actions · shamil-mubarakshin · Mar 27, 2026 · Mar 10, 2026 · Mar 11, 2026 · Mar 11, 2026
diff --git a/docs/create-image-and-azure-resources.md b/docs/create-image-and-azure-resources.md
@@ -97,11 +97,20 @@ Finally, run the `GenerateResourcesAndImage` function, setting the mandatory arg
 - `SubscriptionId` - your Azure Subscription ID;
 - `ResourceGroupName` - the name of the resource group that will store the resulting artifact (e.g., "imagegen-test").
     The resource group must already exist in your Azure subscription;
-- `AzureLocation` - the location where resources will be created (e.g., "East US");
+- `AzureLocation` - the location where resources will be created (e.g., "East US").
+  This argument is required unless you use an existing build resource group via `BUILD_RG_NAME` environment variable;
 - `ImageType` - the type of image to build (valid options are "Windows2022", "Windows2025", "Ubuntu2204", "Ubuntu2404").
 
 This function automatically creates all required Azure resources and initiates the Packer image generation for the selected image type.
 
+If you want to use an existing build resource group for temporary Packer resources, set `BUILD_RG_NAME` before invoking the function.
+When `BUILD_RG_NAME` is set, do not pass `AzureLocation`.
+
+```powershell
+$env:BUILD_RG_NAME = "my-existing-build-rg"
+GenerateResourcesAndImage -SubscriptionId <subscription-id> -ResourceGroupName "imagegen-artifacts-rg" -ImageType Ubuntu2404
+```
+
 When the image is ready, you may proceed to [deployment](#generated-machine-deployment).
 
 ## Manual Image Generation Customization

diff --git a/helpers/GenerateResourcesAndImage.ps1 b/helpers/GenerateResourcesAndImage.ps1
@@ -121,7 +121,8 @@ Function GenerateResourcesAndImage {
         .PARAMETER ManagedImageName
             The name of the managed image to create. The default is "Runner-Image-{{ImageType}}".
         .PARAMETER AzureLocation
-            The Azure location where the Azure resources will be created. For example: "East US"
+            The Azure location where the Azure resources will be created. For example: "East US".
+            This parameter is required unless BUILD_RG_NAME environment variable is set.
         .PARAMETER ImageGenerationRepositoryRoot
             The root directory of the image generation repository. This is used to locate the packer template.
         .PARAMETER SecondsToWaitForServicePrincipalSetup
@@ -166,7 +167,7 @@ Function GenerateResourcesAndImage {
         [ImageType] $ImageType,
         [Parameter(Mandatory = $False)]
         [string] $ManagedImageName = "Runner-Image-$($ImageType)",
-        [Parameter(Mandatory = $True)]
+        [Parameter(Mandatory = $False)]
         [string] $AzureLocation,
         [Parameter(Mandatory = $False)]
         [string] $ImageGenerationRepositoryRoot = $pwd,
@@ -209,6 +210,18 @@ Function GenerateResourcesAndImage {
     $PackerTemplate = Get-PackerTemplate -RepositoryRoot $ImageGenerationRepositoryRoot -ImageType $ImageType
     Write-Debug "Template path: $($PackerTemplate.Path)."
 
+    $BuildResourceGroupName = $env:BUILD_RG_NAME
+    $UseExistingBuildResourceGroup = -not [string]::IsNullOrWhiteSpace($BuildResourceGroupName)
+    $UseAzureLocation = -not [string]::IsNullOrWhiteSpace($AzureLocation)
+
+    if ($UseExistingBuildResourceGroup -eq $UseAzureLocation) {
+        throw "Specify exactly one value: AzureLocation or BUILD_RG_NAME."
+    }
+
+    if ($UseExistingBuildResourceGroup) {
+        Write-Host "Using existing build resource group '$BuildResourceGroupName' from BUILD_RG_NAME."
+    }
+
     # Prepare list of allowed inbound IP addresses
     if ($RestrictToAgentIpAddress) {
         $AgentIp = (Invoke-RestMethod https://ipinfo.io/json).ip
@@ -263,22 +276,41 @@ Function GenerateResourcesAndImage {
         $validateClientSecret = ""
     }
 
-    & $PackerBinary validate `
-        "-only=$($PackerTemplate.BuildName).*" `
-        "-var=client_id=fake" `
-        "-var=client_secret=$($validateClientSecret)" `
-        "-var=oidc_request_token=fake" `
-        "-var=oidc_request_url=fake" `
-        "-var=subscription_id=$($SubscriptionId)" `
-        "-var=tenant_id=fake" `
-        "-var=location=$($AzureLocation)" `
-        "-var=image_os=$($PackerTemplate.ImageOS)" `
-        "-var=managed_image_name=$($ManagedImageName)" `
-        "-var=managed_image_resource_group_name=$($ResourceGroupName)" `
-        "-var=install_password=$($InstallPassword)" `
-        "-var=allowed_inbound_ip_addresses=$($AllowedInboundIpAddresses)" `
-        "-var=azure_tags=$($TagsJson)" `
-        $PackerTemplate.Path
+    if ($UseAzureLocation) {
+        & $PackerBinary validate `
+            "-only=$($PackerTemplate.BuildName).*" `
+            "-var=client_id=fake" `
+            "-var=client_secret=$($validateClientSecret)" `
+            "-var=oidc_request_token=fake" `
+            "-var=oidc_request_url=fake" `
+            "-var=subscription_id=$($SubscriptionId)" `
+            "-var=tenant_id=fake" `
+            "-var=location=$($AzureLocation)" `
+            "-var=image_os=$($PackerTemplate.ImageOS)" `
+            "-var=managed_image_name=$($ManagedImageName)" `
+            "-var=managed_image_resource_group_name=$($ResourceGroupName)" `
+            "-var=install_password=$($InstallPassword)" `
+            "-var=allowed_inbound_ip_addresses=$($AllowedInboundIpAddresses)" `
+            "-var=azure_tags=$($TagsJson)" `
+            $PackerTemplate.Path
+    }
+    else {
+        & $PackerBinary validate `
+            "-only=$($PackerTemplate.BuildName).*" `
+            "-var=client_id=fake" `
+            "-var=client_secret=$($validateClientSecret)" `
+            "-var=oidc_request_token=fake" `
+            "-var=oidc_request_url=fake" `
+            "-var=subscription_id=$($SubscriptionId)" `
+            "-var=tenant_id=fake" `
+            "-var=image_os=$($PackerTemplate.ImageOS)" `
+            "-var=managed_image_name=$($ManagedImageName)" `
+            "-var=managed_image_resource_group_name=$($ResourceGroupName)" `
+            "-var=install_password=$($InstallPassword)" `
+            "-var=allowed_inbound_ip_addresses=$($AllowedInboundIpAddresses)" `
+            "-var=azure_tags=$($TagsJson)" `
+            $PackerTemplate.Path
+    }
 
     if ($LastExitCode -ne 0) {
         throw "Packer template validation failed."
@@ -365,22 +397,41 @@ Function GenerateResourcesAndImage {
         Write-Debug "Service principal app id: $ServicePrincipalAppId."
         Write-Debug "Tenant id: $TenantId."
 
-        & $PackerBinary build -on-error="$($OnError)" `
-            -only "$($PackerTemplate.BuildName).*" `
-            -var "client_id=$($ServicePrincipalAppId)" `
-            -var "client_secret=$($ServicePrincipalPassword)" `
-            -var "oidc_request_token=$($env:PKR_VAR_oidc_request_token)" `
-            -var "oidc_request_url=$($env:PKR_VAR_oidc_request_url)" `
-            -var "subscription_id=$($SubscriptionId)" `
-            -var "tenant_id=$($TenantId)" `
-            -var "location=$($AzureLocation)" `
-            -var "image_os=$($PackerTemplate.ImageOS)" `
-            -var "managed_image_name=$($ManagedImageName)" `
-            -var "managed_image_resource_group_name=$($ResourceGroupName)" `
-            -var "install_password=$($InstallPassword)" `
-            -var "allowed_inbound_ip_addresses=$($AllowedInboundIpAddresses)" `
-            -var "azure_tags=$($TagsJson)" `
-            $PackerTemplate.Path
+        if ($UseAzureLocation) {
+            & $PackerBinary build -on-error="$($OnError)" `
+                -only "$($PackerTemplate.BuildName).*" `
+                -var "client_id=$($ServicePrincipalAppId)" `
+                -var "client_secret=$($ServicePrincipalPassword)" `
+                -var "oidc_request_token=$($env:PKR_VAR_oidc_request_token)" `
+                -var "oidc_request_url=$($env:PKR_VAR_oidc_request_url)" `
+                -var "subscription_id=$($SubscriptionId)" `
+                -var "tenant_id=$($TenantId)" `
+                -var "location=$($AzureLocation)" `
+                -var "image_os=$($PackerTemplate.ImageOS)" `
+                -var "managed_image_name=$($ManagedImageName)" `
+                -var "managed_image_resource_group_name=$($ResourceGroupName)" `
+                -var "install_password=$($InstallPassword)" `
+                -var "allowed_inbound_ip_addresses=$($AllowedInboundIpAddresses)" `
+                -var "azure_tags=$($TagsJson)" `
+                $PackerTemplate.Path
+        }
+        else {
+            & $PackerBinary build -on-error="$($OnError)" `
+                -only "$($PackerTemplate.BuildName).*" `
+                -var "client_id=$($ServicePrincipalAppId)" `
+                -var "client_secret=$($ServicePrincipalPassword)" `
+                -var "oidc_request_token=$($env:PKR_VAR_oidc_request_token)" `
+                -var "oidc_request_url=$($env:PKR_VAR_oidc_request_url)" `
+                -var "subscription_id=$($SubscriptionId)" `
+                -var "tenant_id=$($TenantId)" `
+                -var "image_os=$($PackerTemplate.ImageOS)" `
+                -var "managed_image_name=$($ManagedImageName)" `
+                -var "managed_image_resource_group_name=$($ResourceGroupName)" `
+                -var "install_password=$($InstallPassword)" `
+                -var "allowed_inbound_ip_addresses=$($AllowedInboundIpAddresses)" `
+                -var "azure_tags=$($TagsJson)" `
+                $PackerTemplate.Path
+        }
 
         if ($LastExitCode -ne 0) {
             throw "Failed to build image."