This template creates a new encrypted windows vm using the server 2k12 gallery image.
此 Azure Resource Manager (ARM) 模板由社区的某个成员(而不是由 Microsoft)创建。每个 ARM 模板都根据其所有者(不是 Microsoft)的许可协议向你授予许可。Microsoft 不对由社区成员提供并授予许可的 ARM 模板负责,并且不针对安全性、兼容性和性能进行筛选。社区 ARM 模板不由任何 Microsoft 支持计划或服务提供支持,按“原样”提供,没有任何种类的担保。
参数
| 参数名 | 说明 |
|---|---|
| vmName | Name of the virtual machine |
| adminUsername | Admin user name for the virtual machine |
| adminPassword | Admin user password for virtual machine |
| newStorageAccountName | Storage account to store os vhd |
| vmStorageContainerName | Name of the storage account container to store os vhd |
| vmSize | Size of VM |
| virtualNetworkName | Name of VNET to which the VM NIC belongs to |
| subnetName | Name of Subnet to which the VM NIC belongs to |
| aadClientID | Client ID of AAD app which has permissions to KeyVault |
| aadClientSecret | Client Secret of AAD app which has permissions to KeyVault |
| keyVaultName | Name of the KeyVault to place the volume encryption key |
| keyVaultResourceGroup | Resource group of the KeyVault |
| useExistingKek | Select kek if the secret should be encrypted with a key encryption key and pass explicit keyEncryptionKeyURL. For nokek, you can keep keyEncryptionKeyURL empty. |
| keyEncryptionKeyURL | URL of the KeyEncryptionKey used to encrypt the volume encryption key |
使用模板
PowerShell
New-AzureRmResourceGroupDeployment -Name <deployment-name> -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/201-encrypt-create-new-vm-gallery-image/azuredeploy.json安装和配置 Azure PowerShell
命令行
azure config mode arm azure group deployment create <my-resource-group> <my-deployment-name> --template-uri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/201-encrypt-create-new-vm-gallery-image/azuredeploy.json安装和配置 Azure 跨平台命令行界面