Serverless architecture

Manual resource deployment and setup guide

November 2021

Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein.

Microsoft and the trademarks listed at https://www.microsoft.com/legal/intellectualproperty/Trademarks/Usage/General.aspx are trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners.

Contents:

Serverless architecture manual resource deployment and setup guide

Serverless architecture manual resource deployment and setup guide

Duration: 30 minutes

This guide provides instructions for manually performing Task 2 (Run ARM template to provision lab resources) of the before the hands-on lab guide. The step-by-step directions below manually provision and configure the resources created by the ARM template.

Ensure all resources use the same resource group for easier cleanup.

Important: Many Azure resources require globally unique names. Throughout these steps, you will see the word “SUFFIX” as part of resource names. You should replace this with your Microsoft alias, initials, or other value to ensure uniquely named resources.

Requirements

Microsoft Azure subscription (non-Microsoft subscription)
Local machine or a virtual machine configured with (complete the day before the lab!):
- Visual Studio Community 2019 or greater
  - https://www.visualstudio.com/vs/
- Azure development workload for Visual Studio 2019
  - https://docs.microsoft.com/azure/azure-functions/functions-develop-vs#prerequisites
- .NET Core 3.1
  - https://www.microsoft.com/net/download/windows
Office 365 account. If required, you can sign up for an Office 365 trial at:
- https://portal.office.com/Signup/MainSignup15.aspx?Dap=False&QuoteId=79a957e9-ad59-4d82-b787-a46955934171&ali=1
GitHub account. You can create a free account at https://github.com.

Task 1: Provision an Azure Data Lake Storage Gen2 account

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “storage account” into the Search the Marketplace box, select Storage account from the results, and then select Create.

“Storage account” is entered into the Search the Marketplace box. Storage account is selected in the results.
On the Create storage account Basics tab, enter the following:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Storage account name: Enter datalakeSUFFIX.
- Location: Select the location you are using for resources in this hands-on lab.
- Performance: Choose Standard.
- Account kind: Select StorageV2 (general purpose v2).
- Replication: Select Locally-redundant storage (LRS).
On the Create storage account blade, the values specified above are entered into the appropriate fields.
Next, select the Advanced tab.

The Advanced tab is highlighted in the tabs on the Create storage account blade.
On the Advanced tab, select Enabled from the Hierarchical namespace setting under Data Lake Storage Gen2.

The Advanced tab of the Create storage account blade is highlighted and Hierarchical namespace and its enabled setting are selected and highlighted.
Select Review + create.
On the Review + create blade, ensure the Validation passed message is displayed and then select Create.
After the storage account has completed provisioning, open the storage account by selecting Go to resource.

In the Azure Portal, once the storage account has completed provisioning, a status message is displayed saying Your deployment is complete. Beneath the next steps section, The Go to resource button is highlighted.
On the Storage account blade, select Containers under Data Lake Storage in the left-hand navigation menu and then select the + Container button to add a new container.

The Containers menu item is selected and highlighted in the Storage account blade’s left-hand menu, and + Container is highlighted on the Containers blade.
In the New container dialog, enter images into the Name field, choose Private (no anonymous access) for the public access level, then select Create to save the container.

In the New container dialog, images is entered into the Name field and highlighted. Private (no anonymous access) is selected for the public access level. The Create button is highlighted.
Repeat step 10 to create another container named export.

In the New container dialog, images is entered into the Name field and highlighted. Private (no anonymous access) is selected for the public access level. The Create button is highlighted.
Next, select Access Keys, under Settings in the left-hand navigation menu. Then on the Access keys blade, select Show keys and then select the Click to copy button for the key1 connection string value.

In the Storage account blade, under Settings, Access keys is selected. Under Default keys, the copy button next to the key1 connection string is selected.
Paste the value into a text editor, such as Notepad, for reference in the Key Vault steps below.

Task 2: Provision the TollBooth Function App

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “function app” into the Search the marketplace box and select Function App from the results.

