az sf managed-node-type vm-secret
Managed vm secrets on a node type on managed clusters.
Commands
Name | Description | Type | Status |
---|---|---|---|
az sf managed-node-type vm-secret add |
Add a secret to the node type. |
Core | GA |
az sf managed-node-type vm-secret add
Add a secret to the node type.
az sf managed-node-type vm-secret add --certificate-store
--certificate-url
--cluster-name
--name
--resource-group
--source-vault-id
Examples
Add certificate to the node type as a secret.
az sf managed-node-type vm-secret add -g testRG -c testCluster -n snt --source-vault-id /subscriptions/XXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/testRG/providers/Microsoft.KeyVault/vaults/testkv --certificate-url https://testskv.vault.azure.net:443/secrets/TestCert/xxxxxxxxxxxxxxxxxxxxxxxx --certificate-store my
Required Parameters
Specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account.
This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:
{
"data":"",
"dataType":"pfx",
"password":""
}/.
Specify the name of the cluster, if not given it will be same as resource group name.
Node type name.
Specify the resource group name. You can configure the default group using az configure --defaults group=<name>
.
Key Vault resource id containing the certificates.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.