Azure VM

Add tags

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Add tags to a VM.

Inputs

フィールド

種類

説明

resourceGroupName [required]

string

subscriptionId [required]

string

virtualMachineName [required]

string

tags [required]

Outputs

Expand All

フィールド

種類

説明

virtualMachine

object

Describes a Virtual Machine.

id

string

Resource Id NOTE: This property will not be serialized. It can only be populated by the server.

name

string

Resource name NOTE: This property will not be serialized. It can only be populated by the server.

type

string

Resource type NOTE: This property will not be serialized. It can only be populated by the server.

location [required]

string

Resource location

tags

object

Resource tags

plan

object

Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. In the Azure portal, find the marketplace image that you want to use and then click Want to deploy programmatically, Get Started ->. Enter any required information and then click Save.

name

string

The plan ID.

publisher

string

The publisher ID.

product

string

Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.

promotionCode

string

The promotion code.

resources

[object]

The virtual machine child extension resources. NOTE: This property will not be serialized. It can only be populated by the server.

location

string

Resource location

id

string

Resource Id NOTE: This property will not be serialized. It can only be populated by the server.

name

string

Resource name NOTE: This property will not be serialized. It can only be populated by the server.

type

string

Resource type NOTE: This property will not be serialized. It can only be populated by the server.

tags

object

Resource tags

forceUpdateTag

string

How the extension handler should be forced to update even if the extension configuration has not changed.

publisher

string

The name of the extension handler publisher.

typePropertiesType

string

Specifies the type of the extension; an example is "CustomScriptExtension".

typeHandlerVersion

string

Specifies the version of the script handler.

autoUpgradeMinorVersion

boolean

Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true.

enableAutomaticUpgrade

boolean

Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available.

settings

Json formatted public settings for the extension.

protectedSettings

The extension can contain either protectedSettings or protectedSettingsFromKeyVault or no protected settings at all.

provisioningState

string

The provisioning state, which only appears in the response. NOTE: This property will not be serialized. It can only be populated by the server.

instanceView

object

The virtual machine extension instance view.

name

string

The virtual machine extension name.

type

string

Specifies the type of the extension; an example is "CustomScriptExtension".

typeHandlerVersion

string

Specifies the version of the script handler.

substatuses

[object]

The resource status information.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

statuses

[object]

The resource status information.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

suppressFailures

boolean

Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false.

protectedSettingsFromKeyVault

object

The extensions protected settings that are passed by reference, and consumed from key vault

secretUrl [required]

string

The URL referencing a secret in a Key Vault.

sourceVault [required]

object

The relative URL of the Key Vault containing the secret.

id

string

Resource Id

provisionAfterExtensions

[string]

Collection of extension names after which this extension needs to be provisioned.

identity

object

The identity of the virtual machine, if configured.

principalId

string

The principal id of virtual machine identity. This property will only be provided for a system assigned identity. NOTE: This property will not be serialized. It can only be populated by the server.

tenantId

string

The tenant id associated with the virtual machine. This property will only be provided for a system assigned identity. NOTE: This property will not be serialized. It can only be populated by the server.

type

enum

The type of identity used for the virtual machine. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. Allowed enum values: SystemAssigned,UserAssigned,SystemAssigned, UserAssigned,None

userAssignedIdentities

object

The list of user identities associated with the Virtual Machine. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

zones

[string]

The virtual machine zones.

extendedLocation

object

The extended location of the Virtual Machine.

name

string

The name of the extended location.

type

string

The type of the extended location.

hardwareProfile

object

Specifies the hardware settings for the virtual machine.

vmSize

string

Specifies the size of the virtual machine. The enum data type is currently deprecated and will be removed by December 23rd 2023. The recommended way to get the list of available sizes is using these APIs: List all available virtual machine sizes in an availability set, List all available virtual machine sizes in a region, List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set.

vmSizeProperties

object

Specifies the properties for customizing the size of the virtual machine. Minimum api-version: 2021-07-01. This feature is still in preview mode and is not supported for VirtualMachineScaleSet. Please follow the instructions in VM Customization for more details.

vCPUsAvailable

number

Specifies the number of vCPUs available for the VM. When this property is not specified in the request body the default behavior is to set it to the value of vCPUs available for that VM size exposed in api response of List all available virtual machine sizes in a region.

vCPUsPerCore

number

Specifies the vCPU to physical core ratio. When this property is not specified in the request body the default behavior is set to the value of vCPUsPerCore for the VM Size exposed in api response of List all available virtual machine sizes in a region. Setting this property to 1 also means that hyper-threading is disabled.

storageProfile

object

Specifies the storage settings for the virtual machine disks.

imageReference

object

Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations.

id

string

Resource Id

publisher

string

The image publisher.

offer

string

Specifies the offer of the platform image or marketplace image used to create the virtual machine.

sku

string

The image SKU.