Function app is highlighted in the search box, and the Function App row is highlighted in the results below that.
On the Function App blade, select Create.
On the Create Function App blade, enter the following:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Function App name: Enter a globally unique name, such as “TollBoothFunctions-SUFFIX”.
- Publish: Select Code.
- Runtime Stack Select .NET.
- Version: Choose 3.1.
- Region: Select the region you have been using for resources in this hands-on lab.
The information above is entered on the Create Function App basics tab.
Select Next: Hosting.
On the Hosting tab, set the following configuration:
- Storage account: Select the datalakeSUFFIX storage account you created in Task 1 above.
- Operating System: Select Windows.
- Plan type: Choose Consumption (Serverless).
The information above is entered on the Create Function App hosting tab.
Select Next: Monitoring, and on the Monitoring tab, enter the following:
- Enable Application Insights: Select Yes.
- Application Insights: Select Create new.
In the Monitoring tab of the Create Function App blade, the form fields are set to the previously defined values.
In the Create new Application Insights dialog, provide the following information, then select OK:
- Name: Enter a globally unique value, similar to appinsights-SUFFIX (ensure the green checkmark appears).
- Location: Select the same Azure region you selected for your Function App.
The new Application Insights form is configured as described.
Select Review + create.

The Review + create button is highlighted in the button bar.
Select Create to provision the new Function App.
When the function app provisioning completes, navigate to it in the Azure portal by opening the hands-on-lab-SUFFIX resource group and then select the Azure Function App resource whose name begins with TollBoothFunctions.

For your Function App to be able to access Key Vault to read the secrets, you must create a system-assigned managed identity for the Function App, and create an access policy in Key Vault for the application identity.

In the hands-on-lab-SUFFIX resource group, the TollBoothFunctions Function App is highlighted.
On the Function App blade, select Identity in the left-hand navigation menu, and within the System assigned tab, switch Status to On and select Save.

In the Identity blade, the System assigned tab is selected with the Status set to On, and the Save button is highlighted.

Task 3: Provision the Events Function App

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “function app” into the Search the marketplace box and select Function App from the results.

Function app is highlighted in the search box, and the Function App row is highlighted in the results below that.
On the Function App blade, select Create.
On the Create Function App blade, enter the following:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Function App name: Enter a globally unique name, such as “TollBoothEvents-SUFFIX”.
- Publish: Select Code.
- Runtime Stack Select Node.js.
- Version: Choose 14 LTS.
- Region: Select the region you have been using for resources in this hands-on lab.
The information above is entered on the Create Function App basics tab.
Select Next: Hosting.
On the Hosting tab, set the following configuration:
- Storage account: Select the datalakeSUFFIX storage account you created in Task 1 above.
- Operating System: Select Windows.
- Plan type: Choose Consumption (Serverless).
The information above is entered on the Create Function App hosting tab.
Select Next: Monitoring, and on the Monitoring tab, enter the following:
- Enable Application Insights: Select Yes.
- Application Insights: Select the Application Insights instance you created earlier when provisioning the TollBoothFunctions Function App.
In the Monitoring tab of the Create Function App blade, the form fields are set to the previously defined values.
Select Review + create and then select Create to provision the Function App.

Task 4: Provision an Event Grid topic

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “event grid topic” into the Search the marketplace box and select Event Grid Topic from the results.

Event Grid Topic is highlighted in the search box, and the Event Grid Topic panel is highlighted in the results below that.
On the Event Grid Topic blade, select Create.
On the Create Topic blade, specify the following configuration options:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Name: Enter a globally unique value, such as eventgridtopic-SUFFIX (ensure the green checkmark appears).
- Location: Select the region you have been using for resources in this hands-on lab.
In the Create Topic blade, the Name field is set to eventgridtopic, and the Resource Group selected is hands-on-lab-SUFFIX.
Select Review + Create, then select Create in the screen that follows.
After the Event Grid topic has completed provisioning, open the account by opening the hands-on-lab-SUFFIX resource group and then selecting the Event Grid Topic resource from the list of available services.
On the Event Grid Topic blade, select Overview in the left-hand navigation menu and then copy the Topic Endpoint value and paste the value into a text editor, such as Notepad, for later reference.

