The Azure Quickstart templates are currently available in English

Create and encrypt a new Windows VMSS with jumpbox

Última atualização: 14/05/2021

This template allows you to deploy a simple VM Scale Set of Windows VMs using the lastest patched version of serveral Windows versions. This template also deploys a jumpbox with a public IP address in the same virtual network. You can connect to the jumpbox via this public IP address, then connect from there to VMs in the scale set via private IP addresses.This template enables encryption on the VM Scale Set of Windows VMs.

Este modelo do ARM (Azure Resource Manager) foi criado por um membro da comunidade, e não pela Microsoft. Cada modelo do ARM é licenciado para você de acordo com o contrato de licença de seu proprietário, e não da Microsoft. A Microsoft não é responsável por modelos do ARM fornecidos e licenciado por membros da comunidade e não avalia sua segurança, compatibilidade ou desempenho. Modelos do ARM da comunidade não têm suporte de nenhum programa ou serviço de suporte da Microsoft e são disponibilizados DA FORMA COMO ESTÃO, sem nenhum tipo de garantia.

Parâmetros

Nome do parâmetro Descrição
vmssName String used as a base for naming resources. Must be 3-61 characters in length and globally unique across Azure. A hash is prepended to this string for some resources, and resource-specific information is appended.
vmSku Size of VMs in the VM Scale Set.
imagePublisher Publisher of OS image.
imageOffer OS image offer
imageSku OS image SKU
osVersion OS Version. This will pick a fully patched image of this given OS version. Example values: 2008-R2-SP1, 2012-Datacenter, 2012-R2-Datacenter.
instanceCount Number of VM instances (100 or less).
adminUsername Admin username on all VMs.
adminPassword Admin password on all VMs.
keyVaultName Name of the KeyVault to place the volume encryption key
enabledForDeployment Specifies whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
enabledForDiskEncryption Specifies whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
enabledForTemplateDeployment Specifies whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
keysPermissions Specifies the permissions to keys in the vault. Valid values are: all, encrypt, decrypt, wrapKey, unwrapKey, sign, verify, get, list, create, update, import, delete, backup, restore, recover, and purge.
secretsPermissions Specifies the permissions to secrets in the vault. Valid values are: all, get, list, set, delete, backup, restore, recover, and purge.
skuName Specifies whether the key vault is a standard vault or a premium vault.

Usar o modelo

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.compute/encrypt-vmss-windows-jumpbox/azuredeploy.json
Instale e configure o PowerShell do Azure

Linha de comando

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.compute/encrypt-vmss-windows-jumpbox/azuredeploy.json
Instalar e configurar a Interface de Linha de Comando de Plataforma Cruzada do Azure