version

string

Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. Please do not use field 'version' for gallery image deployment, gallery image should always use 'id' field for deployment, to use 'latest' version of gallery image, just set '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/galleries/{galleryName}/images/{imageName}' in the 'id' field without version input.

exactVersion

string

Specifies in decimal numbers, the version of platform image or marketplace image used to create the virtual machine. This readonly field differs from 'version', only if the value specified in 'version' field is 'latest'. NOTE: This property will not be serialized. It can only be populated by the server.

sharedGalleryImageId

string

Specified the shared gallery image unique id for vm deployment. This can be fetched from shared gallery image GET call.

communityGalleryImageId

string

Specified the community gallery image unique id for vm deployment. This can be fetched from community gallery image GET call.

osDisk

object

Specifies information about the operating system disk used by the virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines.

osType

enum

This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD. Possible values are: Windows, Linux. Allowed enum values: Windows,Linux

encryptionSettings

object

Specifies the encryption settings for the OS Disk. Minimum api-version: 2015-06-15.

diskEncryptionKey

object

Specifies the location of the disk encryption key, which is a Key Vault Secret.

secretUrl [required]

string

The URL referencing a secret in a Key Vault.

sourceVault [required]

object

The relative URL of the Key Vault containing the secret.

id

string

Resource Id

keyEncryptionKey

object

Specifies the location of the key encryption key in Key Vault.

keyUrl [required]

string

The URL referencing a key encryption key in Key Vault.

sourceVault [required]

object

The relative URL of the Key Vault containing the key.

id

string

Resource Id

enabled

boolean

Specifies whether disk encryption should be enabled on the virtual machine.

name

string

The disk name.

vhd

object

The virtual hard disk.

uri

string

Specifies the virtual hard disk's uri.

image

object

The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist.

uri

string

Specifies the virtual hard disk's uri.

caching

enum

Specifies the caching requirements. Possible values are: None, ReadOnly, ReadWrite. The defaulting behavior is: None for Standard storage. ReadOnly for Premium storage. Allowed enum values: None,ReadOnly,ReadWrite

writeAcceleratorEnabled

boolean

Specifies whether writeAccelerator should be enabled or disabled on the disk.

diffDiskSettings

object

Specifies the ephemeral Disk Settings for the operating system disk used by the virtual machine.

option

string

Specifies the ephemeral disk settings for operating system disk.

placement

string

Specifies the ephemeral disk placement for operating system disk. Possible values are: CacheDisk, ResourceDisk. The defaulting behavior is: CacheDisk if one is configured for the VM size otherwise ResourceDisk is used. Refer to the VM size documentation for Windows VM at https://docs.microsoft.com/azure/virtual-machines/windows/sizes and Linux VM at https://docs.microsoft.com/azure/virtual-machines/linux/sizes to check which VM sizes exposes a cache disk.

createOption [required]

string

Specifies how the virtual machine should be created. Possible values are: Attach. This value is used when you are using a specialized disk to create the virtual machine. FromImage. This value is used when you are using an image to create the virtual machine. If you are using a platform image, you should also use the imageReference element described above. If you are using a marketplace image, you should also use the plan element previously described.

diskSizeGB

number

Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. The property 'diskSizeGB' is the number of bytes x 1024^3 for the disk and the value cannot be larger than 1023.

managedDisk

object

The managed disk parameters.

id

string

Resource Id

storageAccountType

string

Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk.

diskEncryptionSet

object

Specifies the customer managed disk encryption set resource id for the managed disk.

id

string

Resource Id

securityProfile

object

Specifies the security profile for the managed disk.

securityEncryptionType

string

Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, and VMGuestStateOnly for encryption of just the VMGuestState blob. Note: It can be set for only Confidential VMs.

diskEncryptionSet

object

Specifies the customer managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob.

id

string

Resource Id

deleteOption

string

Specifies whether OS Disk should be deleted or detached upon VM deletion. Possible values are: Delete. If this value is used, the OS disk is deleted when VM is deleted. Detach. If this value is used, the os disk is retained after VM is deleted. The default value is set to Detach. For an ephemeral OS Disk, the default value is set to Delete. The user cannot change the delete option for an ephemeral OS Disk.

dataDisks

[object]

Specifies the parameters that are used to add a data disk to a virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines.

lun [required]

number

Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM.

name

string

The disk name.

vhd

object

The virtual hard disk.

uri

string

Specifies the virtual hard disk's uri.

image

object

The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist.

uri

string

Specifies the virtual hard disk's uri.

caching

enum

Specifies the caching requirements. Possible values are: None, ReadOnly, ReadWrite. The defaulting behavior is: None for Standard storage. ReadOnly for Premium storage. Allowed enum values: None,ReadOnly,ReadWrite

writeAcceleratorEnabled

boolean

Specifies whether writeAccelerator should be enabled or disabled on the disk.

createOption [required]

string

Specifies how the virtual machine should be created. Possible values are: Attach. This value is used when you are using a specialized disk to create the virtual machine. FromImage. This value is used when you are using an image to create the virtual machine. If you are using a platform image, you should also use the imageReference element described above. If you are using a marketplace image, you should also use the plan element previously described.