On the Event Grid Topic blade, Overview is selected and highlighted, and the Topic Endpoint value is highlighted.
Next, select Access Keys under Settings in the left-hand navigation menu on the Event Grid Topic blade.
Within the Access Keys blade, copy the Key 1 value and paste it into a text editor, such as Notepad, for later reference.

In the eventgridtopic blade, in the left menu under Settings, Access keys is selected. In the listing of Access keys, the copy button next to the Key 1 access key is selected.

Task 5: Provision and configure an Azure Cosmos DB account

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
On the New screen, select Databases then select Azure Cosmos DB.

In Azure Portal, in the menu, New is selected. Under Azure marketplace, Databases is selected, and under Featured, Azure Cosmos DB is selected.
On the Create new Azure Cosmos DB account blade, specify the following configuration options:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Account Name: Enter a globally unique value, such as cosmosdb-SUFFIX (ensure the green check mark appears).
- API: Select the Core (SQL) API.
- Location: Select the region you have been using for resources in this hands-on lab.
- Capacity mode: Select Provisioned throughput.
- Apply Free Tier Discount: Select Do Not Apply.
- Account Type: Select Production.
- Geo-Redundancy: Choose Disable.
- Multi-region writes: Select Disable.
Fields in the Azure Cosmos DB blade are set to the previously defined settings.
Select Review + create, then select Create.
After the Azure Cosmos DB account has completed provisioning, open the account by opening the hands-on-lab-SUFFIX resource group and then selecting the Azure Cosmos DB resource from the list of available services in the resource group.
On the Cosmos DB blade, select Data Explorer in the left-hand navigation menu and then select New Container.

In the Data Explorer blade, the Data Explorer item is selected in the left menu. The New Container button is selected in the Data Explorer pane.
On the Add Container blade, specify the following configuration options:
- Database Id: Choose Create new and enter LicensePlates for the name.
- Container Id: Enter Processed.
- Partition key: Enter /licensePlateText.
- Throughput: Select Autoscale and enter 4000 into the Max RU/s box.
In the Add Container blade, fields are set to the previously defined values.
Select OK.
Select New Container again on the Data Explorer blade to add another container.
On the Add Container blade, specify the following configuration options:
- Database Id: Choose Use existing and select the LicensePlates database Id.
- Container Id: Enter NeedsManualReview.
- Partition key: Enter /fileName.
- Throughput: Select Autoscale and enter 4000 into the Max RU/s box.
In the Add Container blade, fields are set to the previously defined values.
Select OK.
Select Keys under Settings in the left-hand navigation menu on the Cosmos DB blade.
Underneath the Read-write Keys tab within the Keys blade, copy the URI and Primary Key values.

In the tollbooth - Keys blade, under Settings, Keys is selected. The copy buttons for the URI and Primary Key fields are selected on the Read-write Keys tab.
Paste the values into a text editor, such as Notepad, for later reference.

Task 6: Provision the Computer Vision API service

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “computer vision” into the Search the marketplace box, select Computer Vision from the results, and then select the Create button on the Computer Vision blade.
On the Create Computer Vision blade, specify the following configuration options:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Region: Select the region you have been using for resources in this hands-on lab.
- Name: Enter a globally unique value, such as computervision-SUFFIX (ensure the green checkmark appears).
- Pricing tier: Select Standard S1 (10 Class per second).
In the Create Computer Vision blade, fields are set to the previously defined values.
Select Review + create and then select Create.
After the Computer Vision service has completed provisioning, open the service by opening the hands-on-lab-SUFFIX resource group and then selecting the Computer Vision Cognitive Service resource from the list of available services in the resource group.
Under Resource Management in the left-hand navigation menu, select Keys and Endpoint.
Within the Keys and Endpoint blade, copy the Endpoint and KEY 1 values.

In the Cognitive Services blade, under Resource Management, Keys and Endpoint is selected. The Copy button next to the Endpoint and Key 1 values are selected.
Paste the values into a text editor, such as Notepad, for later reference.

Task 7: Create a Logic App

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “logic app” into the Search the marketplace box and select Logic App from the results.

Logic app is entered into the search the marketplace box and highlighted. The Logic App pane is highlighted in the search results.
Select the Create button on the Logic App blade.
On the Create a logic app blade Basics tab, specify the following configuration options:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Logic app name: Enter a globally unique value, such as logicapp-SUFFIX (ensure the green check mark appears).
- Region: Select the region you have been using for resources in this hands-on lab.
- Associate with integration service environment: Leave unchecked.
- Enable log analysis: Leave unchecked.
The values specified above are entered into the create a logic app basics tab.
Select Review + create, then select Create.

Task 8: Provision Azure Key Vault

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “key vault” into the Search the marketplace box and select Key Vault from the results.

Key vault is entered into the search the marketplace box and highlighted. The Key Vault pane is highlighted in the search results.
Select the Create button on the Key Vault blade.
On the Create key vault blade Basics tab, specify the following configuration options:

Project Details:
- Subscription: Select the subscription you are using for this hands-on lab.
- Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
Instance Details:
- Key vault name: Enter a globally unique value, such as keyvault-SUFFIX (ensure the green check mark appears).
- Region: Select the region you have been using for resources in this hands-on lab.
- Pricing tier: Select Standard.
- Days to retain deleted vaults: Leave at 90.
- Purge protection: Select the Disable option.
In the Create key vault blade, fields are set to the previously defined values.
Select Next: Access policy.
On the Access policy tab, select Add Access Policy.

The Add Access Policy link is highlighted on the Access Policy tab.
On the Add access policy dialog, enter the following:
- Secret permissions: Select Get from the list of available permissions.
- Select principal: Select *None selected and in the dialog, enter TollBoothFunctions into the search box, select the TollBoothFunctions Function App’s managed service identity from the results and then select Select**.
In the Add access policy form, the Select principal field is highlighted.
Select Add to add the new access policy.
Select Review + create, then select Create.
After the deployment completes, select Go to resource in the deployment complete notification.

When the deployment completes, a message is displayed indicating Your deployment is complete. The Go to resource button is highlighted in the next steps section.
Select Secrets under Settings in the left-hand navigation menu.
Select Generate/Import to add a new key.

The Secrets menu item and the Generate/Import button are highlighted.

Using the key values you copied into a text editor, such as Notepad, in the tasks above, use the table below for the name-value pairs to use when creating the secrets. You only need to populate the Name and Value fields for each secret and leave the other fields at their default values.

Name	Value
computerVisionApiKey	Computer Vision API key
cosmosDBAuthorizationKey	Cosmos DB Primary Key
dataLakeConnectionString	Data Lake storage connection string
eventGridTopicKey	Event Grid Topic access key

When you are finished creating the secrets, your list should look similar to the following:

The listing of secrets is displayed matching the previously defined values.

Task 9: Retrieve the URI for each secret

Open your Key Vault instance in the portal.
Still on the Secrets page in Key Vault, select the computerVisionApiKey secret.

The computerVisionApiKey secret is highlighted in the secrets list.
On the computerVisionApiKey blade, select the Current Version of the secret.

The secret’s current version is selected.
On the secret version blade, copy the Secret Identifier value by selecting the Copy to clipboard button.

The Secret Identifier field is highlighted. Next to this field is a copy button.
Paste the secret identifier value into a text editor, such as Notepad, for later reference.
Close the computerVisionApiKey blades and return to the Secrets page of your Key Vault.
Repeat steps 2 through 6 above for the other three secrets listed.

