Microsoft.Compute virtualMachineScaleSets/virtualmachines 2019-03-01
Bicep resource definition
The virtualMachineScaleSets/virtualmachines resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Compute/virtualMachineScaleSets/virtualmachines resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Compute/virtualMachineScaleSets/virtualmachines@2019-03-01' = {
parent: resourceSymbolicName
location: 'string'
name: 'string'
plan: {
name: 'string'
product: 'string'
promotionCode: 'string'
publisher: 'string'
}
properties: {
additionalCapabilities: {
ultraSSDEnabled: bool
}
availabilitySet: {
id: 'string'
}
diagnosticsProfile: {
bootDiagnostics: {
enabled: bool
storageUri: 'string'
}
}
hardwareProfile: {
vmSize: 'string'
}
licenseType: 'string'
networkProfile: {
networkInterfaces: [
{
id: 'string'
properties: {
primary: bool
}
}
]
}
networkProfileConfiguration: {
networkInterfaceConfigurations: [
{
id: 'string'
name: 'string'
properties: {
dnsSettings: {
dnsServers: [
'string'
]
}
enableAcceleratedNetworking: bool
enableIPForwarding: bool
ipConfigurations: [
{
id: 'string'
name: 'string'
properties: {
applicationGatewayBackendAddressPools: [
{
id: 'string'
}
]
applicationSecurityGroups: [
{
id: 'string'
}
]
loadBalancerBackendAddressPools: [
{
id: 'string'
}
]
loadBalancerInboundNatPools: [
{
id: 'string'
}
]
primary: bool
privateIPAddressVersion: 'string'
publicIPAddressConfiguration: {
name: 'string'
properties: {
dnsSettings: {
domainNameLabel: 'string'
}
idleTimeoutInMinutes: int
ipTags: [
{
ipTagType: 'string'
tag: 'string'
}
]
publicIPPrefix: {
id: 'string'
}
}
}
subnet: {
id: 'string'
}
}
}
]
networkSecurityGroup: {
id: 'string'
}
primary: bool
}
}
]
}
osProfile: {
adminPassword: 'string'
adminUsername: 'string'
allowExtensionOperations: bool
computerName: 'string'
customData: 'string'
linuxConfiguration: {
disablePasswordAuthentication: bool
provisionVMAgent: bool
ssh: {
publicKeys: [
{
keyData: 'string'
path: 'string'
}
]
}
}
requireGuestProvisionSignal: bool
secrets: [
{
sourceVault: {
id: 'string'
}
vaultCertificates: [
{
certificateStore: 'string'
certificateUrl: 'string'
}
]
}
]
windowsConfiguration: {
additionalUnattendContent: [
{
componentName: 'Microsoft-Windows-Shell-Setup'
content: 'string'
passName: 'OobeSystem'
settingName: 'string'
}
]
enableAutomaticUpdates: bool
provisionVMAgent: bool
timeZone: 'string'
winRM: {
listeners: [
{
certificateUrl: 'string'
protocol: 'string'
}
]
}
}
}
protectionPolicy: {
protectFromScaleIn: bool
protectFromScaleSetActions: bool
}
storageProfile: {
dataDisks: [
{
caching: 'string'
createOption: 'string'
diskSizeGB: int
image: {
uri: 'string'
}
lun: int
managedDisk: {
id: 'string'
storageAccountType: 'string'
}
name: 'string'
toBeDetached: bool
vhd: {
uri: 'string'
}
writeAcceleratorEnabled: bool
}
]
imageReference: {
id: 'string'
offer: 'string'
publisher: 'string'
sku: 'string'
version: 'string'
}
osDisk: {
caching: 'string'
createOption: 'string'
diffDiskSettings: {
option: 'string'
}
diskSizeGB: int
encryptionSettings: {
diskEncryptionKey: {
secretUrl: 'string'
sourceVault: {
id: 'string'
}
}
enabled: bool
keyEncryptionKey: {
keyUrl: 'string'
sourceVault: {
id: 'string'
}
}
}
image: {
uri: 'string'
}
managedDisk: {
id: 'string'
storageAccountType: 'string'
}
name: 'string'
osType: 'string'
vhd: {
uri: 'string'
}
writeAcceleratorEnabled: bool
}
}
}
tags: {
{customized property}: 'string'
}
}
Property values
AdditionalCapabilities
Name | Description | Value |
---|---|---|
ultraSSDEnabled | The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled. | bool |
AdditionalUnattendContent
Name | Description | Value |
---|---|---|
componentName | The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. | 'Microsoft-Windows-Shell-Setup' |
content | Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted. | string |
passName | The pass name. Currently, the only allowable value is OobeSystem. | 'OobeSystem' |
settingName | Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. | 'AutoLogon' 'FirstLogonCommands' |
ApiEntityReference
Name | Description | Value |
---|---|---|
id | The ARM resource id in the form of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/... | string |
BootDiagnostics
Name | Description | Value |
---|---|---|
enabled | Whether boot diagnostics should be enabled on the Virtual Machine. | bool |
storageUri | Uri of the storage account to use for placing the console output and screenshot. | string |
DataDisk
Name | Description | Value |
---|---|---|
caching | Specifies the caching requirements. Possible values are: None ReadOnly ReadWrite Default: None for Standard storage. ReadOnly for Premium storage |
'None' 'ReadOnly' 'ReadWrite' |
createOption | Specifies how the virtual machine should be created. Possible values are: Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine. FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. |
'Attach' 'Empty' 'FromImage' (required) |
diskSizeGB | Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. This value cannot be larger than 1023 GB |
int |
image | The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. | VirtualHardDisk |
lun | Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. | int (required) |
managedDisk | The managed disk parameters. | ManagedDiskParameters |
name | The disk name. | string |
toBeDetached | Specifies whether the data disk is in process of detachment from the VirtualMachine/VirtualMachineScaleset | bool |
vhd | The virtual hard disk. | VirtualHardDisk |
writeAcceleratorEnabled | Specifies whether writeAccelerator should be enabled or disabled on the disk. | bool |
DiagnosticsProfile
Name | Description | Value |
---|---|---|
bootDiagnostics | Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor. |
BootDiagnostics |
DiffDiskSettings
Name | Description | Value |
---|---|---|
option | Specifies the ephemeral disk settings for operating system disk. | 'Local' |
DiskEncryptionSettings
Name | Description | Value |
---|---|---|
diskEncryptionKey | Specifies the location of the disk encryption key, which is a Key Vault Secret. | KeyVaultSecretReference |
enabled | Specifies whether disk encryption should be enabled on the virtual machine. | bool |
keyEncryptionKey | Specifies the location of the key encryption key in Key Vault. | KeyVaultKeyReference |
HardwareProfile
Name | Description | Value |
---|---|---|
vmSize | Specifies the size of the virtual machine. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set. For a list of available sizes use these APIs: List all available virtual machine sizes in an availability set List all available virtual machine sizes in a region List all available virtual machine sizes for resizing |
'Basic_A0' 'Basic_A1' 'Basic_A2' 'Basic_A3' 'Basic_A4' 'Standard_A0' 'Standard_A1' 'Standard_A10' 'Standard_A11' 'Standard_A1_v2' 'Standard_A2' 'Standard_A2m_v2' 'Standard_A2_v2' 'Standard_A3' 'Standard_A4' 'Standard_A4m_v2' 'Standard_A4_v2' 'Standard_A5' 'Standard_A6' 'Standard_A7' 'Standard_A8' 'Standard_A8m_v2' 'Standard_A8_v2' 'Standard_A9' 'Standard_B1ms' 'Standard_B1s' 'Standard_B2ms' 'Standard_B2s' 'Standard_B4ms' 'Standard_B8ms' 'Standard_D1' 'Standard_D11' 'Standard_D11_v2' 'Standard_D12' 'Standard_D12_v2' 'Standard_D13' 'Standard_D13_v2' 'Standard_D14' 'Standard_D14_v2' 'Standard_D15_v2' 'Standard_D16s_v3' 'Standard_D16_v3' 'Standard_D1_v2' 'Standard_D2' 'Standard_D2s_v3' 'Standard_D2_v2' 'Standard_D2_v3' 'Standard_D3' 'Standard_D32s_v3' 'Standard_D32_v3' 'Standard_D3_v2' 'Standard_D4' 'Standard_D4s_v3' 'Standard_D4_v2' 'Standard_D4_v3' 'Standard_D5_v2' 'Standard_D64s_v3' 'Standard_D64_v3' 'Standard_D8s_v3' 'Standard_D8_v3' 'Standard_DS1' 'Standard_DS11' 'Standard_DS11_v2' 'Standard_DS12' 'Standard_DS12_v2' 'Standard_DS13' 'Standard_DS13-2_v2' 'Standard_DS13-4_v2' 'Standard_DS13_v2' 'Standard_DS14' 'Standard_DS14-4_v2' 'Standard_DS14-8_v2' 'Standard_DS14_v2' 'Standard_DS15_v2' 'Standard_DS1_v2' 'Standard_DS2' 'Standard_DS2_v2' 'Standard_DS3' 'Standard_DS3_v2' 'Standard_DS4' 'Standard_DS4_v2' 'Standard_DS5_v2' 'Standard_E16s_v3' 'Standard_E16_v3' 'Standard_E2s_v3' 'Standard_E2_v3' 'Standard_E32-16_v3' 'Standard_E32-8s_v3' 'Standard_E32s_v3' 'Standard_E32_v3' 'Standard_E4s_v3' 'Standard_E4_v3' 'Standard_E64-16s_v3' 'Standard_E64-32s_v3' 'Standard_E64s_v3' 'Standard_E64_v3' 'Standard_E8s_v3' 'Standard_E8_v3' 'Standard_F1' 'Standard_F16' 'Standard_F16s' 'Standard_F16s_v2' 'Standard_F1s' 'Standard_F2' 'Standard_F2s' 'Standard_F2s_v2' 'Standard_F32s_v2' 'Standard_F4' 'Standard_F4s' 'Standard_F4s_v2' 'Standard_F64s_v2' 'Standard_F72s_v2' 'Standard_F8' 'Standard_F8s' 'Standard_F8s_v2' 'Standard_G1' 'Standard_G2' 'Standard_G3' 'Standard_G4' 'Standard_G5' 'Standard_GS1' 'Standard_GS2' 'Standard_GS3' 'Standard_GS4' 'Standard_GS4-4' 'Standard_GS4-8' 'Standard_GS5' 'Standard_GS5-16' 'Standard_GS5-8' 'Standard_H16' 'Standard_H16m' 'Standard_H16mr' 'Standard_H16r' 'Standard_H8' 'Standard_H8m' 'Standard_L16s' 'Standard_L32s' 'Standard_L4s' 'Standard_L8s' 'Standard_M128-32ms' 'Standard_M128-64ms' 'Standard_M128ms' 'Standard_M128s' 'Standard_M64-16ms' 'Standard_M64-32ms' 'Standard_M64ms' 'Standard_M64s' 'Standard_NC12' 'Standard_NC12s_v2' 'Standard_NC12s_v3' 'Standard_NC24' 'Standard_NC24r' 'Standard_NC24rs_v2' 'Standard_NC24rs_v3' 'Standard_NC24s_v2' 'Standard_NC24s_v3' 'Standard_NC6' 'Standard_NC6s_v2' 'Standard_NC6s_v3' 'Standard_ND12s' 'Standard_ND24rs' 'Standard_ND24s' 'Standard_ND6s' 'Standard_NV12' 'Standard_NV24' 'Standard_NV6' |
ImageReference
Name | Description | Value |
---|---|---|
id | Resource Id | string |
offer | Specifies the offer of the platform image or marketplace image used to create the virtual machine. | string |
publisher | The image publisher. | string |
sku | The image SKU. | string |
version | Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. | string |
KeyVaultKeyReference
Name | Description | Value |
---|---|---|
keyUrl | The URL referencing a key encryption key in Key Vault. | string (required) |
sourceVault | The relative URL of the Key Vault containing the key. | SubResource (required) |
KeyVaultSecretReference
Name | Description | Value |
---|---|---|
secretUrl | The URL referencing a secret in a Key Vault. | string (required) |
sourceVault | The relative URL of the Key Vault containing the secret. | SubResource (required) |
LinuxConfiguration
Name | Description | Value |
---|---|---|
disablePasswordAuthentication | Specifies whether password authentication should be disabled. | bool |
provisionVMAgent | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
bool |
ssh | Specifies the ssh key configuration for a Linux OS. | SshConfiguration |
ManagedDiskParameters
Name | Description | Value |
---|---|---|
id | Resource Id | string |
storageAccountType | Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. | 'Premium_LRS' 'StandardSSD_LRS' 'Standard_LRS' 'UltraSSD_LRS' |
Microsoft.Compute/virtualMachineScaleSets/virtualmachines
Name | Description | Value |
---|---|---|
location | Resource location | string (required) |
name | The resource name | string (required) |
parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: virtualMachineScaleSets |
plan | Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. In the Azure portal, find the marketplace image that you want to use and then click Want to deploy programmatically, Get Started ->. Enter any required information and then click Save. | Plan |
properties | Describes the properties of a virtual machine scale set virtual machine. | VirtualMachineScaleSetVMProperties |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
NetworkInterfaceReference
Name | Description | Value |
---|---|---|
id | Resource Id | string |
properties | Describes a network interface reference properties. | NetworkInterfaceReferenceProperties |
NetworkInterfaceReferenceProperties
Name | Description | Value |
---|---|---|
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
NetworkProfile
Name | Description | Value |
---|---|---|
networkInterfaces | Specifies the list of resource Ids for the network interfaces associated with the virtual machine. | NetworkInterfaceReference[] |
OSDisk
Name | Description | Value |
---|---|---|
caching | Specifies the caching requirements. Possible values are: None ReadOnly ReadWrite Default: None for Standard storage. ReadOnly for Premium storage |
'None' 'ReadOnly' 'ReadWrite' |
createOption | Specifies how the virtual machine should be created. Possible values are: Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine. FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. |
'Attach' 'Empty' 'FromImage' (required) |
diffDiskSettings | Specifies the ephemeral Disk Settings for the operating system disk used by the virtual machine. | DiffDiskSettings |
diskSizeGB | Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. This value cannot be larger than 1023 GB |
int |
encryptionSettings | Specifies the encryption settings for the OS Disk. Minimum api-version: 2015-06-15 |
DiskEncryptionSettings |
image | The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. | VirtualHardDisk |
managedDisk | The managed disk parameters. | ManagedDiskParameters |
name | The disk name. | string |
osType | This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD. Possible values are: Windows Linux |
'Linux' 'Windows' |
vhd | The virtual hard disk. | VirtualHardDisk |
writeAcceleratorEnabled | Specifies whether writeAccelerator should be enabled or disabled on the disk. | bool |
OSProfile
Name | Description | Value |
---|---|---|
adminPassword | Specifies the password of the administrator account. Minimum-length (Windows): 8 characters Minimum-length (Linux): 6 characters Max-length (Windows): 123 characters Max-length (Linux): 72 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!" For resetting the password, see How to reset the Remote Desktop service or its login password in a Windows VM For resetting root password, see Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension |
string |
adminUsername | Specifies the name of the administrator account. Windows-only restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length (Linux): 1 character Max-length (Linux): 64 characters Max-length (Windows): 20 characters <li> For root access to the Linux VM, see Using root privileges on Linux virtual machines in Azure <li> For a list of built-in system users on Linux that should not be used in this field, see Selecting User Names for Linux on Azure |
string |
allowExtensionOperations | Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine. |
bool |
computerName | Specifies the host OS name of the virtual machine. This name cannot be updated after the VM is created. Max-length (Windows): 15 characters Max-length (Linux): 64 characters. For naming conventions and restrictions see Azure infrastructure services implementation guidelines. |
string |
customData | Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. For using cloud-init for your VM, see Using cloud-init to customize a Linux VM during creation |
string |
linuxConfiguration | Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions For running non-endorsed distributions, see Information for Non-Endorsed Distributions. |
LinuxConfiguration |
requireGuestProvisionSignal | Specifies whether the guest provision signal is required from the virtual machine. | bool |
secrets | Specifies set of certificates that should be installed onto the virtual machine. | VaultSecretGroup[] |
windowsConfiguration | Specifies Windows operating system settings on the virtual machine. | WindowsConfiguration |
Plan
Name | Description | Value |
---|---|---|
name | The plan ID. | string |
product | Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element. | string |
promotionCode | The promotion code. | string |
publisher | The publisher ID. | string |
ResourceTags
Name | Description | Value |
---|
SshConfiguration
Name | Description | Value |
---|---|---|
publicKeys | The list of SSH public keys used to authenticate with linux based VMs. | SshPublicKey[] |
SshPublicKey
Name | Description | Value |
---|---|---|
keyData | SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format. For creating ssh keys, see Create SSH keys on Linux and Mac for Linux VMs in Azure. |
string |
path | Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys | string |
StorageProfile
Name | Description | Value |
---|---|---|
dataDisks | Specifies the parameters that are used to add a data disk to a virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines. |
DataDisk[] |
imageReference | Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations. | ImageReference |
osDisk | Specifies information about the operating system disk used by the virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines. |
OSDisk |
SubResource
Name | Description | Value |
---|---|---|
id | Resource Id | string |
VaultCertificate
Name | Description | Value |
---|---|---|
certificateStore | For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account. For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted. |
string |
certificateUrl | This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" } |
string |
VaultSecretGroup
Name | Description | Value |
---|---|---|
sourceVault | The relative URL of the Key Vault containing all of the certificates in VaultCertificates. | SubResource |
vaultCertificates | The list of key vault references in SourceVault which contain certificates. | VaultCertificate[] |
VirtualHardDisk
Name | Description | Value |
---|---|---|
uri | Specifies the virtual hard disk's uri. | string |
VirtualMachineScaleSetIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource Id | string |
name | The IP configuration name. | string (required) |
properties | Describes a virtual machine scale set network profile's IP configuration properties. | VirtualMachineScaleSetIPConfigurationProperties |
VirtualMachineScaleSetIPConfigurationProperties
Name | Description | Value |
---|---|---|
applicationGatewayBackendAddressPools | Specifies an array of references to backend address pools of application gateways. A scale set can reference backend address pools of multiple application gateways. Multiple scale sets cannot use the same application gateway. | SubResource[] |
applicationSecurityGroups | Specifies an array of references to application security group. | SubResource[] |
loadBalancerBackendAddressPools | Specifies an array of references to backend address pools of load balancers. A scale set can reference backend address pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer. | SubResource[] |
loadBalancerInboundNatPools | Specifies an array of references to inbound Nat pools of the load balancers. A scale set can reference inbound nat pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer | SubResource[] |
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
privateIPAddressVersion | Available from Api-Version 2017-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. Possible values are: 'IPv4' and 'IPv6'. | 'IPv4' 'IPv6' |
