Deploy the BeyondTrust Appliance B Series into a Microsoft Azure Environment
For administrators who wish to deploy the BeyondTrust PRA Virtual Appliance into their Microsoft Azure environment, follow the steps below.
You must have a Microsoft Azure account and environment already configured. You must have the AzureRm or Az PowerShell Module installed on your machine. For more information about installing and configuring the Azure PowerShell Module, please see Install and configure Azure PowerShell.
- Open the email you received from BeyondTrust Technical Support and select the Click Here for your BeyondTrust PRA Virtual Appliance (Azure) for Privileged Remote Access Management link to download the BeyondTrust Privileged Remote Access-hyperv-azure.exe file.
- Click BeyondTrust Privileged Remote Access-hyperv-azure.exe within your browser to begin installation.
- If you receive a Security Warning prompt, click Run.
- Choose where you wish the files to be extracted to on your desktop. Click Extract.
- Wait for the files to extract. You can review the Elapsed Time, Remaining Time, and blue progress bar to see how extraction is progressing.
- When extraction is complete, Deploy-AzBeyondTrustVM.ps1, Deploy_AzureBomgarVM.ps1, Deploy-HyperVBeyondTrustVM.ps1, and BeyondTrust-br.v.2.vhd files appear in the location you designated during the extraction process. Two PowerShell scripts are provided to assist in the deployment of your B Series Appliance to Azure: Deploy-AzureRmBeyondTrustVM.ps1 and Deploy-AzBeyondTrustVM.ps1. A third script, Deploy-HyperVBeyondTrustVM.ps1, is provided to assist with Hyper-V deployments, and should not be used to deploy to Azure. Deploy-AzureRmBeyondTrustVM.ps1 uses the deprecated AzureRm module; Deploy-AzBeyondTrustVM.ps1 uses the newer Az module. Which script you use will be determined by which PowerShell module is installed in your environment. Right-click on the script you wish to use and click Edit.
- Once the PowerShell script opens, locate STEP 1 and modify the following variables based on the specifics of your Microsoft Azure environment:
- Resource Group Name
- Storage Account Name
- Location (e.g., westus)
- vnet Name
- subnet Name
The vmName does not need to be changed.
The Storage Account being utilized for storing the Azure Virtual Appliance must be General purpose v1.
- If using the AzureRm Powershell script, uncomment the desired deployment size of your PRA Virtual Appliance in the section labeled STEP 2. If using the Az script, set the value of $size to the desired deployment size of your PRA Virtual Appliance. The options are:
- In the Azure console, set the PRA Virtual Appliance's external IP to Static. Then assign your DNS entry to that external IP.
- Or, apply a DNS name within Azure. Set a CNAME record pointed to that address.
No further network or console configuration is needed for Azure-based appliances. Please continue to Register and Update the PRA Virtual Appliance