Restore Points - Create
The operation to create the restore point. Updating properties of an existing restore point is not allowed
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/restorePointCollections/{restorePointCollectionName}/restorePoints/{restorePointName}?api-version=2024-07-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
resource
|
path | True |
string |
The name of the resource group. |
|
restore
|
path | True |
string |
The name of the restore point collection. |
|
restore
|
path | True |
string |
The name of the restore point. |
|
subscription
|
path | True |
string |
Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call. |
|
api-version
|
query | True |
string |
Client Api Version. |
Request Body
| Name | Type | Description |
|---|---|---|
| properties.consistencyMode |
ConsistencyMode of the RestorePoint. Can be specified in the input while creating a restore point. For now, only CrashConsistent is accepted as a valid input. Please refer to https://aka.ms/RestorePoints for more details. |
|
| properties.excludeDisks |
List of disk resource ids that the customer wishes to exclude from the restore point. If no disks are specified, all disks will be included. |
|
| properties.sourceMetadata |
Gets the details of the VM captured at the time of the restore point creation. |
|
| properties.sourceRestorePoint |
Resource Id of the source restore point from which a copy needs to be created. |
|
| properties.timeCreated |
string |
Gets the creation time of the restore point. |
Responses
| Name | Type | Description |
|---|---|---|
| 201 Created |
Created |
|
| Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
| Copy a restore point to a different region |
| Create a restore point |
Copy a restore point to a different region
Sample request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/rpcName/restorePoints/rpName?api-version=2024-07-01
{
"properties": {
"sourceRestorePoint": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/sourceRpcName/restorePoints/sourceRpName"
}
}
}
Sample response
{
"name": "rpName",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/rpcName/restorePoints/rpName",
"properties": {
"sourceRestorePoint": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/sourceRpcName/restorePoints/sourceRpName"
},
"sourceMetadata": {
"vmId": "76d6541e-80bd-4dc1-932b-3cae4cfb80e7",
"hardwareProfile": {
"vmSize": "Standard_B1s"
},
"storageProfile": {
"osDisk": {
"osType": "Windows",
"name": "osDisk123",
"caching": "ReadWrite",
"managedDisk": {
"storageAccountType": "Standard_LRS",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/osDisk123"
},
"diskRestorePoint": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/rpcName/restorePoints/rpName/diskRestorePoints/osDisk123_22b4bdfe-6c54-4f72-84d8-85d8860f0c57"
}
},
"dataDisks": [
{
"lun": 1,
"name": "dataDisk123",
"caching": "None",
"managedDisk": {
"storageAccountType": "Standard_LRS",
"id": "/subscriptions/{subscription-id}/resourceGroups/userdata/providers/Microsoft.Compute/disks/dataDisk123"
},
"diskRestorePoint": {
"id": "/subscriptions/{subscription-id}/resourceGroups/userdata/providers/Microsoft.Compute/restorePointCollections/mynewrpc/restorePoints/restorepointtwo/diskRestorePoints/dataDisk123_68785190-1acb-4d5e-a8ae-705b45f3dca5"
}
}
],
"diskControllerType": "NVMe"
},
"osProfile": {
"computerName": "computerName",
"adminUsername": "admin",
"windowsConfiguration": {
"provisionVMAgent": true,
"enableAutomaticUpdates": true
},
"secrets": [],
"allowExtensionOperations": true,
"requireGuestProvisionSignal": true
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true
}
},
"location": "westus",
"userData": "c2FtcGxlIHVzZXJEYXRh"
},
"provisioningState": "Creating",
"consistencyMode": "ApplicationConsistent",
"timeCreated": "2021-10-25T23:54:29.2796325+00:00"
}
}Create a restore point
Sample request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/rpcName/restorePoints/rpName?api-version=2024-07-01
{
"properties": {
"excludeDisks": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/disk123"
}
]
}
}
Sample response
{
"name": "rpName",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/rpcName/restorePoints/rpName",
"properties": {
"excludeDisks": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/disk123"
}
],
"sourceMetadata": {
"vmId": "76d6541e-80bd-4dc1-932b-3cae4cfb80e7",
"hardwareProfile": {
"vmSize": "Standard_B1s"
},
"storageProfile": {
"osDisk": {
"osType": "Windows",
"name": "osDisk123",
"caching": "ReadWrite",
"managedDisk": {
"storageAccountType": "Standard_LRS",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/osDisk123"
},
"diskRestorePoint": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/rpcName/restorePoints/rpName/diskRestorePoints/osDisk123_22b4bdfe-6c54-4f72-84d8-85d8860f0c57"
}
},
"dataDisks": [
{
"lun": 1,
"name": "dataDisk123",
"caching": "None",
"managedDisk": {
"storageAccountType": "Standard_LRS",
"id": "/subscriptions/{subscription-id}/resourceGroups/userdata/providers/Microsoft.Compute/disks/dataDisk123"
},
