
        "type": "Microsoft.Compute/galleries",
        "name": "[parameters('galleryName')]",
        "location": "westeurope",
        "properties": {
          "description": "[parameters('description')]"
        }
main.json#L53
      "type": "Microsoft.Compute/galleries",
      "apiVersion": "2020-09-30",
      "name": "[parameters('sigName')]",
      "location": "[parameters('sigLocation')]"
    },
    {
gallery.json#L29
            "type": "Microsoft.Compute/galleries",
            "name": "[parameters('galleryName')]",
            "apiVersion": "2019-12-01",
            "location": "[parameters('location')]",
            "properties": {
                "description": "arm-imagebuilder-vmss-extension"

Parameters

  • apiVersion required - string
  • location required - string

    Resource location

  • name required - string

    The name of the Shared Image Gallery. The allowed characters are alphabets and numbers with dots and periods allowed in the middle. The maximum length is 80 characters.

  • properties required
      • description optional - string

        The description of this Shared Image Gallery resource. This property is updatable.

      • identifier optional
        • sharingProfile optional
            • permissions optional - string

              This property allows you to specify the permission of sharing gallery. Possible values are: Private Groups.

        • softDeletePolicy optional
            • isSoftDeleteEnabled optional - boolean

              Enables soft-deletion for resources in this gallery, allowing them to be recovered within retention time.

    • tags optional - string

      Resource tags

    • type required - string

    >> from Azure Resource Manager Documentation

    The Other Related Azure Compute Resources

    Frequently asked questions

    Azure Compute Gallery is a resource for Compute of Microsoft Azure. Settings can be wrote in Terraform.

    For Terraform, the kgopi1/TF_modules, avishekansible/AzureLandingZone and anmoltoppo/Terraform source code examples are useful. See the Terraform Example section for further details.

    For Azure Resource Manager, the Duddit2LTD/Nordcloud_104, lavanyabojanapati/Powershell-Templates and MatthewGrimshaw/WVD-POC source code examples are useful. See the Azure Resource Manager Example section for further details.

    security-icon

    Automate config file reviews on your commits

    Fix issues in your infrastructure as code with auto-generated patches.

    Table of Contents