publicIPAddressConfiguration | The publicIPAddressConfiguration. | VirtualMachineScaleSetPublicIPAddressConfiguration |
subnet | Specifies the identifier of the subnet. | ApiEntityReference |
VirtualMachineScaleSetIpTag
Name | Description | Value |
---|---|---|
ipTagType | IP tag type. Example: FirstPartyUsage. | string |
tag | IP tag associated with the public IP. Example: SQL, Storage etc. | string |
VirtualMachineScaleSetNetworkConfiguration
Name | Description | Value |
---|---|---|
id | Resource Id | string |
name | The network configuration name. | string (required) |
properties | Describes a virtual machine scale set network profile's IP configuration. | VirtualMachineScaleSetNetworkConfigurationProperties |
VirtualMachineScaleSetNetworkConfigurationDnsSettings
Name | Description | Value |
---|---|---|
dnsServers | List of DNS servers IP addresses | string[] |
VirtualMachineScaleSetNetworkConfigurationProperties
Name | Description | Value |
---|---|---|
dnsSettings | The dns settings to be applied on the network interfaces. | VirtualMachineScaleSetNetworkConfigurationDnsSettings |
enableAcceleratedNetworking | Specifies whether the network interface is accelerated networking-enabled. | bool |
enableIPForwarding | Whether IP forwarding enabled on this NIC. | bool |
ipConfigurations | Specifies the IP configurations of the network interface. | VirtualMachineScaleSetIPConfiguration[] (required) |
networkSecurityGroup | The network security group. | SubResource |
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
VirtualMachineScaleSetPublicIPAddressConfiguration
Name | Description | Value |
---|---|---|
name | The publicIP address configuration name. | string (required) |
properties | Describes a virtual machines scale set IP Configuration's PublicIPAddress configuration | VirtualMachineScaleSetPublicIPAddressConfigurationProperties |
VirtualMachineScaleSetPublicIPAddressConfigurationDnsSettings
Name | Description | Value |
---|---|---|
domainNameLabel | The Domain name label.The concatenation of the domain name label and vm index will be the domain name labels of the PublicIPAddress resources that will be created | string (required) |
VirtualMachineScaleSetPublicIPAddressConfigurationProperties
Name | Description | Value |
---|---|---|
dnsSettings | The dns settings to be applied on the publicIP addresses . | VirtualMachineScaleSetPublicIPAddressConfigurationDnsSettings |
idleTimeoutInMinutes | The idle timeout of the public IP address. | int |
ipTags | The list of IP tags associated with the public IP address. | VirtualMachineScaleSetIpTag[] |
publicIPPrefix | The PublicIPPrefix from which to allocate publicIP addresses. | SubResource |
VirtualMachineScaleSetVMNetworkProfileConfiguration
Name | Description | Value |
---|---|---|
networkInterfaceConfigurations | The list of network configurations. | VirtualMachineScaleSetNetworkConfiguration[] |
VirtualMachineScaleSetVMProperties
Name | Description | Value |
---|---|---|
additionalCapabilities | Specifies additional capabilities enabled or disabled on the virtual machine in the scale set. For instance: whether the virtual machine has the capability to support attaching managed data disks with UltraSSD_LRS storage account type. | AdditionalCapabilities |
availabilitySet | Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see Manage the availability of virtual machines. For more information on Azure planned maintenance, see Planned maintenance for virtual machines in Azure Currently, a VM can only be added to availability set at creation time. An existing VM cannot be added to an availability set. |
SubResource |
diagnosticsProfile | Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15. |
DiagnosticsProfile |
hardwareProfile | Specifies the hardware settings for the virtual machine. | HardwareProfile |
licenseType | Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. Possible values are: Windows_Client Windows_Server If this element is included in a request for an update, the value must match the initial value. This value cannot be updated. For more information, see Azure Hybrid Use Benefit for Windows Server Minimum api-version: 2015-06-15 |
string |
networkProfile | Specifies the network interfaces of the virtual machine. | NetworkProfile |
networkProfileConfiguration | Specifies the network profile configuration of the virtual machine. | VirtualMachineScaleSetVMNetworkProfileConfiguration |
osProfile | Specifies the operating system settings for the virtual machine. | OSProfile |
protectionPolicy | Specifies the protection policy of the virtual machine. | VirtualMachineScaleSetVMProtectionPolicy |
storageProfile | Specifies the storage settings for the virtual machine disks. | StorageProfile |
VirtualMachineScaleSetVMProtectionPolicy
Name | Description | Value |
---|---|---|
protectFromScaleIn | Indicates that the virtual machine scale set VM shouldn't be considered for deletion during a scale-in operation. | bool |
protectFromScaleSetActions | Indicates that model updates or actions (including scale-in) initiated on the virtual machine scale set should not be applied to the virtual machine scale set VM. | bool |
WindowsConfiguration
Name | Description | Value |
---|---|---|
additionalUnattendContent | Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. | AdditionalUnattendContent[] |
enableAutomaticUpdates | Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true. For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning. |
bool |
provisionVMAgent | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
bool |
timeZone | Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time" | string |
winRM | Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. | WinRMConfiguration |
WinRMConfiguration
Name | Description | Value |
---|---|---|
listeners | The list of Windows Remote Management listeners | WinRMListener[] |
WinRMListener
Name | Description | Value |
---|---|---|
certificateUrl | This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" } |
string |
protocol | Specifies the protocol of listener. Possible values are: http https |
'Http' 'Https' |
ARM template resource definition
The virtualMachineScaleSets/virtualmachines resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Compute/virtualMachineScaleSets/virtualmachines resource, add the following JSON to your template.
{
"type": "Microsoft.Compute/virtualMachineScaleSets/virtualmachines",
"apiVersion": "2019-03-01",
"name": "string",
"location": "string",
"plan": {
"name": "string",
"product": "string",
"promotionCode": "string",
"publisher": "string"
},
"properties": {
"additionalCapabilities": {
"ultraSSDEnabled": "bool"
},
"availabilitySet": {
"id": "string"
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": "bool",
"storageUri": "string"
}
},
"hardwareProfile": {
"vmSize": "string"
},
"licenseType": "string",
"networkProfile": {
"networkInterfaces": [
{
"id": "string",
"properties": {
"primary": "bool"
}
}
]
},
"networkProfileConfiguration": {
"networkInterfaceConfigurations": [
{
"id": "string",
"name": "string",
"properties": {
"dnsSettings": {
"dnsServers": [ "string" ]
},
"enableAcceleratedNetworking": "bool",
"enableIPForwarding": "bool",
"ipConfigurations": [
{
"id": "string",
"name": "string",
"properties": {
"applicationGatewayBackendAddressPools": [
{
"id": "string"
}
],
"applicationSecurityGroups": [
{
"id": "string"
}
],
"loadBalancerBackendAddressPools": [
{
"id": "string"
}
],
"loadBalancerInboundNatPools": [
{
"id": "string"
}
],
"primary": "bool",
"privateIPAddressVersion": "string",
"publicIPAddressConfiguration": {
"name": "string",
"properties": {
"dnsSettings": {
"domainNameLabel": "string"
},
"idleTimeoutInMinutes": "int",
"ipTags": [
{
"ipTagType": "string",
"tag": "string"
}
],
"publicIPPrefix": {
"id": "string"
}
}
},
"subnet": {
"id": "string"
}
}
}
],
"networkSecurityGroup": {
"id": "string"
},
"primary": "bool"
}
}
]
},
"osProfile": {
"adminPassword": "string",
"adminUsername": "string",
"allowExtensionOperations": "bool",
"computerName": "string",
"customData": "string",
"linuxConfiguration": {
"disablePasswordAuthentication": "bool",
"provisionVMAgent": "bool",
"ssh": {
"publicKeys": [
{
"keyData": "string",
"path": "string"
}
]
}
},
"requireGuestProvisionSignal": "bool",
"secrets": [
{
"sourceVault": {
"id": "string"
},
"vaultCertificates": [
{
"certificateStore": "string",
"certificateUrl": "string"
}
]
}
],
"windowsConfiguration": {
"additionalUnattendContent": [
{
"componentName": "Microsoft-Windows-Shell-Setup",
"content": "string",
"passName": "OobeSystem",
"settingName": "string"
}
],
"enableAutomaticUpdates": "bool",
"provisionVMAgent": "bool",
"timeZone": "string",
"winRM": {
"listeners": [
{
"certificateUrl": "string",
"protocol": "string"
}
]
}
}
},
"protectionPolicy": {
"protectFromScaleIn": "bool",
"protectFromScaleSetActions": "bool"
},
"storageProfile": {
"dataDisks": [
{
"caching": "string",
"createOption": "string",
"diskSizeGB": "int",
"image": {
"uri": "string"
},
"lun": "int",
"managedDisk": {
"id": "string",
"storageAccountType": "string"
},
"name": "string",
"toBeDetached": "bool",
"vhd": {
"uri": "string"
},
"writeAcceleratorEnabled": "bool"
}
],
"imageReference": {
"id": "string",
"offer": "string",
"publisher": "string",
"sku": "string",
"version": "string"
},
"osDisk": {
"caching": "string",
"createOption": "string",
"diffDiskSettings": {
"option": "string"
},
"diskSizeGB": "int",
"encryptionSettings": {
"diskEncryptionKey": {
"secretUrl": "string",
"sourceVault": {
