Add-AzureRmVmssSecret
Adds a secret to a VMSS.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
Add-AzureRmVmssSecret
[-VirtualMachineScaleSet] <PSVirtualMachineScaleSet>
[[-SourceVaultId] <String>]
[[-VaultCertificate] <VaultCertificate[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Add-AzureRmVmssSecret cmdlet adds a secret to the Virtual Machine Scale Set (VMSS). The secret must be stored in an Azure Key Vault. For more information relating to Key Vault, see What is Azure Key Vault? (https://azure.microsoft.com/en-us/documentation/articles/key-vault-whatis/). For more information about the cmdlets, see Azure Key Vault Cmdlets in the Microsoft Developer Network library or the Set-AzureKeyVaultSecret cmdlet.
Examples
Example 1: Add a secret to the VMSS
PS C:\> $Vault = Get-AzureRmKeyVault -VaultName "ContosoVault"
PS C:\> $CertConfig = New-AzureRmVmssVaultCertificateConfig -CertificateUrl "http://keyVaultName.vault.contoso.net/secrets/secretName/secretVersion" -CertificateStore "Certificates"
PS C:\> $VMSS = New-AzureRmVmssConfig
PS C:\> Add-AzureRmVmssSecret -VirtualMachineScaleSet $VMSS -SourceVaultId $Vault.ResourceId -VaultCertificate $CertConfigThis example adds a secret to the VMSS. The first command uses the Get-AzureRmKeyVault cmdlet to get a vault secret from the vault named ContosoVault and stores the result in the variable named $Vault. The second command uses the New-AzureRmVmssVaultCertificateConfig cmdlet to create a Key Vault certificate configuration using the specified certificate URL from the certificate store named Certificates and stores the results in the variable named $CertConfig. The third command uses the New-AzureRmVmssConfig cmdlet to create a VMSS configuration object and stores the result in the variable named $VMSS. The fourth command adds a secret to the VMSS using the vault secret using the key resource ID and the vault certificate stored in the $Vault and $CertConfig variables.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SourceVaultId
Specifies the resource ID of the Key Vault that contains the certificates that you can add to the virtual machine. This value also acts as the key for adding multiple certificates. This means that you can use the same value for the SourceVaultId parameter when you add multiple certificates from the same Key Vault.
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-VaultCertificate
Specifies the Vault Certificate object that contains the certificate URL and certificate name. You can use the New-AzureRmVmssVaultCertificateConfig cmdlet to create this object.
| Type: | VaultCertificate[] |
| Position: | 2 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-VirtualMachineScaleSet
Specifies the VMSS object. You can use the New-AzureRmVmssConfig cmdlet to create this object.
| Type: | PSVirtualMachineScaleSet |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |