'Azure AVD - Add VM to host pool - custom config URLs | Json file format

I need to install sophos AV when new VM's are added to a host pool. I can't script sophos installs via AIB as the application needs dynamic data from the Sophos Cloud Management Console to generealise the image and this is a manual job.

As such I am planning to deploy Sophos when a VM is added to a host pool via "ARM Template File URL": However I have no idea how to script this .json file in order for this to work, I have googled quite a lot and this is the closer I got:

{
 "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
 "contentVersion": "1.0.0.0",
 "variables": {},
 "resources": [
     {
         "type": "Microsoft.Compute/virtualMachines/extensions",
         "apiVersion": "2018-06-01",
         "name": "[concat(parameters('vmName'),'/CustomScriptExtension')]",
         "location": "[resourceGroup().location]",
         "properties": {
             "publisher": "Microsoft.Compute",
             "type": "CustomScriptExtension",
             "typeHandlerVersion": "1.10",
             "autoUpgradeMinorVersion": true,
             "settings": {
                 "fileUris": [
                     "https://demostoracc.file.core.windows.net/scripts/sophos_install.ps1"
                 ],
                 "timestamp": 202101021
             },
             "protectedSettings": {
                 "commandToExecute": "powershell.exe -ExecutionPolicy Unrestricted -File sophos_install.ps1"
             }
         }
     }
 ]

}

But still not working.

I understand that the .json file should be stored on a blob and then the blob referenced on the AVD Post update custom configuration. enter image description here



Solution 1:[1]

Try setting the Access Level of the Blob Container to Public. (The field doesn't seem to accept SAS Tokens unfortunately, by the way)

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Yannick Janssens