# Create a new encrypted managed disks windows vm from gallery image.

上次更新时间: 2017/2/22

This template creates a new encrypted managed disks windows vm using the server 2k12 gallery image.

此 Azure Resource Manager (ARM) 模板由社区的某个成员(而不是由 Microsoft)创建。每个 ARM 模板都根据其所有者(不是 Microsoft)的许可协议向你授予许可。Microsoft 不对由社区成员提供并授予许可的 ARM 模板负责,并且不针对安全性、兼容性和性能进行筛选。社区 ARM 模板不由任何 Microsoft 支持计划或服务提供支持,按“原样”提供,没有任何种类的担保。

参数

参数名 说明
vmName Name of the virtual machine
adminUsername Admin user name for the virtual machine
adminPassword Admin user password for virtual machine
vmSize Size of VM
virtualNetworkName Name of VNET to which the VM NIC belongs to
subnetName Name of Subnet to which the VM NIC belongs to
aadClientID Client ID of AAD app which has permissions to KeyVault
aadClientSecret Client Secret of AAD app which has permissions to KeyVault
keyVaultName Name of the KeyVault to place the volume encryption key
keyVaultResourceGroup Resource group of the KeyVault
useExistingKek Select kek if the secret should be encrypted with a key encryption key and pass explicit keyEncryptionKeyURL. For nokek, you can keep keyEncryptionKeyURL empty.
keyEncryptionKeyURL URL of the KeyEncryptionKey used to encrypt the volume encryption key

使用模板

PowerShell

New-AzureRmResourceGroupDeployment -Name <deployment-name> -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/201-encrypt-create-new-vm-gallery-image-managed-disks/azuredeploy.json
安装和配置 Azure PowerShell

命令行

azure config mode arm
azure group deployment create <my-resource-group> <my-deployment-name> --template-uri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/201-encrypt-create-new-vm-gallery-image-managed-disks/azuredeploy.json
安装和配置 Azure 跨平台命令行界面