diskSizeGB

number

Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. The property 'diskSizeGB' is the number of bytes x 1024^3 for the disk and the value cannot be larger than 1023.

managedDisk

object

The managed disk parameters.

id

string

Resource Id

storageAccountType

string

Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk.

diskEncryptionSet

object

Specifies the customer managed disk encryption set resource id for the managed disk.

id

string

Resource Id

securityProfile

object

Specifies the security profile for the managed disk.

securityEncryptionType

string

Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, and VMGuestStateOnly for encryption of just the VMGuestState blob. Note: It can be set for only Confidential VMs.

diskEncryptionSet

object

Specifies the customer managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob.

id

string

Resource Id

toBeDetached

boolean

Specifies whether the data disk is in process of detachment from the VirtualMachine/VirtualMachineScaleset

diskIopsReadWrite

number

Specifies the Read-Write IOPS for the managed disk when StorageAccountType is UltraSSD_LRS. Returned only for VirtualMachine ScaleSet VM disks. Can be updated only via updates to the VirtualMachine Scale Set. NOTE: This property will not be serialized. It can only be populated by the server.

diskMBpsReadWrite

number

Specifies the bandwidth in MB per second for the managed disk when StorageAccountType is UltraSSD_LRS. Returned only for VirtualMachine ScaleSet VM disks. Can be updated only via updates to the VirtualMachine Scale Set. NOTE: This property will not be serialized. It can only be populated by the server.

detachOption

string

Specifies the detach behavior to be used while detaching a disk or which is already in the process of detachment from the virtual machine. Supported values: ForceDetach. detachOption: ForceDetach is applicable only for managed data disks. If a previous detachment attempt of the data disk did not complete due to an unexpected failure from the virtual machine and the disk is still not released then use force-detach as a last resort option to detach the disk forcibly from the VM. All writes might not have been flushed when using this detach behavior. This feature is still in preview mode and is not supported for VirtualMachineScaleSet. To force-detach a data disk update toBeDetached to 'true' along with setting detachOption: 'ForceDetach'.

deleteOption

string

Specifies whether data disk should be deleted or detached upon VM deletion. Possible values are: Delete. If this value is used, the data disk is deleted when VM is deleted. Detach. If this value is used, the data disk is retained after VM is deleted. The default value is set to Detach.

diskControllerType

string

Specifies the disk controller type configured for the VM. Note: This property will be set to the default disk controller type if not specified provided virtual machine is being created with 'hyperVGeneration' set to V2 based on the capabilities of the operating system disk and VM size from the the specified minimum api version. You need to deallocate the VM before updating its disk controller type unless you are updating the VM size in the VM configuration which implicitly deallocates and reallocates the VM. Minimum api-version: 2022-08-01.

additionalCapabilities

object

Specifies additional capabilities enabled or disabled on the virtual machine.

ultraSSDEnabled

boolean

The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled.

hibernationEnabled

boolean

The flag that enables or disables hibernation capability on the VM.

osProfile

object

Specifies the operating system settings used while creating the virtual machine. Some of the settings cannot be changed once VM is provisioned.

computerName

string

Specifies the host OS name of the virtual machine. This name cannot be updated after the VM is created. Max-length (Windows): 15 characters. Max-length (Linux): 64 characters. For naming conventions and restrictions see Azure infrastructure services implementation guidelines.

adminUsername

string

Specifies the name of the administrator account.

This property cannot be updated after the VM is created.

Windows-only restriction: Cannot end in "."

Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5".

Minimum-length (Linux): 1 character

Max-length (Linux): 64 characters

Max-length (Windows): 20 characters.

adminPassword

string

Specifies the password of the administrator account.

Minimum-length (Windows): 8 characters

Minimum-length (Linux): 6 characters

Max-length (Windows): 123 characters

Max-length (Linux): 72 characters

Complexity requirements: 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\W_])

Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"

For resetting the password, see How to reset the Remote Desktop service or its login password in a Windows VM

For resetting root password, see Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension

customData

string

Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. Note: Do not pass any secrets or passwords in customData property. This property cannot be updated after the VM is created. The property 'customData' is passed to the VM to be saved as a file, for more information see Custom Data on Azure VMs. For using cloud-init for your Linux VM, see Using cloud-init to customize a Linux VM during creation.

windowsConfiguration

object

Specifies Windows operating system settings on the virtual machine.

provisionVMAgent

boolean

Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, it is set to true by default. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.

enableAutomaticUpdates

boolean

Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true. For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning.

timeZone

string

Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time". Possible values can be TimeZoneInfo.Id value from time zones returned by TimeZoneInfo.GetSystemTimeZones.

additionalUnattendContent

[object]

Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup.

passName

string

The pass name. Currently, the only allowable value is OobeSystem.

componentName

string

The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup.

settingName

enum

Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. Allowed enum values: AutoLogon,FirstLogonCommands

content

string

Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted.

patchSettings

object

[Preview Feature] Specifies settings related to VM Guest Patching on Windows.

patchMode

string

Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible.

