Connect an existing Windows server to Azure Arc

The following README will guide you on how to connect an Windows machine to Azure Arc using a simple PowerShell script.

Prerequisites

  • Install or update Azure CLI to version 2.15.0 and above. Use the below command to check your current installed version.

    az --version
    
  • Enable subscription with the resource provider for Azure Arc-enabled Servers. Registration is an asynchronous process, and registration may take approximately 10 minutes.

    az provider register --namespace Microsoft.HybridCompute
    

You can monitor the registration process with the following commands:

az provider show -n Microsoft.HybridCompute -o table
  • Create Azure service principal (SP)

    To connect a server to Azure Arc, an Azure service principal assigned with the “Contributor” role is required. To create it, login to your Azure account run the below command (this can also be done in Azure Cloud Shell).

    az login
    az ad sp create-for-rbac -n "<Unique SP Name>" --role contributor
    

    For example:

    az ad sp create-for-rbac -n "http://AzureArcServers" --role contributor
    

    Output should look like this:

    {
    "appId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "displayName": "AzureArcServers",
    "name": "http://AzureArcServers",
    "password": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "tenant": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
    }
    

    Note: The Jumpstart scenarios are designed with as much ease of use in-mind and adhering to security-related best practices whenever possible. It is optional but highly recommended to scope the service principal to a specific Azure subscription and resource group as well considering using a less privileged service principal account

  • Create a new Azure resource group where you want your machine(s) to show up.

    Screenshot showing Azure Portal with empty resource group

  • Download the az_connect_win PowerShell script.

  • Change the environment variables according to your environment and copy the script to the designated machine.

    Screenshot showing PowerShell script

Deployment

On the designated machine, Open PowerShell ISE as Administrator and run the script. Note the script is using $env:ProgramFiles as the agent installation path so make sure you are not using PowerShell ISE (x86).

Screenshot showing PowerShell script

Screenshot showing PowerShell script

Upon completion, you will have your Windows server, connected as a new Azure Arc resource inside your resource group.

Screenshot showing PowerShell script being run

Screenshot showing Azure Portal with Azure Arc-enabled server resource

Screenshot showing Azure Portal with Azure Arc-enabled server resource detail

Delete the deployment

The most straightforward way is to delete the server via the Azure Portal, just select server and delete it.

Screenshot showing delete resource function in Azure Portal

If you want to delete the entire environment, just delete the Azure resource group.

Screenshot showing delete resource group function in Azure Portal