Skip Navigation

Deploy a trusted launch capable Linux virtual machine

Last updated: 11/16/2021

This template allows you to deploy a trusted launch capable Linux virtual machine using a few different options for the Linux version, using the latest patched version. If you enable Secureboot and vTPM, the Guest Attestation extension will be installed on your VM. This extension will perform remote [attestation](https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/tpm-fundamentals#measured-boot-with-support-for-attestation) by the cloud. By default, this will deploy an Standard_D2_v3 size virtual machine in the resource group location and return the FQDN of the virtual machine.

This Azure Resource Manager template was created by a member of the community and not by Microsoft. Each Resource Manager template is licensed to you under a license agreement by its owner, not Microsoft. Microsoft is not responsible for Resource Manager templates provided and licensed by community members and does not screen for security, compatibility, or performance. Community Resource Manager templates are not supported under any Microsoft support program or service, and are made available AS IS without warranty of any kind.

Parameters

Parameter Name Description
vmName The name of you virtual machine.
os The OS for the virtual machine. This will pick the latest fully patched image of the given OS.
vmSize The size of the virtual machine
adminUsername Username for the virtual machine.
authenticationType Type of authentication to use on the virtual machine. SSH Public key is recommended.
adminPasswordOrKey SSH Public Key or password for the virtual machine. SSH Public key is recommended.
secureBoot Secure Boot setting of the virtual machine.
vTPM vTPM setting of the virtual machine.
location Location for all resources.
dnsLabelPrefix Unique DNS Name for the Public IP used to access the virtual machine.
publicIpName Name for the Public IP used to access the virtual machine.
publicIPAllocationMethod Allocation method for the Public IP used to access the virtual machine.
publicIpSku SKU for the Public IP used to access the virtual machine.
nicName Name of the network interface
virtualNetworkName Name of the virtual network
networkSecurityGroupName Name of the network security group
maaEndpoint MAA Endpoint to attest to.

Use the template

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.compute/vm-trustedlaunch-linux/azuredeploy.json
Install and configure Azure PowerShell

Command line

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.compute/vm-trustedlaunch-linux/azuredeploy.json
Install and Configure the Azure Cross-Platform Command-Line Interface