Possible values are:

Manual - You control the application of patches to a virtual machine. You do this by applying patches manually inside the VM. In this mode, automatic updates are disabled; the property WindowsConfiguration.enableAutomaticUpdates must be false

AutomaticByOS - The virtual machine will automatically be updated by the OS. The property WindowsConfiguration.enableAutomaticUpdates must be true.

AutomaticByPlatform - the virtual machine will automatically updated by the platform. The properties provisionVMAgent and WindowsConfiguration.enableAutomaticUpdates must be true

enableHotpatching

boolean

Enables customers to patch their Azure VMs without requiring a reboot. For enableHotpatching, the 'provisionVMAgent' must be set to true and 'patchMode' must be set to 'AutomaticByPlatform'.

assessmentMode

string

Specifies the mode of VM Guest patch assessment for the IaaS virtual machine.

Possible values are:

ImageDefault - You control the timing of patch assessments on a virtual machine.

AutomaticByPlatform - The platform will trigger periodic patch assessments. The property provisionVMAgent must be true.

automaticByPlatformSettings

object

Specifies additional settings for patch mode AutomaticByPlatform in VM Guest Patching on Windows.

rebootSetting

string

Specifies the reboot setting for all AutomaticByPlatform patch installation operations.

bypassPlatformSafetyChecksOnUserSchedule

boolean

Enables customer to schedule patching without accidental upgrades

winRM

object

Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell.

listeners

[object]

The list of Windows Remote Management listeners

protocol

enum

Specifies the protocol of WinRM listener. Possible values are: http, https. Allowed enum values: Http,Https

certificateUrl

string

This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be the Base64 encoding of the following JSON Object which is encoded in UTF-8:

{
"data":"",
"dataType":"pfx",
"password":""
}
To install certificates on a virtual machine it is recommended to use the Azure Key Vault virtual machine extension for Linux or the Azure Key Vault virtual machine extension for Windows.

enableVMAgentPlatformUpdates

boolean

Indicates whether VMAgent Platform Updates is enabled for the Windows virtual machine. Default value is false.

linuxConfiguration

object

Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions.

disablePasswordAuthentication

boolean

Specifies whether password authentication should be disabled.

ssh

object

Specifies the ssh key configuration for a Linux OS.

publicKeys

[object]

The list of SSH public keys used to authenticate with linux based VMs.

path

string

Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys

keyData

string

SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format. For creating ssh keys, see [Create SSH keys on Linux and Mac for Linux VMs in Azure]https://docs.microsoft.com/azure/virtual-machines/linux/create-ssh-keys-detailed).

provisionVMAgent

boolean

Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.

patchSettings

object

[Preview Feature] Specifies settings related to VM Guest Patching on Linux.

patchMode

string

Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible.

Possible values are:

ImageDefault - The virtual machine's default patching configuration is used.

AutomaticByPlatform - The virtual machine will be automatically updated by the platform. The property provisionVMAgent must be true

assessmentMode

string

Specifies the mode of VM Guest Patch Assessment for the IaaS virtual machine.

Possible values are:

ImageDefault - You control the timing of patch assessments on a virtual machine.

AutomaticByPlatform - The platform will trigger periodic patch assessments. The property provisionVMAgent must be true.

automaticByPlatformSettings

object

Specifies additional settings for patch mode AutomaticByPlatform in VM Guest Patching on Linux.

rebootSetting

string

Specifies the reboot setting for all AutomaticByPlatform patch installation operations.

bypassPlatformSafetyChecksOnUserSchedule

boolean

Enables customer to schedule patching without accidental upgrades

enableVMAgentPlatformUpdates

boolean

Indicates whether VMAgent Platform Updates is enabled for the Linux virtual machine. Default value is false.

secrets

[object]

Specifies set of certificates that should be installed onto the virtual machine. To install certificates on a virtual machine it is recommended to use the Azure Key Vault virtual machine extension for Linux or the Azure Key Vault virtual machine extension for Windows.

sourceVault

object

The relative URL of the Key Vault containing all of the certificates in VaultCertificates.

id

string

Resource Id

vaultCertificates

[object]

The list of key vault references in SourceVault which contain certificates.

certificateUrl

string

This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

{
"data":"",
"dataType":"pfx",
"password":""
}
To install certificates on a virtual machine it is recommended to use the Azure Key Vault virtual machine extension for Linux or the Azure Key Vault virtual machine extension for Windows.

certificateStore

string

For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account. For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted.

allowExtensionOperations

boolean

Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine.

requireGuestProvisionSignal

boolean

Optional property which must either be set to True or omitted.

networkProfile

object

Specifies the network interfaces of the virtual machine.

networkInterfaces

[object]

Specifies the list of resource Ids for the network interfaces associated with the virtual machine.