When you are done copying and pasting the secret identifier values, you should have a list similar to the following in your text editor document:

@Microsoft.KeyVault(SecretUri=https://tollboothvault.vault.azure.net/secrets/computerVisionApiKey/ce228a43f40140dd8a9ffb9a25d042ee)
@Microsoft.KeyVault(SecretUri=https://tollboothvault.vault.azure.net/secrets/cosmosDBAuthorizationKey/1f9a0d16ad22409b85970b3c794a218c)
@Microsoft.KeyVault(SecretUri=https://tollboothvault.vault.azure.net/secrets/dataLakeConnectionString/771aa40adac64af0b2aefbd741bd46ef)
@Microsoft.KeyVault(SecretUri=https://tollboothvault.vault.azure.net/secrets/eventGridTopicKey/e310bcd71a72489f89b6112234fed815)

Task 10: Configure application settings for the TollBoothFunctions Function App

Navigate to the TollBoothFunctions Function App resource in the Azure portal by opening the hands-on-lab-SUFFIX resource group and then select the Azure Function App resource whose name begins with TollBoothFunctions.

In the hands-on-lab-SUFFIX resource group, the TollBoothFunctions Function App is highlighted.
On the Function App blade, select Configuration in the left-hand navigation menu.

In the TollBoothFunctionApp blade on the Overview tab, under Configured features, the Configuration item is selected.

Scroll to the Application settings section. Use the + New application setting link to create the following additional key-value pairs (the key names must exactly match those found in the table below). Be sure to remove the curly braces ({}).

Application Key	Value
computerVisionApiKey	Enter `@Microsoft.KeyVault(SecretUri={referenceString})`, where `{referenceString}` is the URI for the computerVisionApiKey Key Vault secret
computerVisionApiUrl	Computer Vision API endpoint you copied earlier with vision/v3.0/ocr appended to the end. Example: `https://eastus.api.cognitive.microsoft.com/vision/v3.0/ocr`
cosmosDBAuthorizationKey	Enter `@Microsoft.KeyVault(SecretUri={referenceString})`, where `{referenceString}` is the URI for the cosmosDBAuthorizationKey Key Vault secret
cosmosDBCollectionId	Cosmos DB processed collection id (Processed)
cosmosDBDatabaseId	Cosmos DB database id (LicensePlates)
cosmosDBEndpointUrl	Cosmos DB URI
dataLakeConnection	Enter `@Microsoft.KeyVault(SecretUri={referenceString})`, where `{referenceString}` is the URI for the dataLakeConnectionString Key Vault secret
eventGridTopicEndpoint	Event Grid Topic endpoint
eventGridTopicKey	Enter `@Microsoft.KeyVault(SecretUri={referenceString})`, where `{referenceString}` is the URI for the eventGridTopicKey Key Vault secret
exportCsvContainerName	Data lake CSV export container name (export)

In the Application Settings section, the previously defined key/value pairs are displayed.

Select Save on the Configuration toolbar to save the application settings changes.

Task 11: Set up a development virtual machine

In this task, you provision a virtual machine (VM) in Azure. The VM image used has the latest version of Visual Studio Community 2019 installed.

In the Azure portal, select the Show portal menu icon and then select +Create a resource from the menu.

The Show portal menu icon is highlighted, and the portal menu is displayed. Create a resource is highlighted in the portal menu.
Enter “visual studio 2019” into the Search the Marketplace box and then select Visual Studio 2019 Latest from the results.

“Visual studio 2019” is entered into the Search the Marketplace box. Visual Studio 2019 latest is selected in the results.
On the Visual Studio 2019 Latest blade, select Visual Studio 2019 Community (latest release) on Windows Server 2019 (x64) from the Select a software plan drop-down list, and then select Create.

On the Visual Studio 2019 Latest blade, Visual Studio 2019 Community (latest release) on Windows Server 2019 (x64) is highlighted in the Select a software plan drop-down list.
On the Create a virtual machine Basics tab, set the following configuration:
- Project Details:
  - Subscription: Select the subscription you are using for this hands-on lab.
  - Resource Group: Select the hands-on-lab-SUFFIX resource group from the list of existing resource groups.
- Instance Details:
  - Virtual machine name: Enter LabVM.
  - Region: Select the region you are using for resources in this hands-on lab.
  - Availability options: Select no infrastructure redundancy required.
  - Image: Leave Visual Studio 2019 Community (latest release) on Windows Server 2019 (x64) selected.
  - Azure Spot instance: Select No.
  - Size: Accept the default size of Standard_D4s_v3.
- Administrator Account:
  - Username: Enter demouser.
  - Password: Enter Password.1!!
- Inbound Port Rules:
  - Public inbound ports: Choose Allow selected ports.
  - Select inbound ports: Select RDP (3389) in the list.
Screenshot of the Basics tab, with fields set to the previously mentioned settings.