"diskRestorePoint": {
"id": "/subscriptions/{subscription-id}/resourceGroups/userdata/providers/Microsoft.Compute/restorePointCollections/mynewrpc/restorePoints/restorepointtwo/diskRestorePoints/dataDisk123_68785190-1acb-4d5e-a8ae-705b45f3dca5"
}
}
],
"diskControllerType": "NVMe"
},
"osProfile": {
"computerName": "computerName",
"adminUsername": "admin",
"windowsConfiguration": {
"provisionVMAgent": true,
"enableAutomaticUpdates": true
},
"secrets": [],
"allowExtensionOperations": true,
"requireGuestProvisionSignal": true
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true
}
},
"location": "westus",
"userData": "c2FtcGxlIHVzZXJEYXRh"
},
"provisioningState": "Succeeded",
"consistencyMode": "ApplicationConsistent",
"timeCreated": "2021-01-27T20:35:05.8401519+00:00"
}
}Definitions
| Name | Description |
|---|---|
|
Additional |
Specifies additional XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. Contents are defined by setting name, component name, and the pass in which the content is applied. |
|
Api |
The API entity reference. |
|
Api |
Api error. |
|
Api |
Api error base. |
|
Boot |
Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor. |
|
Caching |
Gets the caching type. |
|
Cloud |
An error response from the Compute service. |
|
Component |
The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. |
|
Consistency |
ConsistencyMode of the RestorePoint. Can be specified in the input while creating a restore point. For now, only CrashConsistent is accepted as a valid input. Please refer to https://aka.ms/RestorePoints for more details. |
|
Diagnostics |
Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15. |
|
Disk |
Gets the disk controller type of the VM captured at the time of the restore point creation. |
|
Disk |
Describes the parameter of customer managed disk encryption set resource id that can be specified for disk. Note: The disk encryption set resource id can only be specified for managed disk. Please refer https://aka.ms/mdssewithcmkoverview for more details. |
|
Disk |
Describes a Encryption Settings for a Disk |
|
Disk |
Disk Restore Point details. |
|
Disk |
The instance view of a disk restore point. |
|
Disk |
The instance view of a disk restore point. |
|
Encryption |
Specifies the Managed Identity used by ADE to get access token for keyvault operations. |
|
Hardware |
Specifies the hardware settings for the virtual machine. |
|
Hyper |
HyperVGeneration of the source VM for which restore point is captured. |
|
Inner |
Inner error details. |
|
Instance |
Instance view status. |
|
Key |
Describes a reference to Key Vault Key |
|
Key |
Describes a reference to Key Vault Secret |
|
Linux |
Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions. |
|
Linux |
Specifies the mode of VM Guest Patch Assessment for the IaaS virtual machine. |
|
Linux |
Specifies settings related to VM Guest Patching on Linux. |
|
Linux |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
|
Linux |
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Linux patch settings. |
|
Linux |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
|
Managed |
The parameters of a managed disk. |
| Mode |
Specifies the mode that ProxyAgent will execute on if the feature is enabled. ProxyAgent will start to audit or monitor but not enforce access control over requests to host endpoints in Audit mode, while in Enforce mode it will enforce access control. The default value is Enforce mode. |
|
Operating |
Gets the Operating System type. |
| OSProfile |
Specifies the operating system settings for the virtual machine. Some of the settings cannot be changed once VM is provisioned. |
|
Pass |
The pass name. Currently, the only allowable value is OobeSystem. |
|
Patch |
Specifies settings related to VM Guest Patching on Windows. |
|
Protocol |
Specifies the protocol of WinRM listener. Possible values are: http, https. |
|
Proxy |
Specifies ProxyAgent settings while creating the virtual machine. Minimum api-version: 2023-09-01. |
|
Restore |
Restore Point details. |
|
Restore |
Encryption at rest settings for disk restore point. It is an optional property that can be specified in the input while creating a restore point. |
|
Restore |
The type of key used to encrypt the data of the disk restore point. |
|
Restore |
The instance view of a restore point. |
|
Restore |
Describes the properties of the Virtual Machine for which the restore point was created. The properties provided are a subset and the snapshot of the overall Virtual Machine properties captured at the time of the restore point creation. |
|
Restore |
Describes a data disk. |
|
Restore |
Describes an Operating System disk. |
|
Restore |
Describes the storage profile. |
|
security |
Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob.. Note: It can be set for only Confidential VMs. |
|
Security |
Specifies the Security profile settings for the virtual machine or virtual machine scale set. |
|
Security |
Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. |
|
Setting |
Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. |
|
Ssh |
SSH configuration for Linux based VMs running on Azure |
|
Ssh |
Contains information about SSH certificate public key and the path on the Linux VM where the public key is placed. |
|
Status |
The level code. |
|
Storage |
Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. |
|
Sub |
|
|
Uefi |
Specifies the security settings like secure boot and vTPM used while creating the virtual machine. Minimum api-version: 2020-12-01. |
|
Vault |
Describes a single certificate reference in a Key Vault, and where the certificate should reside on the VM. |
|
Vault |
Describes a set of certificates which are all in the same Key Vault. |
|
Virtual |
Specifies the size of the virtual machine. The enum data type is currently deprecated and will be removed by December 23rd 2023. The recommended way to get the list of available sizes is using these APIs: List all available virtual machine sizes in an availability set, List all available virtual machine sizes in a region, List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set. |
|
VMDisk |
Specifies the security profile settings for the managed disk. Note: It can only be set for Confidential VMs. |
|
VMSize |
Specifies VM Size Property settings on the virtual machine. |
|
Windows |
Specifies Windows operating system settings on the virtual machine. |
|
Windows |
Specifies the mode of VM Guest patch assessment for the IaaS virtual machine. |
|
Windows |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
|
Windows |
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Windows patch settings. |
|
Windows |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
|
Win |
Describes Windows Remote Management configuration of the VM |
|
Win |
Describes Protocol and thumbprint of Windows Remote Management listener |
AdditionalUnattendContent
Specifies additional XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. Contents are defined by setting name, component name, and the pass in which the content is applied.
| Name | Type | Description |
|---|---|---|
| componentName |
The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. |
|
| content |
string |
Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted. |
| passName |
The pass name. Currently, the only allowable value is OobeSystem. |
|
| settingName |
Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. |
ApiEntityReference
The API entity reference.
| Name | Type | Description |
|---|---|---|
| id |
string |
The ARM resource id in the form of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/... |
ApiError
Api error.
| Name | Type | Description |
|---|---|---|
| code |
string |
The error code. |
| details |
The Api error details |
|
| innererror |
The Api inner error |
|
| message |
string |
The error message. |
| target |
string |
The target of the particular error. |
ApiErrorBase
Api error base.
| Name | Type | Description |
|---|---|---|
| code |
string |
The error code. |
| message |
string |
The error message. |
| target |
string |
The target of the particular error. |
BootDiagnostics
Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor.
| Name | Type | Description |
|---|---|---|
| enabled |
boolean |
Whether boot diagnostics should be enabled on the Virtual Machine. |
| storageUri |
string |
Uri of the storage account to use for placing the console output and screenshot. If storageUri is not specified while enabling boot diagnostics, managed storage will be used. |
CachingTypes
Gets the caching type.
| Value | Description |
|---|---|
| None | |
| ReadOnly | |
| ReadWrite |
CloudError
An error response from the Compute service.
| Name | Type | Description |
|---|---|---|
| error |
Api error. |
ComponentNames
The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup.
| Value | Description |
|---|---|
| Microsoft-Windows-Shell-Setup |
ConsistencyModeTypes
ConsistencyMode of the RestorePoint. Can be specified in the input while creating a restore point. For now, only CrashConsistent is accepted as a valid input. Please refer to https://aka.ms/RestorePoints for more details.
| Value | Description |
|---|---|
| ApplicationConsistent | |
| CrashConsistent | |
| FileSystemConsistent |
DiagnosticsProfile
Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15.
| Name | Type | Description |
|---|---|---|
| bootDiagnostics |
Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. NOTE: If storageUri is being specified then ensure that the storage account is in the same region and subscription as the VM. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor. |
DiskControllerTypes
Gets the disk controller type of the VM captured at the time of the restore point creation.
| Value | Description |
|---|---|
| NVMe | |
| SCSI |
DiskEncryptionSetParameters
Describes the parameter of customer managed disk encryption set resource id that can be specified for disk. Note: The disk encryption set resource id can only be specified for managed disk. Please refer https://aka.ms/mdssewithcmkoverview for more details.