id

string

Resource Id

primary

boolean

Specifies the primary network interface in case the virtual machine has more than 1 network interface.

deleteOption

string

Specify what happens to the network interface when the VM is deleted

networkApiVersion

string

specifies the Microsoft.Network API version used when creating networking resources in the Network Interface Configurations

networkInterfaceConfigurations

[object]

Specifies the networking configurations that will be used to create the virtual machine networking resources.

name [required]

string

The network interface configuration name.

primary

boolean

Specifies the primary network interface in case the virtual machine has more than 1 network interface.

deleteOption

string

Specify what happens to the network interface when the VM is deleted

enableAcceleratedNetworking

boolean

Specifies whether the network interface is accelerated networking-enabled.

disableTcpStateTracking

boolean

Specifies whether the network interface is disabled for tcp state tracking.

enableFpga

boolean

Specifies whether the network interface is FPGA networking-enabled.

enableIPForwarding

boolean

Whether IP forwarding enabled on this NIC.

networkSecurityGroup

object

The network security group.

id

string

Resource Id

dnsSettings

object

The dns settings to be applied on the network interfaces.

dnsServers

[string]

List of DNS servers IP addresses

ipConfigurations

[object]

Specifies the IP configurations of the network interface.

name [required]

string

The IP configuration name.

subnet

object

Specifies the identifier of the subnet.

id

string

Resource Id

primary

boolean

Specifies the primary network interface in case the virtual machine has more than 1 network interface.

publicIPAddressConfiguration

object

The publicIPAddressConfiguration.

name [required]

string

The publicIP address configuration name.

sku

object

Describes the public IP Sku. It can only be set with OrchestrationMode as Flexible.

name

string

Specify public IP sku name

tier

string

Specify public IP sku tier

idleTimeoutInMinutes

number

The idle timeout of the public IP address.

deleteOption

string

Specify what happens to the public IP address when the VM is deleted

dnsSettings

object

The dns settings to be applied on the publicIP addresses .

domainNameLabel [required]

string

The Domain name label prefix of the PublicIPAddress resources that will be created. The generated name label is the concatenation of the domain name label and vm network profile unique ID.

ipTags

[object]

The list of IP tags associated with the public IP address.

ipTagType

string

IP tag type. Example: FirstPartyUsage.

tag

string

IP tag associated with the public IP. Example: SQL, Storage etc.

publicIPPrefix

object

The PublicIPPrefix from which to allocate publicIP addresses.

id

string

Resource Id

publicIPAddressVersion

string

Available from Api-Version 2019-07-01 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. Possible values are: 'IPv4' and 'IPv6'.

publicIPAllocationMethod

string

Specify the public IP allocation type

privateIPAddressVersion

string

Available from Api-Version 2017-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. Possible values are: 'IPv4' and 'IPv6'.

applicationSecurityGroups

[object]

Specifies an array of references to application security group.

id

string

Resource Id

applicationGatewayBackendAddressPools

[object]

Specifies an array of references to backend address pools of application gateways. A virtual machine can reference backend address pools of multiple application gateways. Multiple virtual machines cannot use the same application gateway.

id

string

Resource Id

loadBalancerBackendAddressPools

[object]

Specifies an array of references to backend address pools of load balancers. A virtual machine can reference backend address pools of one public and one internal load balancer. [Multiple virtual machines cannot use the same basic sku load balancer].

id

string

Resource Id

dscpConfiguration

object

id

string

Resource Id

securityProfile

object

Specifies the Security related profile settings for the virtual machine.

uefiSettings

object

Specifies the security settings like secure boot and vTPM used while creating the virtual machine. Minimum api-version: 2020-12-01.

secureBootEnabled

boolean

Specifies whether secure boot should be enabled on the virtual machine. Minimum api-version: 2020-12-01.

vTpmEnabled

boolean

Specifies whether vTPM should be enabled on the virtual machine. Minimum api-version: 2020-12-01.

encryptionAtHost

boolean

This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine or virtual machine scale set. This will enable the encryption for all the disks including Resource/Temp disk at host itself. The default behavior is: The Encryption at host will be disabled unless this property is set to true for the resource.

securityType

string

Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set.

diagnosticsProfile

object

Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15.

bootDiagnostics

object

Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. NOTE: If storageUri is being specified then ensure that the storage account is in the same region and subscription as the VM. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor.

enabled

boolean

Whether boot diagnostics should be enabled on the Virtual Machine.

storageUri

string

Uri of the storage account to use for placing the console output and screenshot. If storageUri is not specified while enabling boot diagnostics, managed storage will be used.

availabilitySet

object

Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see Availability sets overview. For more information on Azure planned maintenance, see Maintenance and updates for Virtual Machines in Azure. Currently, a VM can only be added to availability set at creation time. The availability set to which the VM is being added should be under the same resource group as the availability set resource. An existing VM cannot be added to an availability set. This property cannot exist along with a non-null properties.virtualMachineScaleSet reference.