"id": "string"
}
},
"enabled": "bool",
"keyEncryptionKey": {
"keyUrl": "string",
"sourceVault": {
"id": "string"
}
}
},
"image": {
"uri": "string"
},
"managedDisk": {
"id": "string",
"storageAccountType": "string"
},
"name": "string",
"osType": "string",
"vhd": {
"uri": "string"
},
"writeAcceleratorEnabled": "bool"
}
}
},
"tags": {
"{customized property}": "string"
}
}
Property values
AdditionalCapabilities
Name | Description | Value |
---|---|---|
ultraSSDEnabled | The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled. | bool |
AdditionalUnattendContent
Name | Description | Value |
---|---|---|
componentName | The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. | 'Microsoft-Windows-Shell-Setup' |
content | Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted. | string |
passName | The pass name. Currently, the only allowable value is OobeSystem. | 'OobeSystem' |
settingName | Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. | 'AutoLogon' 'FirstLogonCommands' |
ApiEntityReference
Name | Description | Value |
---|---|---|
id | The ARM resource id in the form of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/... | string |
BootDiagnostics
Name | Description | Value |
---|---|---|
enabled | Whether boot diagnostics should be enabled on the Virtual Machine. | bool |
storageUri | Uri of the storage account to use for placing the console output and screenshot. | string |
DataDisk
Name | Description | Value |
---|---|---|
caching | Specifies the caching requirements. Possible values are: None ReadOnly ReadWrite Default: None for Standard storage. ReadOnly for Premium storage |
'None' 'ReadOnly' 'ReadWrite' |
createOption | Specifies how the virtual machine should be created. Possible values are: Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine. FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. |
'Attach' 'Empty' 'FromImage' (required) |
diskSizeGB | Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. This value cannot be larger than 1023 GB |
int |
image | The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. | VirtualHardDisk |
lun | Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. | int (required) |
managedDisk | The managed disk parameters. | ManagedDiskParameters |
name | The disk name. | string |
toBeDetached | Specifies whether the data disk is in process of detachment from the VirtualMachine/VirtualMachineScaleset | bool |
vhd | The virtual hard disk. | VirtualHardDisk |
writeAcceleratorEnabled | Specifies whether writeAccelerator should be enabled or disabled on the disk. | bool |
DiagnosticsProfile
Name | Description | Value |
---|---|---|
bootDiagnostics | Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor. |
BootDiagnostics |
DiffDiskSettings
Name | Description | Value |
---|---|---|
option | Specifies the ephemeral disk settings for operating system disk. | 'Local' |
DiskEncryptionSettings
Name | Description | Value |
---|---|---|
diskEncryptionKey | Specifies the location of the disk encryption key, which is a Key Vault Secret. | KeyVaultSecretReference |
enabled | Specifies whether disk encryption should be enabled on the virtual machine. | bool |
keyEncryptionKey | Specifies the location of the key encryption key in Key Vault. | KeyVaultKeyReference |
HardwareProfile
Name | Description | Value |
---|---|---|
vmSize | Specifies the size of the virtual machine. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set. For a list of available sizes use these APIs: List all available virtual machine sizes in an availability set List all available virtual machine sizes in a region List all available virtual machine sizes for resizing |
'Basic_A0' 'Basic_A1' 'Basic_A2' 'Basic_A3' 'Basic_A4' 'Standard_A0' 'Standard_A1' 'Standard_A10' 'Standard_A11' 'Standard_A1_v2' 'Standard_A2' 'Standard_A2m_v2' 'Standard_A2_v2' 'Standard_A3' 'Standard_A4' 'Standard_A4m_v2' 'Standard_A4_v2' 'Standard_A5' 'Standard_A6' 'Standard_A7' 'Standard_A8' 'Standard_A8m_v2' 'Standard_A8_v2' 'Standard_A9' 'Standard_B1ms' 'Standard_B1s' 'Standard_B2ms' 'Standard_B2s' 'Standard_B4ms' 'Standard_B8ms' 'Standard_D1' 'Standard_D11' 'Standard_D11_v2' 'Standard_D12' 'Standard_D12_v2' 'Standard_D13' 'Standard_D13_v2' 'Standard_D14' 'Standard_D14_v2' 'Standard_D15_v2' 'Standard_D16s_v3' 'Standard_D16_v3' 'Standard_D1_v2' 'Standard_D2' 'Standard_D2s_v3' 'Standard_D2_v2' 'Standard_D2_v3' 'Standard_D3' 'Standard_D32s_v3' 'Standard_D32_v3' 'Standard_D3_v2' 'Standard_D4' 'Standard_D4s_v3' 'Standard_D4_v2' 'Standard_D4_v3' 'Standard_D5_v2' 'Standard_D64s_v3' 'Standard_D64_v3' 'Standard_D8s_v3' 'Standard_D8_v3' 'Standard_DS1' 'Standard_DS11' 'Standard_DS11_v2' 'Standard_DS12' 'Standard_DS12_v2' 'Standard_DS13' 'Standard_DS13-2_v2' 'Standard_DS13-4_v2' 'Standard_DS13_v2' 'Standard_DS14' 'Standard_DS14-4_v2' 'Standard_DS14-8_v2' 'Standard_DS14_v2' 'Standard_DS15_v2' 'Standard_DS1_v2' 'Standard_DS2' 'Standard_DS2_v2' 'Standard_DS3' 'Standard_DS3_v2' 'Standard_DS4' 'Standard_DS4_v2' 'Standard_DS5_v2' 'Standard_E16s_v3' 'Standard_E16_v3' 'Standard_E2s_v3' 'Standard_E2_v3' 'Standard_E32-16_v3' 'Standard_E32-8s_v3' 'Standard_E32s_v3' 'Standard_E32_v3' 'Standard_E4s_v3' 'Standard_E4_v3' 'Standard_E64-16s_v3' 'Standard_E64-32s_v3' 'Standard_E64s_v3' 'Standard_E64_v3' 'Standard_E8s_v3' 'Standard_E8_v3' 'Standard_F1' 'Standard_F16' 'Standard_F16s' 'Standard_F16s_v2' 'Standard_F1s' 'Standard_F2' 'Standard_F2s' 'Standard_F2s_v2' 'Standard_F32s_v2' 'Standard_F4' 'Standard_F4s' 'Standard_F4s_v2' 'Standard_F64s_v2' 'Standard_F72s_v2' 'Standard_F8' 'Standard_F8s' 'Standard_F8s_v2' 'Standard_G1' 'Standard_G2' 'Standard_G3' 'Standard_G4' 'Standard_G5' 'Standard_GS1' 'Standard_GS2' 'Standard_GS3' 'Standard_GS4' 'Standard_GS4-4' 'Standard_GS4-8' 'Standard_GS5' 'Standard_GS5-16' 'Standard_GS5-8' 'Standard_H16' 'Standard_H16m' 'Standard_H16mr' 'Standard_H16r' 'Standard_H8' 'Standard_H8m' 'Standard_L16s' 'Standard_L32s' 'Standard_L4s' 'Standard_L8s' 'Standard_M128-32ms' 'Standard_M128-64ms' 'Standard_M128ms' 'Standard_M128s' 'Standard_M64-16ms' 'Standard_M64-32ms' 'Standard_M64ms' 'Standard_M64s' 'Standard_NC12' 'Standard_NC12s_v2' 'Standard_NC12s_v3' 'Standard_NC24' 'Standard_NC24r' 'Standard_NC24rs_v2' 'Standard_NC24rs_v3' 'Standard_NC24s_v2' 'Standard_NC24s_v3' 'Standard_NC6' 'Standard_NC6s_v2' 'Standard_NC6s_v3' 'Standard_ND12s' 'Standard_ND24rs' 'Standard_ND24s' 'Standard_ND6s' 'Standard_NV12' 'Standard_NV24' 'Standard_NV6' |
ImageReference
Name | Description | Value |
---|---|---|
id | Resource Id | string |
offer | Specifies the offer of the platform image or marketplace image used to create the virtual machine. | string |
publisher | The image publisher. | string |
sku | The image SKU. | string |
version | Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. | string |
KeyVaultKeyReference
Name | Description | Value |
---|---|---|
keyUrl | The URL referencing a key encryption key in Key Vault. | string (required) |
sourceVault | The relative URL of the Key Vault containing the key. | SubResource (required) |
KeyVaultSecretReference
Name | Description | Value |
---|---|---|
secretUrl | The URL referencing a secret in a Key Vault. | string (required) |
sourceVault | The relative URL of the Key Vault containing the secret. | SubResource (required) |
LinuxConfiguration
Name | Description | Value |
---|---|---|
disablePasswordAuthentication | Specifies whether password authentication should be disabled. | bool |
provisionVMAgent | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
bool |
ssh | Specifies the ssh key configuration for a Linux OS. | SshConfiguration |
ManagedDiskParameters
Name | Description | Value |
---|---|---|
id | Resource Id | string |
storageAccountType | Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. | 'Premium_LRS' 'StandardSSD_LRS' 'Standard_LRS' 'UltraSSD_LRS' |
Microsoft.Compute/virtualMachineScaleSets/virtualmachines
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2019-03-01' |
location | Resource location | string (required) |
name | The resource name | string (required) |
plan | Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. In the Azure portal, find the marketplace image that you want to use and then click Want to deploy programmatically, Get Started ->. Enter any required information and then click Save. | Plan |
properties | Describes the properties of a virtual machine scale set virtual machine. | VirtualMachineScaleSetVMProperties |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
type | The resource type | 'Microsoft.Compute/virtualMachineScaleSets/virtualmachines' |
NetworkInterfaceReference
Name | Description | Value |
---|---|---|
id | Resource Id | string |
properties | Describes a network interface reference properties. | NetworkInterfaceReferenceProperties |
NetworkInterfaceReferenceProperties
Name | Description | Value |
---|---|---|
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
NetworkProfile
Name | Description | Value |
---|---|---|
networkInterfaces | Specifies the list of resource Ids for the network interfaces associated with the virtual machine. | NetworkInterfaceReference[] |
OSDisk
Name | Description | Value |
---|---|---|
caching | Specifies the caching requirements. Possible values are: None ReadOnly ReadWrite Default: None for Standard storage. ReadOnly for Premium storage |
'None' 'ReadOnly' 'ReadWrite' |
createOption | Specifies how the virtual machine should be created. Possible values are: Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine. FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. |
'Attach' 'Empty' 'FromImage' (required) |
diffDiskSettings | Specifies the ephemeral Disk Settings for the operating system disk used by the virtual machine. | DiffDiskSettings |
diskSizeGB | Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. This value cannot be larger than 1023 GB |
int |
encryptionSettings | Specifies the encryption settings for the OS Disk. Minimum api-version: 2015-06-15 |
DiskEncryptionSettings |
image | The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. | VirtualHardDisk |
managedDisk | The managed disk parameters. | ManagedDiskParameters |
name | The disk name. | string |
osType | This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD. Possible values are: Windows Linux |
'Linux' 'Windows' |
vhd | The virtual hard disk. | VirtualHardDisk |
writeAcceleratorEnabled | Specifies whether writeAccelerator should be enabled or disabled on the disk. | bool |
OSProfile
Name | Description | Value |
---|---|---|
adminPassword | Specifies the password of the administrator account. Minimum-length (Windows): 8 characters Minimum-length (Linux): 6 characters Max-length (Windows): 123 characters Max-length (Linux): 72 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!" For resetting the password, see How to reset the Remote Desktop service or its login password in a Windows VM For resetting root password, see Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension |
string |
adminUsername | Specifies the name of the administrator account. Windows-only restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length (Linux): 1 character Max-length (Linux): 64 characters Max-length (Windows): 20 characters <li> For root access to the Linux VM, see Using root privileges on Linux virtual machines in Azure <li> For a list of built-in system users on Linux that should not be used in this field, see Selecting User Names for Linux on Azure |
string |
allowExtensionOperations | Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine. |
bool |
computerName | Specifies the host OS name of the virtual machine. This name cannot be updated after the VM is created. Max-length (Windows): 15 characters Max-length (Linux): 64 characters. For naming conventions and restrictions see Azure infrastructure services implementation guidelines. |
string |
customData | Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. For using cloud-init for your VM, see Using cloud-init to customize a Linux VM during creation |
string |
linuxConfiguration | Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions For running non-endorsed distributions, see Information for Non-Endorsed Distributions. |
LinuxConfiguration |
requireGuestProvisionSignal | Specifies whether the guest provision signal is required from the virtual machine. | bool |
secrets | Specifies set of certificates that should be installed onto the virtual machine. | VaultSecretGroup[] |
windowsConfiguration | Specifies Windows operating system settings on the virtual machine. | WindowsConfiguration |
Plan
Name | Description | Value |
---|---|---|
name | The plan ID. | string |
product | Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element. | string |
promotionCode | The promotion code. | string |
publisher | The publisher ID. | string |
ResourceTags
Name | Description | Value |
---|
SshConfiguration
Name | Description | Value |
---|---|---|
publicKeys | The list of SSH public keys used to authenticate with linux based VMs. | SshPublicKey[] |
SshPublicKey
Name | Description | Value |
---|---|---|
keyData | SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format. For creating ssh keys, see Create SSH keys on Linux and Mac for Linux VMs in Azure. |
string |
path | Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys | string |
StorageProfile
Name | Description | Value |
---|---|---|
dataDisks | Specifies the parameters that are used to add a data disk to a virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines. |
DataDisk[] |
imageReference | Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations. | ImageReference |
osDisk | Specifies information about the operating system disk used by the virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines. |
OSDisk |
SubResource
Name | Description | Value |
---|---|---|
id | Resource Id | string |
VaultCertificate
Name | Description | Value |
---|---|---|
certificateStore | For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account. For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted. |
string |
certificateUrl | This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" } |
string |
VaultSecretGroup
Name | Description | Value |
---|---|---|
sourceVault | The relative URL of the Key Vault containing all of the certificates in VaultCertificates. | SubResource |
vaultCertificates | The list of key vault references in SourceVault which contain certificates. | VaultCertificate[] |
VirtualHardDisk
Name | Description | Value |
---|---|---|
uri | Specifies the virtual hard disk's uri. | string |
VirtualMachineScaleSetIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource Id | string |
name | The IP configuration name. | string (required) |
properties | Describes a virtual machine scale set network profile's IP configuration properties. | VirtualMachineScaleSetIPConfigurationProperties |
VirtualMachineScaleSetIPConfigurationProperties
Name | Description | Value |
---|---|---|
applicationGatewayBackendAddressPools | Specifies an array of references to backend address pools of application gateways. A scale set can reference backend address pools of multiple application gateways. Multiple scale sets cannot use the same application gateway. | SubResource[] |
applicationSecurityGroups | Specifies an array of references to application security group. | SubResource[] |
loadBalancerBackendAddressPools | Specifies an array of references to backend address pools of load balancers. A scale set can reference backend address pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer. | SubResource[] |
loadBalancerInboundNatPools | Specifies an array of references to inbound Nat pools of the load balancers. A scale set can reference inbound nat pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer | SubResource[] |
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
privateIPAddressVersion | Available from Api-Version 2017-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. Possible values are: 'IPv4' and 'IPv6'. | 'IPv4' 'IPv6' |
publicIPAddressConfiguration | The publicIPAddressConfiguration. | VirtualMachineScaleSetPublicIPAddressConfiguration |
subnet | Specifies the identifier of the subnet. | ApiEntityReference |
VirtualMachineScaleSetIpTag
Name | Description | Value |
---|---|---|
ipTagType | IP tag type. Example: FirstPartyUsage. | string |
tag | IP tag associated with the public IP. Example: SQL, Storage etc. | string |
VirtualMachineScaleSetNetworkConfiguration
Name | Description | Value |
---|---|---|
id | Resource Id | string |
name | The network configuration name. | string (required) |
properties | Describes a virtual machine scale set network profile's IP configuration. | VirtualMachineScaleSetNetworkConfigurationProperties |
VirtualMachineScaleSetNetworkConfigurationDnsSettings
Name | Description | Value |
---|---|---|
dnsServers | List of DNS servers IP addresses | string[] |
VirtualMachineScaleSetNetworkConfigurationProperties
Name | Description | Value |
---|---|---|
dnsSettings | The dns settings to be applied on the network interfaces. | VirtualMachineScaleSetNetworkConfigurationDnsSettings |
enableAcceleratedNetworking | Specifies whether the network interface is accelerated networking-enabled. | bool |
enableIPForwarding | Whether IP forwarding enabled on this NIC. | bool |
ipConfigurations | Specifies the IP configurations of the network interface. | VirtualMachineScaleSetIPConfiguration[] (required) |
networkSecurityGroup | The network security group. | SubResource |
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
VirtualMachineScaleSetPublicIPAddressConfiguration
Name | Description | Value |
---|---|---|
name | The publicIP address configuration name. | string (required) |
properties | Describes a virtual machines scale set IP Configuration's PublicIPAddress configuration | VirtualMachineScaleSetPublicIPAddressConfigurationProperties |
VirtualMachineScaleSetPublicIPAddressConfigurationDnsSettings
Name | Description | Value |
---|---|---|
domainNameLabel | The Domain name label.The concatenation of the domain name label and vm index will be the domain name labels of the PublicIPAddress resources that will be created | string (required) |
VirtualMachineScaleSetPublicIPAddressConfigurationProperties
Name | Description | Value |
---|---|---|
dnsSettings | The dns settings to be applied on the publicIP addresses . | VirtualMachineScaleSetPublicIPAddressConfigurationDnsSettings |
idleTimeoutInMinutes | The idle timeout of the public IP address. | int |
ipTags | The list of IP tags associated with the public IP address. | VirtualMachineScaleSetIpTag[] |
publicIPPrefix | The PublicIPPrefix from which to allocate publicIP addresses. | SubResource |
VirtualMachineScaleSetVMNetworkProfileConfiguration
Name | Description | Value |
---|---|---|
networkInterfaceConfigurations | The list of network configurations. | VirtualMachineScaleSetNetworkConfiguration[] |
VirtualMachineScaleSetVMProperties
Name | Description | Value |
---|---|---|
