Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added CVM settings for version 2021-11-01 #16622

Merged
merged 10 commits into from
Dec 16, 2021
Merged

Added CVM settings for version 2021-11-01 #16622

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
3ef4621
Added CVM settings
ms-saypaul Nov 1, 2021
ffcc8bf
added examples
ms-saypaul Nov 16, 2021
6148a91
Add CMK examples
ms-saypaul Nov 21, 2021
70617af
fixed typo
ms-saypaul Nov 21, 2021
ce20524
fixed file name
ms-saypaul Nov 21, 2021
df85823
prettier check
ms-saypaul Nov 21, 2021
025edfd
removed a br
ms-saypaul Nov 21, 2021
542f269
changed to VMDiskSecurityProfile
ms-saypaul Nov 24, 2021
ecde6f6
type as object
ms-saypaul Nov 24, 2021
6e02b49
Merge remote-tracking branch 'upstream/feature/cplat-2021-11-01' into…
ms-saypaul Nov 24, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 42 additions & 2 deletions specification/compute/resource-manager/Microsoft.Compute/stable/2021-11-01/compute.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3151,6 +3151,12 @@
},
"Create a VM from a shared gallery image": {
"$ref": "./examples/compute/CreateAVmFromASharedGalleryImage.json"
},
"Create a VM with securityType ConfidentialVM with Platform Managed Keys": {
"$ref": "./examples/compute/CreateAVmWithSecurityTypeConfidentialVM.json"
},
"Create a VM with securityType ConfidentialVM with Customer Managed Keys": {
"$ref": "./examples/compute/CreateAVmWithSecurityTypeConfidentialVMWithCustomerManagedKeys.json"
}
}
},
Expand Down Expand Up @@ -5425,6 +5431,9 @@
},
"Create a scale set with spot restore policy": {
"$ref": "./examples/compute/CreateAScaleSetWithSpotRestorePolicy.json"
},
"Create a scale set with SecurityType as ConfidentialVM": {
"$ref": "./examples/compute/CreateAScaleSetWithSecurityTypeConfidentialVM.json"
}
}
},
Expand Down Expand Up @@ -10629,6 +10638,28 @@
],
"description": "Describes the parameter of customer managed disk encryption set resource id that can be specified for disk. <br><br> NOTE: The disk encryption set resource id can only be specified for managed disk. Please refer https://aka.ms/mdssewithcmkoverview for more details."
},
"VMDiskSecurityProfile": {
"type": "object",
"properties": {
"securityEncryptionType": {
"type": "string",
"description": "Specifies the EncryptionType of the managed disk. <br> It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, and VMGuestStateOnly for encryption of just the VMGuestState blob. <br><br> NOTE: It can be set for only Confidential VMs.",
"enum": [
"VMGuestStateOnly",
"DiskWithVMGuestState"
],
"x-ms-enum": {
"name": "securityEncryptionTypes",
"modelAsString": true
}
},
"diskEncryptionSet": {
"$ref": "#/definitions/DiskEncryptionSetParameters",
"description": "Specifies the customer managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob."
}
},
"description": "Specifies the security profile settings for the managed disk. <br><br> NOTE: It can only be set for Confidential VMs"
},
"KeyVaultKeyReference": {
"properties": {
"keyUrl": {
Expand Down Expand Up @@ -10782,6 +10813,10 @@
"diskEncryptionSet": {
"$ref": "#/definitions/DiskEncryptionSetParameters",
"description": "Specifies the customer managed disk encryption set resource id for the managed disk."
},
"securityProfile": {
"$ref": "#/definitions/VMDiskSecurityProfile",
"description": "Specifies the security profile for the managed disk."
}
},
"allOf": [
Expand Down Expand Up @@ -10982,9 +11017,10 @@
},
"securityType": {
"type": "string",
"description": "Specifies the SecurityType of the virtual machine. It is set as TrustedLaunch to enable UefiSettings. <br><br> Default: UefiSettings will not be enabled unless this property is set as TrustedLaunch.",
"description": "Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. <br><br> Default: UefiSettings will not be enabled unless this property is set.",
"enum": [
"TrustedLaunch"
"TrustedLaunch",
"ConfidentialVM"
],
"x-ms-enum": {
"name": "SecurityTypes",
Expand Down Expand Up @@ -12623,6 +12659,10 @@
"diskEncryptionSet": {
"$ref": "#/definitions/DiskEncryptionSetParameters",
"description": "Specifies the customer managed disk encryption set resource id for the managed disk."
},
"securityProfile": {
"$ref": "#/definitions/VMDiskSecurityProfile",
"description": "Specifies the security profile for the managed disk."
}
},
"description": "Describes the parameters of a ScaleSet managed disk."
Expand Down
245 changes: 245 additions & 0 deletions ...ute/stable/2021-11-01/examples/compute/CreateAScaleSetWithSecurityTypeConfidentialVM.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,245 @@
{
"parameters": {
"subscriptionId": "{subscription-id}",
"resourceGroupName": "myResourceGroup",
"vmScaleSetName": "{vmss-name}",
"api-version": "2021-11-01",
"parameters": {
"sku": {
"tier": "Standard",
"capacity": 3,
"name": "Standard_DC2as_v5"
},
"properties": {
"overprovision": true,
"virtualMachineProfile": {
"storageProfile": {
"imageReference": {
"sku": "windows-cvm",
"publisher": "MicrosoftWindowsServer",
"version": "17763.2183.2109130127",
"offer": "2019-datacenter-cvm"
},
"osDisk": {
"caching": "ReadOnly",
"managedDisk": {
"storageAccountType": "StandardSSD_LRS",
"securityProfile": {
"securityEncryptionType": "VMGuestStateOnly"
}
},
"createOption": "FromImage"
}
},
"securityProfile": {
"uefiSettings": {
"secureBootEnabled": true,
"vTpmEnabled": true
},
"securityType": "ConfidentialVM"
},
"osProfile": {
"computerNamePrefix": "{vmss-name}",
"adminUsername": "{your-username}",
"adminPassword": "{your-password}"
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "{vmss-name}",
"properties": {
"primary": true,
"enableIPForwarding": true,
"ipConfigurations": [
{
"name": "{vmss-name}",
"properties": {
"subnet": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/{existing-virtual-network-name}/subnets/{existing-subnet-name}"
}
}
}
]
}
}
]
}
},
"upgradePolicy": {
"mode": "Manual"
}
},
"location": "westus"
}
},
"responses": {
"200": {
"body": {
"sku": {
"tier": "Standard",
"capacity": 3,
"name": "Standard_DC2as_v5"
},
"name": "{vmss-name}",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/{vmss-name}",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"properties": {
"singlePlacementGroup": true,
"overprovision": true,
"uniqueId": "b9e23088-6ffc-46e0-9e02-b0a6eeef47db",
"virtualMachineProfile": {
"storageProfile": {
"imageReference": {
"sku": "windows-cvm",
"publisher": "MicrosoftWindowsServer",
"version": "17763.2183.2109130127",
"offer": "2019-datacenter-cvm"
},
"osDisk": {
"caching": "ReadOnly",
"managedDisk": {
"storageAccountType": "StandardSSD_LRS",
"securityProfile": {
"securityEncryptionType": "VMGuestStateOnly"
}
},
"createOption": "FromImage"
}
},
"securityProfile": {
"uefiSettings": {
"secureBootEnabled": true,
"vTpmEnabled": true
},
"securityType": "ConfidentialVM"
},
"osProfile": {
"computerNamePrefix": "{vmss-name}",
"adminUsername": "{your-username}",
"secrets": [],
"windowsConfiguration": {
"provisionVMAgent": true,
"enableAutomaticUpdates": true
}
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "{vmss-name}",
"properties": {
"dnsSettings": {
"dnsServers": []
},
"primary": true,
"enableIPForwarding": true,
"ipConfigurations": [
{
"name": "{vmss-name}",
"properties": {
"subnet": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/nsgExistingVnet/subnets/nsgExistingSubnet"
},
"privateIPAddressVersion": "IPv4"
}
}
],
"enableAcceleratedNetworking": false
}
}
]
}
},
"upgradePolicy": {
"mode": "Manual"
},
"provisioningState": "Creating"
},
"location": "westus"
}
},
"201": {
"body": {
"sku": {
"tier": "Standard",
"capacity": 3,
"name": "Standard_DC2as_v5"
},
"name": "{vmss-name}",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/{vmss-name}",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"properties": {
"singlePlacementGroup": true,
"overprovision": true,
"uniqueId": "b9e23088-6ffc-46e0-9e02-b0a6eeef47db",
"virtualMachineProfile": {
"storageProfile": {
"imageReference": {
"sku": "windows-cvm",
"publisher": "MicrosoftWindowsServer",
"version": "17763.2183.2109130127",
"offer": "2019-datacenter-cvm"
},
"osDisk": {
"caching": "ReadOnly",
"managedDisk": {
"storageAccountType": "StandardSSD_LRS",
"securityProfile": {
"securityEncryptionType": "VMGuestStateOnly"
}
},
"createOption": "FromImage"
}
},
"securityProfile": {
"uefiSettings": {
"secureBootEnabled": true,
"vTpmEnabled": true
},
"securityType": "ConfidentialVM"
},
"osProfile": {
"computerNamePrefix": "{vmss-name}",
"adminUsername": "{your-username}",
"secrets": [],
"windowsConfiguration": {
"provisionVMAgent": true,
"enableAutomaticUpdates": true
}
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "{vmss-name}",
"properties": {
"dnsSettings": {
"dnsServers": []
},
"primary": true,
"enableIPForwarding": true,
"ipConfigurations": [
{
"name": "{vmss-name}",
"properties": {
"subnet": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/nsgExistingVnet/subnets/nsgExistingSubnet"
},
"privateIPAddressVersion": "IPv4"
}
}
],
"enableAcceleratedNetworking": false
}
}
]
}
},
"upgradePolicy": {
"mode": "Manual"
},
"provisioningState": "Creating"
},
"location": "westus"
}
}
}
}
Loading