id

string

Resource Id

virtualMachineScaleSet

object

Specifies information about the virtual machine scale set that the virtual machine should be assigned to. Virtual machines specified in the same virtual machine scale set are allocated to different nodes to maximize availability. Currently, a VM can only be added to virtual machine scale set at creation time. An existing VM cannot be added to a virtual machine scale set. This property cannot exist along with a non-null properties.availabilitySet reference. Minimum api‐version: 2019‐03‐01.

id

string

Resource Id

proximityPlacementGroup

object

Specifies information about the proximity placement group that the virtual machine should be assigned to. Minimum api-version: 2018-04-01.

id

string

Resource Id

priority

string

Specifies the priority for the virtual machine. Minimum api-version: 2019-03-01

evictionPolicy

string

Specifies the eviction policy for the Azure Spot virtual machine and Azure Spot scale set. For Azure Spot virtual machines, both 'Deallocate' and 'Delete' are supported and the minimum api-version is 2019-03-01. For Azure Spot scale sets, both 'Deallocate' and 'Delete' are supported and the minimum api-version is 2017-10-30-preview.

billingProfile

object

Specifies the billing related details of a Azure Spot virtual machine. Minimum api-version: 2019-03-01.

maxPrice

number

Specifies the maximum price you are willing to pay for a Azure Spot VM/VMSS. This price is in US Dollars.

This price will be compared with the current Azure Spot price for the VM size. Also, the prices are compared at the time of create/update of Azure Spot VM/VMSS and the operation will only succeed if the maxPrice is greater than the current Azure Spot price.

The maxPrice will also be used for evicting a Azure Spot VM/VMSS if the current Azure Spot price goes beyond the maxPrice after creation of VM/VMSS.

Possible values are:

- Any decimal value greater than zero. Example: 0.01538

-1 – indicates default price to be up-to on-demand.

You can set the maxPrice to -1 to indicate that the Azure Spot VM/VMSS should not be evicted for price reasons. Also, the default max price is -1 if it is not provided by you.

Minimum api-version: 2019-03-01.

host

object

Specifies information about the dedicated host that the virtual machine resides in. Minimum api-version: 2018-10-01.

id

string

Resource Id

hostGroup

object

Specifies information about the dedicated host group that the virtual machine resides in. Note: User cannot specify both host and hostGroup properties. Minimum api-version: 2020-06-01.

id

string

Resource Id

provisioningState

string

The provisioning state, which only appears in the response. NOTE: This property will not be serialized. It can only be populated by the server.

instanceView

object

The virtual machine instance view. NOTE: This property will not be serialized. It can only be populated by the server.

platformUpdateDomain

number

Specifies the update domain of the virtual machine.

platformFaultDomain

number

Specifies the fault domain of the virtual machine.

computerName

string

The computer name assigned to the virtual machine.

osName

string

The Operating System running on the virtual machine.

osVersion

string

The version of Operating System running on the virtual machine.

hyperVGeneration

string

Specifies the HyperVGeneration Type associated with a resource

rdpThumbPrint

string

The Remote desktop certificate thumbprint.

vmAgent

object

The VM Agent running on the virtual machine.

vmAgentVersion

string

The VM Agent full version.

extensionHandlers

[object]

The virtual machine extension handler instance view.

type

string

Specifies the type of the extension; an example is "CustomScriptExtension".

typeHandlerVersion

string

Specifies the version of the script handler.

status

object

The extension handler status.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

statuses

[object]

The resource status information.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

maintenanceRedeployStatus

object

The Maintenance Operation status on the virtual machine.

isCustomerInitiatedMaintenanceAllowed

boolean

True, if customer is allowed to perform Maintenance.

preMaintenanceWindowStartTime

date-time

Start Time for the Pre Maintenance Window.

preMaintenanceWindowEndTime

date-time

End Time for the Pre Maintenance Window.

maintenanceWindowStartTime

date-time

Start Time for the Maintenance Window.

maintenanceWindowEndTime

date-time

End Time for the Maintenance Window.

lastOperationResultCode

enum

The Last Maintenance Operation Result Code. Allowed enum values: None,RetryLater,MaintenanceAborted,MaintenanceCompleted

lastOperationMessage

string

Message returned for the last Maintenance Operation.

disks

[object]

The virtual machine disk information.

name

string

The disk name.

encryptionSettings

[object]

Specifies the encryption settings for the OS Disk.