additionalCapabilities | Specifies additional capabilities enabled or disabled on the virtual machine in the scale set. For instance: whether the virtual machine has the capability to support attaching managed data disks with UltraSSD_LRS storage account type. | AdditionalCapabilities |
availabilitySet | Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see Manage the availability of virtual machines. For more information on Azure planned maintenance, see Planned maintenance for virtual machines in Azure Currently, a VM can only be added to availability set at creation time. An existing VM cannot be added to an availability set. |
SubResource |
diagnosticsProfile | Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15. |
DiagnosticsProfile |
hardwareProfile | Specifies the hardware settings for the virtual machine. | HardwareProfile |
licenseType | Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. Possible values are: Windows_Client Windows_Server If this element is included in a request for an update, the value must match the initial value. This value cannot be updated. For more information, see Azure Hybrid Use Benefit for Windows Server Minimum api-version: 2015-06-15 |
string |
networkProfile | Specifies the network interfaces of the virtual machine. | NetworkProfile |
networkProfileConfiguration | Specifies the network profile configuration of the virtual machine. | VirtualMachineScaleSetVMNetworkProfileConfiguration |
osProfile | Specifies the operating system settings for the virtual machine. | OSProfile |
protectionPolicy | Specifies the protection policy of the virtual machine. | VirtualMachineScaleSetVMProtectionPolicy |
storageProfile | Specifies the storage settings for the virtual machine disks. | StorageProfile |
VirtualMachineScaleSetVMProtectionPolicy
Name | Description | Value |
---|---|---|
protectFromScaleIn | Indicates that the virtual machine scale set VM shouldn't be considered for deletion during a scale-in operation. | bool |
protectFromScaleSetActions | Indicates that model updates or actions (including scale-in) initiated on the virtual machine scale set should not be applied to the virtual machine scale set VM. | bool |
WindowsConfiguration
Name | Description | Value |
---|---|---|
additionalUnattendContent | Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. | AdditionalUnattendContent[] |
enableAutomaticUpdates | Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true. For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning. |
bool |
provisionVMAgent | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
bool |
timeZone | Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time" | string |
winRM | Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. | WinRMConfiguration |
WinRMConfiguration
Name | Description | Value |
---|---|---|
listeners | The list of Windows Remote Management listeners | WinRMListener[] |
WinRMListener
Name | Description | Value |
---|---|---|
certificateUrl | This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" } |
string |
protocol | Specifies the protocol of listener. Possible values are: http https |
'Http' 'Https' |
Terraform (AzAPI provider) resource definition
The virtualMachineScaleSets/virtualmachines resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Compute/virtualMachineScaleSets/virtualmachines resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Compute/virtualMachineScaleSets/virtualmachines@2019-03-01"
name = "string"
location = "string"
plan = {
name = "string"
product = "string"
promotionCode = "string"
publisher = "string"
}
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
additionalCapabilities = {
ultraSSDEnabled = bool
}
availabilitySet = {
id = "string"
}
diagnosticsProfile = {
bootDiagnostics = {
enabled = bool
storageUri = "string"
}
}
hardwareProfile = {
vmSize = "string"
}
licenseType = "string"
networkProfile = {
networkInterfaces = [
{
id = "string"
properties = {
primary = bool
}
}
]
}
networkProfileConfiguration = {
networkInterfaceConfigurations = [
{
id = "string"
name = "string"
properties = {
dnsSettings = {
dnsServers = [
"string"
]
}
enableAcceleratedNetworking = bool
enableIPForwarding = bool
ipConfigurations = [
{
id = "string"
name = "string"
properties = {
applicationGatewayBackendAddressPools = [
{
id = "string"
}
]
applicationSecurityGroups = [
{
id = "string"
}
]
loadBalancerBackendAddressPools = [
{
id = "string"
}
]
loadBalancerInboundNatPools = [
{
id = "string"
}
]
primary = bool
privateIPAddressVersion = "string"
publicIPAddressConfiguration = {
name = "string"
properties = {
dnsSettings = {
domainNameLabel = "string"
}
idleTimeoutInMinutes = int
ipTags = [
{
ipTagType = "string"
tag = "string"
}
]
publicIPPrefix = {
id = "string"
}
}
}
subnet = {
id = "string"
}
}
}
]
networkSecurityGroup = {
id = "string"
}
primary = bool
}
}
]
}
osProfile = {
adminPassword = "string"
adminUsername = "string"
allowExtensionOperations = bool
computerName = "string"
customData = "string"
linuxConfiguration = {
disablePasswordAuthentication = bool
provisionVMAgent = bool
ssh = {
publicKeys = [
{
keyData = "string"
path = "string"
}
]
}
}
requireGuestProvisionSignal = bool
secrets = [
{
sourceVault = {
id = "string"
}
vaultCertificates = [
{
certificateStore = "string"
certificateUrl = "string"
}
]
}
]
windowsConfiguration = {
additionalUnattendContent = [
{
componentName = "Microsoft-Windows-Shell-Setup"
content = "string"
passName = "OobeSystem"
settingName = "string"
}
]
enableAutomaticUpdates = bool
provisionVMAgent = bool
timeZone = "string"
winRM = {
listeners = [
{
certificateUrl = "string"
protocol = "string"
}
]
}
}
}
protectionPolicy = {
protectFromScaleIn = bool
protectFromScaleSetActions = bool
}
storageProfile = {
dataDisks = [
{
caching = "string"
createOption = "string"
diskSizeGB = int
image = {
uri = "string"
}
lun = int
managedDisk = {
id = "string"
storageAccountType = "string"
}
name = "string"
toBeDetached = bool
vhd = {
uri = "string"
}
writeAcceleratorEnabled = bool
}
]
imageReference = {
id = "string"
offer = "string"
publisher = "string"
sku = "string"
version = "string"
}
osDisk = {
caching = "string"
createOption = "string"
diffDiskSettings = {
option = "string"
}
diskSizeGB = int
encryptionSettings = {
diskEncryptionKey = {
secretUrl = "string"
sourceVault = {
id = "string"
}
}
enabled = bool
keyEncryptionKey = {
keyUrl = "string"
sourceVault = {
id = "string"
}
}
}
image = {
uri = "string"
}
managedDisk = {
id = "string"
storageAccountType = "string"
}
name = "string"
osType = "string"
vhd = {
uri = "string"
}
writeAcceleratorEnabled = bool
}
}
}
})
}
Property values
AdditionalCapabilities
Name | Description | Value |
---|---|---|
ultraSSDEnabled | The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled. | bool |
AdditionalUnattendContent
Name | Description | Value |
---|---|---|
componentName | The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. | 'Microsoft-Windows-Shell-Setup' |
content | Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted. | string |
passName | The pass name. Currently, the only allowable value is OobeSystem. | 'OobeSystem' |
settingName | Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. | 'AutoLogon' 'FirstLogonCommands' |
ApiEntityReference
Name | Description | Value |
---|---|---|
id | The ARM resource id in the form of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/... | string |
BootDiagnostics
Name | Description | Value |
---|---|---|
enabled | Whether boot diagnostics should be enabled on the Virtual Machine. | bool |
storageUri | Uri of the storage account to use for placing the console output and screenshot. | string |
DataDisk
Name | Description | Value |
---|---|---|
caching | Specifies the caching requirements. Possible values are: None ReadOnly ReadWrite Default: None for Standard storage. ReadOnly for Premium storage |
'None' 'ReadOnly' 'ReadWrite' |
createOption | Specifies how the virtual machine should be created. Possible values are: Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine. FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. |
'Attach' 'Empty' 'FromImage' (required) |
diskSizeGB | Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. This value cannot be larger than 1023 GB |
int |
image | The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. | VirtualHardDisk |
lun | Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. | int (required) |
managedDisk | The managed disk parameters. | ManagedDiskParameters |
name | The disk name. | string |
toBeDetached | Specifies whether the data disk is in process of detachment from the VirtualMachine/VirtualMachineScaleset | bool |
vhd | The virtual hard disk. | VirtualHardDisk |
writeAcceleratorEnabled | Specifies whether writeAccelerator should be enabled or disabled on the disk. | bool |
DiagnosticsProfile
Name | Description | Value |
---|---|---|
bootDiagnostics | Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor. |
BootDiagnostics |
DiffDiskSettings
Name | Description | Value |
---|---|---|
option | Specifies the ephemeral disk settings for operating system disk. | 'Local' |
DiskEncryptionSettings
Name | Description | Value |
---|---|---|
diskEncryptionKey | Specifies the location of the disk encryption key, which is a Key Vault Secret. | KeyVaultSecretReference |
enabled | Specifies whether disk encryption should be enabled on the virtual machine. | bool |
keyEncryptionKey | Specifies the location of the key encryption key in Key Vault. | KeyVaultKeyReference |
HardwareProfile
Name | Description | Value |
---|---|---|
vmSize | Specifies the size of the virtual machine. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set. For a list of available sizes use these APIs: List all available virtual machine sizes in an availability set List all available virtual machine sizes in a region List all available virtual machine sizes for resizing |
'Basic_A0' 'Basic_A1' 'Basic_A2' 'Basic_A3' 'Basic_A4' 'Standard_A0' 'Standard_A1' 'Standard_A10' 'Standard_A11' 'Standard_A1_v2' 'Standard_A2' 'Standard_A2m_v2' 'Standard_A2_v2' 'Standard_A3' 'Standard_A4' 'Standard_A4m_v2' 'Standard_A4_v2' 'Standard_A5' 'Standard_A6' 'Standard_A7' 'Standard_A8' 'Standard_A8m_v2' 'Standard_A8_v2' 'Standard_A9' 'Standard_B1ms' 'Standard_B1s' 'Standard_B2ms' 'Standard_B2s' 'Standard_B4ms' 'Standard_B8ms' 'Standard_D1' 'Standard_D11' 'Standard_D11_v2' 'Standard_D12' 'Standard_D12_v2' 'Standard_D13' 'Standard_D13_v2' 'Standard_D14' 'Standard_D14_v2' 'Standard_D15_v2' 'Standard_D16s_v3' 'Standard_D16_v3' 'Standard_D1_v2' 'Standard_D2' 'Standard_D2s_v3' 'Standard_D2_v2' 'Standard_D2_v3' 'Standard_D3' 'Standard_D32s_v3' 'Standard_D32_v3' 'Standard_D3_v2' 'Standard_D4' 'Standard_D4s_v3' 'Standard_D4_v2' 'Standard_D4_v3' 'Standard_D5_v2' 'Standard_D64s_v3' 'Standard_D64_v3' 'Standard_D8s_v3' 'Standard_D8_v3' 'Standard_DS1' 'Standard_DS11' 'Standard_DS11_v2' 'Standard_DS12' 'Standard_DS12_v2' 'Standard_DS13' 'Standard_DS13-2_v2' 'Standard_DS13-4_v2' 'Standard_DS13_v2' 'Standard_DS14' 'Standard_DS14-4_v2' 'Standard_DS14-8_v2' 'Standard_DS14_v2' 'Standard_DS15_v2' 'Standard_DS1_v2' 'Standard_DS2' 'Standard_DS2_v2' 'Standard_DS3' 'Standard_DS3_v2' 'Standard_DS4' 'Standard_DS4_v2' 'Standard_DS5_v2' 'Standard_E16s_v3' 'Standard_E16_v3' 'Standard_E2s_v3' 'Standard_E2_v3' 'Standard_E32-16_v3' 'Standard_E32-8s_v3' 'Standard_E32s_v3' 'Standard_E32_v3' 'Standard_E4s_v3' 'Standard_E4_v3' 'Standard_E64-16s_v3' 'Standard_E64-32s_v3' 'Standard_E64s_v3' 'Standard_E64_v3' 'Standard_E8s_v3' 'Standard_E8_v3' 'Standard_F1' 'Standard_F16' 'Standard_F16s' 'Standard_F16s_v2' 'Standard_F1s' 'Standard_F2' 'Standard_F2s' 'Standard_F2s_v2' 'Standard_F32s_v2' 'Standard_F4' 'Standard_F4s' 'Standard_F4s_v2' 'Standard_F64s_v2' 'Standard_F72s_v2' 'Standard_F8' 'Standard_F8s' 'Standard_F8s_v2' 'Standard_G1' 'Standard_G2' 'Standard_G3' 'Standard_G4' 'Standard_G5' 'Standard_GS1' 'Standard_GS2' 'Standard_GS3' 'Standard_GS4' 'Standard_GS4-4' 'Standard_GS4-8' 'Standard_GS5' 'Standard_GS5-16' 'Standard_GS5-8' 'Standard_H16' 'Standard_H16m' 'Standard_H16mr' 'Standard_H16r' 'Standard_H8' 'Standard_H8m' 'Standard_L16s' 'Standard_L32s' 'Standard_L4s' 'Standard_L8s' 'Standard_M128-32ms' 'Standard_M128-64ms' 'Standard_M128ms' 'Standard_M128s' 'Standard_M64-16ms' 'Standard_M64-32ms' 'Standard_M64ms' 'Standard_M64s' 'Standard_NC12' 'Standard_NC12s_v2' 'Standard_NC12s_v3' 'Standard_NC24' 'Standard_NC24r' 'Standard_NC24rs_v2' 'Standard_NC24rs_v3' 'Standard_NC24s_v2' 'Standard_NC24s_v3' 'Standard_NC6' 'Standard_NC6s_v2' 'Standard_NC6s_v3' 'Standard_ND12s' 'Standard_ND24rs' 'Standard_ND24s' 'Standard_ND6s' 'Standard_NV12' 'Standard_NV24' 'Standard_NV6' |
ImageReference
Name | Description | Value |
---|---|---|
id | Resource Id | string |
offer | Specifies the offer of the platform image or marketplace image used to create the virtual machine. | string |
publisher | The image publisher. | string |
sku | The image SKU. | string |
version | Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. | string |
KeyVaultKeyReference
Name | Description | Value |
---|---|---|
keyUrl | The URL referencing a key encryption key in Key Vault. | string (required) |
sourceVault | The relative URL of the Key Vault containing the key. | SubResource (required) |
KeyVaultSecretReference
Name | Description | Value |
---|---|---|
secretUrl | The URL referencing a secret in a Key Vault. | string (required) |
sourceVault | The relative URL of the Key Vault containing the secret. | SubResource (required) |
LinuxConfiguration
Name | Description | Value |
---|---|---|
disablePasswordAuthentication | Specifies whether password authentication should be disabled. | bool |
provisionVMAgent | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
bool |
ssh | Specifies the ssh key configuration for a Linux OS. | SshConfiguration |
ManagedDiskParameters
Name | Description | Value |
---|---|---|
id | Resource Id | string |
storageAccountType | Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. | 'Premium_LRS' 'StandardSSD_LRS' 'Standard_LRS' 'UltraSSD_LRS' |
Microsoft.Compute/virtualMachineScaleSets/virtualmachines
Name | Description | Value |
---|---|---|
location | Resource location | string (required) |
name | The resource name | string (required) |
parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: virtualMachineScaleSets |
plan | Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. In the Azure portal, find the marketplace image that you want to use and then click Want to deploy programmatically, Get Started ->. Enter any required information and then click Save. | Plan |
properties | Describes the properties of a virtual machine scale set virtual machine. | VirtualMachineScaleSetVMProperties |
tags | Resource tags | Dictionary of tag names and values. |
type | The resource type | "Microsoft.Compute/virtualMachineScaleSets/virtualmachines@2019-03-01" |
NetworkInterfaceReference
Name | Description | Value |
---|---|---|
id | Resource Id | string |
properties | Describes a network interface reference properties. | NetworkInterfaceReferenceProperties |
NetworkInterfaceReferenceProperties
Name | Description | Value |
---|---|---|
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
NetworkProfile
Name | Description | Value |
---|---|---|
networkInterfaces | Specifies the list of resource Ids for the network interfaces associated with the virtual machine. | NetworkInterfaceReference[] |
OSDisk
Name | Description | Value |
---|---|---|
caching | Specifies the caching requirements. Possible values are: None ReadOnly ReadWrite Default: None for Standard storage. ReadOnly for Premium storage |
'None' 'ReadOnly' 'ReadWrite' |
createOption | Specifies how the virtual machine should be created. Possible values are: Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine. FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. |
'Attach' 'Empty' 'FromImage' (required) |
diffDiskSettings | Specifies the ephemeral Disk Settings for the operating system disk used by the virtual machine. | DiffDiskSettings |
diskSizeGB | Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image. This value cannot be larger than 1023 GB |
int |
encryptionSettings | Specifies the encryption settings for the OS Disk. Minimum api-version: 2015-06-15 |
DiskEncryptionSettings |
image | The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. | VirtualHardDisk |
managedDisk | The managed disk parameters. | ManagedDiskParameters |
name | The disk name. | string |
osType | This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD. Possible values are: Windows Linux |
'Linux' 'Windows' |
vhd | The virtual hard disk. | VirtualHardDisk |
writeAcceleratorEnabled | Specifies whether writeAccelerator should be enabled or disabled on the disk. | bool |
OSProfile
Name | Description | Value |
---|---|---|
adminPassword | Specifies the password of the administrator account. Minimum-length (Windows): 8 characters Minimum-length (Linux): 6 characters Max-length (Windows): 123 characters Max-length (Linux): 72 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!" For resetting the password, see How to reset the Remote Desktop service or its login password in a Windows VM For resetting root password, see Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension |
string |
adminUsername | Specifies the name of the administrator account. Windows-only restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length (Linux): 1 character Max-length (Linux): 64 characters Max-length (Windows): 20 characters <li> For root access to the Linux VM, see Using root privileges on Linux virtual machines in Azure <li> For a list of built-in system users on Linux that should not be used in this field, see Selecting User Names for Linux on Azure |
string |
allowExtensionOperations | Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine. |
bool |
computerName | Specifies the host OS name of the virtual machine. This name cannot be updated after the VM is created. Max-length (Windows): 15 characters Max-length (Linux): 64 characters. For naming conventions and restrictions see Azure infrastructure services implementation guidelines. |
string |
customData | Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. For using cloud-init for your VM, see Using cloud-init to customize a Linux VM during creation |
string |
linuxConfiguration | Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions For running non-endorsed distributions, see Information for Non-Endorsed Distributions. |
LinuxConfiguration |
requireGuestProvisionSignal | Specifies whether the guest provision signal is required from the virtual machine. | bool |
secrets | Specifies set of certificates that should be installed onto the virtual machine. | VaultSecretGroup[] |
windowsConfiguration | Specifies Windows operating system settings on the virtual machine. | WindowsConfiguration |
Plan
Name | Description | Value |
---|---|---|
name | The plan ID. | string |
product | Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element. | string |