Note: Default settings are used for the remaining tabs so that they can be skipped.
Select Review + create to validate the configuration.
On the Review + create tab, ensure the Validation passed message is displayed, and then select Create to provision the virtual machine.

The Review + create tab is displayed, with a Validation passed message.
It takes approximately 5 minutes for the VM to finish provisioning.

Task 12: Connect to the Lab VM

In this task, you create an RDP connection to your Lab virtual machine (VM).

In the Azure portal, select Resource groups from the Azure services list.

Resource groups is highlighted in the Azure services list.
Select the hands-on-lab-SUFFIX resource group from the list.

The “hands-on-lab-SUFFIX” resource group is highlighted.
In the list of resources within your resource group, select the LabVM Virtual machine resource.

The list of resources in the hands-on-lab-SUFFIX resource group are displayed, and LabVM is highlighted.
On your LabVM blade, select Connect and RDP from the top menu.

The LabVM blade is displayed, with the Connect button highlighted in the top menu.
On the Connect to virtual machine blade, select Download RDP File, then open the downloaded RDP file.

The Connect to virtual machine blade is displayed, and the Download RDP File button is highlighted.
Select Connect on the Remote Desktop Connection dialog.

In the Remote Desktop Connection Dialog Box, the Connect button is highlighted.
Enter the following credentials when prompted, and then select OK:
- Username: demouser
- Password: Password.1!!
The credentials specified above are entered into the Enter your credentials dialog.
Select Yes to connect if prompted that the remote computer’s identity cannot be verified.

In the Remote Desktop Connection dialog box, a warning states that the remote computer’s identity cannot be verified and asks if you want to continue anyway. At the bottom, the Yes button is highlighted.

Task 13: Disable Internet Explorer Enhanced Security

In this task, you disable Internet Explorer Enhanced Security Configuration (IE ESC) on the LabVM.

Note: Sometimes this Visual Studio 2019 Latest image has IE ESC disabled already, and sometimes it does not.

Once logged in, launch the Server Manager. This should start automatically, but you can access it via the Start menu if it does not.
Select Local Server, then select On next to IE Enhanced Security Configuration.

Screenshot of the Server Manager. In the left pane, Local Server is selected. In the right, Properties (For LabVM) pane, the IE Enhanced Security Configuration, which is set to On, is highlighted.
In the Internet Explorer Enhanced Security Configuration dialog, select Off under both Administrators and Users, and then select OK.

Screenshot of the Internet Explorer Enhanced Security Configuration dialog box, with Administrators set to Off.
You can close the Server Manager but leave the connection to the LabVM open for the next task.

Task 14: Install required software on the LabVM

In this task, you configure the LabVM with the required software and downloads. First, you download and install the Microsoft Edge web browser. Next, you download a copy of the Visual Studio starter solution and unzip it into a folder named C:\ServerlessMCW.

Note: Some aspects of this lab require using the new Microsoft Edge (Chromium edition) browser. You may find yourself blocked if using Internet Explorer later in the lab, as Internet Explorer is not supported for some specific activities.

To install Microsoft Edge, launch Internet Explorer on the VM and download Microsoft Edge.
Run the downloaded installer and follow the setup instruction.
Next, download a copy of the Serverless Architecture MCW GitHub repo.
Extract the download ZIP file to C:\ServerlessMCW.

$The Extract Compressed Folders dialog is displayed, with C:\ServerlessMCW entered into the extraction location.$
The Extract Compressed Folders dialog is displayed, with C:\ServerlessMCW entered into the extraction location.