Minimum api-version: 2015-06-15

diskEncryptionKey

object

Specifies the location of the disk encryption key, which is a Key Vault Secret.

secretUrl [required]

string

The URL referencing a secret in a Key Vault.

sourceVault [required]

object

The relative URL of the Key Vault containing the secret.

id

string

Resource Id

keyEncryptionKey

object

Specifies the location of the key encryption key in Key Vault.

keyUrl [required]

string

The URL referencing a key encryption key in Key Vault.

sourceVault [required]

object

The relative URL of the Key Vault containing the key.

id

string

Resource Id

enabled

boolean

Specifies whether disk encryption should be enabled on the virtual machine.

statuses

[object]

The resource status information.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

extensions

[object]

The extensions information.

name

string

The virtual machine extension name.

type

string

Specifies the type of the extension; an example is "CustomScriptExtension".

typeHandlerVersion

string

Specifies the version of the script handler.

substatuses

[object]

The resource status information.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

statuses

[object]

The resource status information.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

vmHealth

object

The health status for the VM. NOTE: This property will not be serialized. It can only be populated by the server.

status

object

The health status information for the VM. NOTE: This property will not be serialized. It can only be populated by the server.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

bootDiagnostics

object

Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor.

consoleScreenshotBlobUri

string

The console screenshot blob URI. Note: This will not be set if boot diagnostics is currently enabled with managed storage. NOTE: This property will not be serialized. It can only be populated by the server.

serialConsoleLogBlobUri

string

The serial console log blob Uri. Note: This will not be set if boot diagnostics is currently enabled with managed storage. NOTE: This property will not be serialized. It can only be populated by the server.

status

object

The boot diagnostics status information for the VM. Note: It will be set only if there are errors encountered in enabling boot diagnostics. NOTE: This property will not be serialized. It can only be populated by the server.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

assignedHost

string

Resource id of the dedicated host, on which the virtual machine is allocated through automatic placement, when the virtual machine is associated with a dedicated host group that has automatic placement enabled. Minimum api-version: 2020-06-01. NOTE: This property will not be serialized. It can only be populated by the server.

statuses

[object]

The resource status information.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

patchStatus

object

[Preview Feature] The status of virtual machine patch operations.

availablePatchSummary

object

The available patch summary of the latest assessment operation for the virtual machine.

status

string

The overall success or failure status of the operation. It remains "InProgress" until the operation completes. At that point it will become "Unknown", "Failed", "Succeeded", or "CompletedWithWarnings." NOTE: This property will not be serialized. It can only be populated by the server.

assessmentActivityId

string

The activity ID of the operation that produced this result. It is used to correlate across CRP and extension logs. NOTE: This property will not be serialized. It can only be populated by the server.

rebootPending

boolean

The overall reboot status of the VM. It will be true when partially installed patches require a reboot to complete installation but the reboot has not yet occurred. NOTE: This property will not be serialized. It can only be populated by the server.

criticalAndSecurityPatchCount

number

The number of critical or security patches that have been detected as available and not yet installed. NOTE: This property will not be serialized. It can only be populated by the server.

otherPatchCount

number

The number of all available patches excluding critical and security. NOTE: This property will not be serialized. It can only be populated by the server.

startTime

date-time

The UTC timestamp when the operation began. NOTE: This property will not be serialized. It can only be populated by the server.

lastModifiedTime

date-time

The UTC timestamp when the operation began. NOTE: This property will not be serialized. It can only be populated by the server.

error

object

The errors that were encountered during execution of the operation. The details array contains the list of them. NOTE: This property will not be serialized. It can only be populated by the server.

details

[object]

The Api error details

code

string

The error code.

target

string

The target of the particular error.

message

string

The error message.

innererror

object

The Api inner error

exceptiontype

string

The exception type.

errordetail

string

The internal error message or exception dump.

code

string

The error code.

target

string

The target of the particular error.

message

string

The error message.

lastPatchInstallationSummary

object

The installation summary of the latest installation operation for the virtual machine.

status

string

The overall success or failure status of the operation. It remains "InProgress" until the operation completes. At that point it will become "Unknown", "Failed", "Succeeded", or "CompletedWithWarnings." NOTE: This property will not be serialized. It can only be populated by the server.

installationActivityId

string

The activity ID of the operation that produced this result. It is used to correlate across CRP and extension logs. NOTE: This property will not be serialized. It can only be populated by the server.

maintenanceWindowExceeded

boolean

Describes whether the operation ran out of time before it completed all its intended actions NOTE: This property will not be serialized. It can only be populated by the server.

notSelectedPatchCount

number

The number of all available patches but not going to be installed because it didn't match a classification or inclusion list entry. NOTE: This property will not be serialized. It can only be populated by the server.

excludedPatchCount

number

The number of all available patches but excluded explicitly by a customer-specified exclusion list match. NOTE: This property will not be serialized. It can only be populated by the server.

pendingPatchCount

number

The number of all available patches expected to be installed over the course of the patch installation operation. NOTE: This property will not be serialized. It can only be populated by the server.

installedPatchCount

number

The count of patches that successfully installed. NOTE: This property will not be serialized. It can only be populated by the server.

failedPatchCount

number

The count of patches that failed installation. NOTE: This property will not be serialized. It can only be populated by the server.

startTime

date-time

The UTC timestamp when the operation began. NOTE: This property will not be serialized. It can only be populated by the server.

lastModifiedTime

date-time

The UTC timestamp when the operation began. NOTE: This property will not be serialized. It can only be populated by the server.

error

object

The errors that were encountered during execution of the operation. The details array contains the list of them. NOTE: This property will not be serialized. It can only be populated by the server.

details

[object]

The Api error details

code

string

The error code.

target

string

The target of the particular error.

message

string

The error message.

innererror

object

The Api inner error

exceptiontype

string

The exception type.

errordetail

string

The internal error message or exception dump.

code

string

The error code.

target

string

The target of the particular error.

message

string

The error message.

configurationStatuses

[object]

The enablement status of the specified patchMode NOTE: This property will not be serialized. It can only be populated by the server.

code

string

The status code.

level

enum

The level code. Allowed enum values: Info,Warning,Error

displayStatus

string

The short localizable label for the status.

message

string

The detailed status message, including for alerts and error messages.

time

date-time

The time of the status.

licenseType

string

Specifies that the image or disk that is being used was licensed on-premises.

Possible values for Windows Server operating system are:

Windows_Client

Windows_Server

Possible values for Linux Server operating system are:

RHEL_BYOS (for RHEL)

SLES_BYOS (for SUSE)

For more information, see Azure Hybrid Use Benefit for Windows Server

Azure Hybrid Use Benefit for Linux Server

Minimum api-version: 2015-06-15

vmId

string

Specifies the VM unique ID which is a 128-bits identifier that is encoded and stored in all Azure IaaS VMs SMBIOS and can be read using platform BIOS commands. NOTE: This property will not be serialized. It can only be populated by the server.

extensionsTimeBudget

string

Specifies the time alloted for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. The default value is 90 minutes (PT1H30M). Minimum api-version: 2020-06-01.

platformFaultDomain

number

Specifies the scale set logical fault domain into which the Virtual Machine will be created. By default, the Virtual Machine will by automatically assigned to a fault domain that best maintains balance across available fault domains. This is applicable only if the 'virtualMachineScaleSet' property of this Virtual Machine is set. The Virtual Machine Scale Set that is referenced, must have 'platformFaultDomainCount' greater than 1. This property cannot be updated once the Virtual Machine is created. Fault domain assignment can be viewed in the Virtual Machine Instance View. Minimum api‐version: 2020‐12‐01.

scheduledEventsProfile

object

Specifies Scheduled Event related configurations.

terminateNotificationProfile

object

Specifies Terminate Scheduled Event related configurations.

notBeforeTimeout

string

Configurable length of time a Virtual Machine being deleted will have to potentially approve the Terminate Scheduled Event before the event is auto approved (timed out). The configuration must be specified in ISO 8601 format, the default value is 5 minutes (PT5M)

enable

boolean

Specifies whether the Terminate Scheduled event is enabled or disabled.

osImageNotificationProfile

object

Specifies OS Image Scheduled Event related configurations.

notBeforeTimeout

string

Length of time a Virtual Machine being reimaged or having its OS upgraded will have to potentially approve the OS Image Scheduled Event before the event is auto approved (timed out). The configuration is specified in ISO 8601 format, and the value must be 15 minutes (PT15M)

enable

boolean

Specifies whether the OS Image Scheduled event is enabled or disabled.

userData

string

UserData for the VM, which must be base-64 encoded. Customer should not pass any secrets in here. Minimum api-version: 2021-03-01.

capacityReservation

object

Specifies information about the capacity reservation that is used to allocate virtual machine. Minimum api-version: 2021-04-01.

capacityReservationGroup

object

Specifies the capacity reservation group resource id that should be used for allocating the virtual machine or scaleset vm instances provided enough capacity has been reserved. Please refer to https://aka.ms/CapacityReservation for more details.

id

string

Resource Id

applicationProfile

object

Specifies the gallery applications that should be made available to the VM/VMSS.

galleryApplications

[object]

Specifies the gallery applications that should be made available to the VM/VMSS

tags

string

Optional, Specifies a passthrough value for more generic context.

order

number

Optional, Specifies the order in which the packages have to be installed

packageReferenceId [required]

string

Specifies the GalleryApplicationVersion resource id on the form of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/providers/Microsoft.Compute/galleries/{galleryName}/applications/{application}/versions/{version}

configurationReference

string

Optional, Specifies the uri to an azure blob that will replace the default configuration for the package if provided

treatFailureAsDeploymentFailure

boolean

Optional, If true, any failure for any operation in the VmApplication will fail the deployment

enableAutomaticUpgrade

boolean

If set to true, when a new Gallery Application version is available in PIR/SIG, it will be automatically updated for the VM/VMSS

timeCreated

date-time

Specifies the time at which the Virtual Machine resource was created. Minimum api-version: 2021-11-01. NOTE: This property will not be serialized. It can only be populated by the server.

status [required]

enum

The status of the requested asynchronous operation. Allowed enum values: notStarted,running,succeeded,canceled,failed

location [required]

string

The location URL. This can be used in GET requests to track the status of the requested asynchronous operation.