promotionCode | The promotion code. | string |
publisher | The publisher ID. | string |
ResourceTags
Name | Description | Value |
---|
SshConfiguration
Name | Description | Value |
---|---|---|
publicKeys | The list of SSH public keys used to authenticate with linux based VMs. | SshPublicKey[] |
SshPublicKey
Name | Description | Value |
---|---|---|
keyData | SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format. For creating ssh keys, see Create SSH keys on Linux and Mac for Linux VMs in Azure. |
string |
path | Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys | string |
StorageProfile
Name | Description | Value |
---|---|---|
dataDisks | Specifies the parameters that are used to add a data disk to a virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines. |
DataDisk[] |
imageReference | Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations. | ImageReference |
osDisk | Specifies information about the operating system disk used by the virtual machine. For more information about disks, see About disks and VHDs for Azure virtual machines. |
OSDisk |
SubResource
Name | Description | Value |
---|---|---|
id | Resource Id | string |
VaultCertificate
Name | Description | Value |
---|---|---|
certificateStore | For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account. For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted. |
string |
certificateUrl | This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" } |
string |
VaultSecretGroup
Name | Description | Value |
---|---|---|
sourceVault | The relative URL of the Key Vault containing all of the certificates in VaultCertificates. | SubResource |
vaultCertificates | The list of key vault references in SourceVault which contain certificates. | VaultCertificate[] |
VirtualHardDisk
Name | Description | Value |
---|---|---|
uri | Specifies the virtual hard disk's uri. | string |
VirtualMachineScaleSetIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource Id | string |
name | The IP configuration name. | string (required) |
properties | Describes a virtual machine scale set network profile's IP configuration properties. | VirtualMachineScaleSetIPConfigurationProperties |
VirtualMachineScaleSetIPConfigurationProperties
Name | Description | Value |
---|---|---|
applicationGatewayBackendAddressPools | Specifies an array of references to backend address pools of application gateways. A scale set can reference backend address pools of multiple application gateways. Multiple scale sets cannot use the same application gateway. | SubResource[] |
applicationSecurityGroups | Specifies an array of references to application security group. | SubResource[] |
loadBalancerBackendAddressPools | Specifies an array of references to backend address pools of load balancers. A scale set can reference backend address pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer. | SubResource[] |
loadBalancerInboundNatPools | Specifies an array of references to inbound Nat pools of the load balancers. A scale set can reference inbound nat pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer | SubResource[] |
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
privateIPAddressVersion | Available from Api-Version 2017-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. Possible values are: 'IPv4' and 'IPv6'. | 'IPv4' 'IPv6' |
publicIPAddressConfiguration | The publicIPAddressConfiguration. | VirtualMachineScaleSetPublicIPAddressConfiguration |
subnet | Specifies the identifier of the subnet. | ApiEntityReference |
VirtualMachineScaleSetIpTag
Name | Description | Value |
---|---|---|
ipTagType | IP tag type. Example: FirstPartyUsage. | string |
tag | IP tag associated with the public IP. Example: SQL, Storage etc. | string |
VirtualMachineScaleSetNetworkConfiguration
Name | Description | Value |
---|---|---|
id | Resource Id | string |
name | The network configuration name. | string (required) |
properties | Describes a virtual machine scale set network profile's IP configuration. | VirtualMachineScaleSetNetworkConfigurationProperties |
VirtualMachineScaleSetNetworkConfigurationDnsSettings
Name | Description | Value |
---|---|---|
dnsServers | List of DNS servers IP addresses | string[] |
VirtualMachineScaleSetNetworkConfigurationProperties
Name | Description | Value |
---|---|---|
dnsSettings | The dns settings to be applied on the network interfaces. | VirtualMachineScaleSetNetworkConfigurationDnsSettings |
enableAcceleratedNetworking | Specifies whether the network interface is accelerated networking-enabled. | bool |
enableIPForwarding | Whether IP forwarding enabled on this NIC. | bool |
ipConfigurations | Specifies the IP configurations of the network interface. | VirtualMachineScaleSetIPConfiguration[] (required) |
networkSecurityGroup | The network security group. | SubResource |
primary | Specifies the primary network interface in case the virtual machine has more than 1 network interface. | bool |
VirtualMachineScaleSetPublicIPAddressConfiguration
Name | Description | Value |
---|---|---|
name | The publicIP address configuration name. | string (required) |
properties | Describes a virtual machines scale set IP Configuration's PublicIPAddress configuration | VirtualMachineScaleSetPublicIPAddressConfigurationProperties |
VirtualMachineScaleSetPublicIPAddressConfigurationDnsSettings
Name | Description | Value |
---|---|---|
domainNameLabel | The Domain name label.The concatenation of the domain name label and vm index will be the domain name labels of the PublicIPAddress resources that will be created | string (required) |
VirtualMachineScaleSetPublicIPAddressConfigurationProperties
Name | Description | Value |
---|---|---|
dnsSettings | The dns settings to be applied on the publicIP addresses . | VirtualMachineScaleSetPublicIPAddressConfigurationDnsSettings |
idleTimeoutInMinutes | The idle timeout of the public IP address. | int |
ipTags | The list of IP tags associated with the public IP address. | VirtualMachineScaleSetIpTag[] |
publicIPPrefix | The PublicIPPrefix from which to allocate publicIP addresses. | SubResource |
VirtualMachineScaleSetVMNetworkProfileConfiguration
Name | Description | Value |
---|---|---|
networkInterfaceConfigurations | The list of network configurations. | VirtualMachineScaleSetNetworkConfiguration[] |
VirtualMachineScaleSetVMProperties
Name | Description | Value |
---|---|---|
additionalCapabilities | Specifies additional capabilities enabled or disabled on the virtual machine in the scale set. For instance: whether the virtual machine has the capability to support attaching managed data disks with UltraSSD_LRS storage account type. | AdditionalCapabilities |
availabilitySet | Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see Manage the availability of virtual machines. For more information on Azure planned maintenance, see Planned maintenance for virtual machines in Azure Currently, a VM can only be added to availability set at creation time. An existing VM cannot be added to an availability set. |
SubResource |
diagnosticsProfile | Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15. |
DiagnosticsProfile |
hardwareProfile | Specifies the hardware settings for the virtual machine. | HardwareProfile |
licenseType | Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. Possible values are: Windows_Client Windows_Server If this element is included in a request for an update, the value must match the initial value. This value cannot be updated. For more information, see Azure Hybrid Use Benefit for Windows Server Minimum api-version: 2015-06-15 |
string |
networkProfile | Specifies the network interfaces of the virtual machine. | NetworkProfile |
networkProfileConfiguration | Specifies the network profile configuration of the virtual machine. | VirtualMachineScaleSetVMNetworkProfileConfiguration |
osProfile | Specifies the operating system settings for the virtual machine. | OSProfile |
protectionPolicy | Specifies the protection policy of the virtual machine. | VirtualMachineScaleSetVMProtectionPolicy |
storageProfile | Specifies the storage settings for the virtual machine disks. | StorageProfile |
VirtualMachineScaleSetVMProtectionPolicy
Name | Description | Value |
---|---|---|
protectFromScaleIn | Indicates that the virtual machine scale set VM shouldn't be considered for deletion during a scale-in operation. | bool |
protectFromScaleSetActions | Indicates that model updates or actions (including scale-in) initiated on the virtual machine scale set should not be applied to the virtual machine scale set VM. | bool |
WindowsConfiguration
Name | Description | Value |
---|---|---|
additionalUnattendContent | Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. | AdditionalUnattendContent[] |
enableAutomaticUpdates | Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true. For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning. |
bool |
provisionVMAgent | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
bool |
timeZone | Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time" | string |
winRM | Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. | WinRMConfiguration |
WinRMConfiguration
Name | Description | Value |
---|---|---|
listeners | The list of Windows Remote Management listeners | WinRMListener[] |
WinRMListener
Name | Description | Value |
---|---|---|
certificateUrl | This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" } |
string |
protocol | Specifies the protocol of listener. Possible values are: http https |
'Http' 'Https' |