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id |
DiskEncryptionSettings
Describes a Encryption Settings for a Disk
| Name | Type | Description |
|---|---|---|
| diskEncryptionKey |
Specifies the location of the disk encryption key, which is a Key Vault Secret. |
|
| enabled |
boolean |
Specifies whether disk encryption should be enabled on the virtual machine. |
| keyEncryptionKey |
Specifies the location of the key encryption key in Key Vault. |
DiskRestorePointAttributes
Disk Restore Point details.
| Name | Type | Description |
|---|---|---|
| encryption |
Encryption at rest settings for disk restore point. It is an optional property that can be specified in the input while creating a restore point. |
|
| id |
string |
Resource Id |
| sourceDiskRestorePoint |
Resource Id of the source disk restore point. |
DiskRestorePointInstanceView
The instance view of a disk restore point.
| Name | Type | Description |
|---|---|---|
| id |
string |
Disk restore point Id. |
| replicationStatus |
The disk restore point replication status information. |
DiskRestorePointReplicationStatus
The instance view of a disk restore point.
| Name | Type | Description |
|---|---|---|
| completionPercent |
integer |
Replication completion percentage. |
| status |
The resource status information. |
EncryptionIdentity
Specifies the Managed Identity used by ADE to get access token for keyvault operations.
| Name | Type | Description |
|---|---|---|
| userAssignedIdentityResourceId |
string |
Specifies ARM Resource ID of one of the user identities associated with the VM. |
HardwareProfile
Specifies the hardware settings for the virtual machine.
| Name | Type | Description |
|---|---|---|
| vmSize |
Specifies the size of the virtual machine. The enum data type is currently deprecated and will be removed by December 23rd 2023. The recommended way to get the list of available sizes is using these APIs: List all available virtual machine sizes in an availability set, List all available virtual machine sizes in a region, List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set. |
|
| vmSizeProperties |
Specifies the properties for customizing the size of the virtual machine. Minimum api-version: 2021-07-01. This feature is still in preview mode and is not supported for VirtualMachineScaleSet. Please follow the instructions in VM Customization for more details. |
HyperVGenerationTypes
HyperVGeneration of the source VM for which restore point is captured.
| Value | Description |
|---|---|
| V1 | |
| V2 |
InnerError
Inner error details.
| Name | Type | Description |
|---|---|---|
| errordetail |
string |
The internal error message or exception dump. |
| exceptiontype |
string |
The exception type. |
InstanceViewStatus
Instance view status.
| Name | Type | Description |
|---|---|---|
| code |
string |
The status code. |
| displayStatus |
string |
The short localizable label for the status. |
| level |
The level code. |
|
| message |
string |
The detailed status message, including for alerts and error messages. |
| time |
string |
The time of the status. |
KeyVaultKeyReference
Describes a reference to Key Vault Key
| Name | Type | Description |
|---|---|---|
| keyUrl |
string |
The URL referencing a key encryption key in Key Vault. |
| sourceVault |
The relative URL of the Key Vault containing the key. |
KeyVaultSecretReference
Describes a reference to Key Vault Secret
| Name | Type | Description |
|---|---|---|
| secretUrl |
string |
The URL referencing a secret in a Key Vault. |
| sourceVault |
The relative URL of the Key Vault containing the secret. |
LinuxConfiguration
Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions.
| Name | Type | Description |
|---|---|---|
| disablePasswordAuthentication |
boolean |
Specifies whether password authentication should be disabled. |
| enableVMAgentPlatformUpdates |
boolean |
Indicates whether VMAgent Platform Updates is enabled for the Linux virtual machine. Default value is false. |
| patchSettings |
[Preview Feature] Specifies settings related to VM Guest Patching on Linux. |
|
| provisionVMAgent |
boolean |
Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
| ssh |
Specifies the ssh key configuration for a Linux OS. |
LinuxPatchAssessmentMode
Specifies the mode of VM Guest Patch Assessment for the IaaS virtual machine.
Possible values are:
ImageDefault - You control the timing of patch assessments on a virtual machine.
AutomaticByPlatform - The platform will trigger periodic patch assessments. The property provisionVMAgent must be true.
| Value | Description |
|---|---|
| AutomaticByPlatform | |
| ImageDefault |
LinuxPatchSettings
Specifies settings related to VM Guest Patching on Linux.
| Name | Type | Description |
|---|---|---|
| assessmentMode |
Specifies the mode of VM Guest Patch Assessment for the IaaS virtual machine. |
|
| automaticByPlatformSettings |
Specifies additional settings for patch mode AutomaticByPlatform in VM Guest Patching on Linux. |
|
| patchMode |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
LinuxVMGuestPatchAutomaticByPlatformRebootSetting
Specifies the reboot setting for all AutomaticByPlatform patch installation operations.
| Value | Description |
|---|---|
| Always | |
| IfRequired | |
| Never | |
| Unknown |
LinuxVMGuestPatchAutomaticByPlatformSettings
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Linux patch settings.
| Name | Type | Description |
|---|---|---|
| bypassPlatformSafetyChecksOnUserSchedule |
boolean |
Enables customer to schedule patching without accidental upgrades |
| rebootSetting |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
LinuxVMGuestPatchMode
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible.
Possible values are:
ImageDefault - The virtual machine's default patching configuration is used.
AutomaticByPlatform - The virtual machine will be automatically updated by the platform. The property provisionVMAgent must be true
| Value | Description |
|---|---|
| AutomaticByPlatform | |
| ImageDefault |
ManagedDiskParameters
The parameters of a managed disk.
| Name | Type | Description |
|---|---|---|
| diskEncryptionSet |
Specifies the customer managed disk encryption set resource id for the managed disk. |
|
| id |
string |
Resource Id |
| securityProfile |
Specifies the security profile for the managed disk. |
|
| storageAccountType |
Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. |
Mode
Specifies the mode that ProxyAgent will execute on if the feature is enabled. ProxyAgent will start to audit or monitor but not enforce access control over requests to host endpoints in Audit mode, while in Enforce mode it will enforce access control. The default value is Enforce mode.
| Value | Description |
|---|---|
| Audit | |
| Enforce |
OperatingSystemType
Gets the Operating System type.
| Value | Description |
|---|---|
| Linux | |
| Windows |
OSProfile
Specifies the operating system settings for the virtual machine. Some of the settings cannot be changed once VM is provisioned.
| Name | Type | Description |
|---|---|---|
| adminPassword |
string |
Specifies the password of the administrator account. |
| adminUsername |
string |
Specifies the name of the administrator account. |
| allowExtensionOperations |
boolean |
Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine. |
| computerName |
string |
Specifies the host OS name of the virtual machine. This name cannot be updated after the VM is created. Max-length (Windows): 15 characters. Max-length (Linux): 64 characters. For naming conventions and restrictions see Azure infrastructure services implementation guidelines. |
| customData |
string |
Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. Note: Do not pass any secrets or passwords in customData property. This property cannot be updated after the VM is created. The property 'customData' is passed to the VM to be saved as a file, for more information see Custom Data on Azure VMs. For using cloud-init for your Linux VM, see Using cloud-init to customize a Linux VM during creation. |
| linuxConfiguration |
Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions. |
|
| requireGuestProvisionSignal |
boolean |
Optional property which must either be set to True or omitted. |
| secrets |
Specifies set of certificates that should be installed onto the virtual machine. To install certificates on a virtual machine it is recommended to use the Azure Key Vault virtual machine extension for Linux or the Azure Key Vault virtual machine extension for Windows. |
|
| windowsConfiguration |
Specifies Windows operating system settings on the virtual machine. |
PassNames
The pass name. Currently, the only allowable value is OobeSystem.
| Value | Description |
|---|---|
| OobeSystem |
PatchSettings
Specifies settings related to VM Guest Patching on Windows.
| Name | Type | Description |
|---|---|---|
| assessmentMode |
Specifies the mode of VM Guest patch assessment for the IaaS virtual machine. |
|
| automaticByPlatformSettings |
Specifies additional settings for patch mode AutomaticByPlatform in VM Guest Patching on Windows. |
|
| enableHotpatching |
boolean |
Enables customers to patch their Azure VMs without requiring a reboot. For enableHotpatching, the 'provisionVMAgent' must be set to true and 'patchMode' must be set to 'AutomaticByPlatform'. |
| patchMode |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
ProtocolTypes
Specifies the protocol of WinRM listener. Possible values are: http, https.
| Value | Description |
|---|---|
| Http | |
| Https |
ProxyAgentSettings
Specifies ProxyAgent settings while creating the virtual machine. Minimum api-version: 2023-09-01.
| Name | Type | Description |
|---|---|---|
| enabled |
boolean |
Specifies whether ProxyAgent feature should be enabled on the virtual machine or virtual machine scale set. |
| keyIncarnationId |
integer |
Increase the value of this property allows user to reset the key used for securing communication channel between guest and host. |
| mode |
Specifies the mode that ProxyAgent will execute on if the feature is enabled. ProxyAgent will start to audit or monitor but not enforce access control over requests to host endpoints in Audit mode, while in Enforce mode it will enforce access control. The default value is Enforce mode. |
RestorePoint
Restore Point details.
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id |
| name |
string |
Resource name |
| properties.consistencyMode |
ConsistencyMode of the RestorePoint. Can be specified in the input while creating a restore point. For now, only CrashConsistent is accepted as a valid input. Please refer to https://aka.ms/RestorePoints for more details. |
|
| properties.excludeDisks |
List of disk resource ids that the customer wishes to exclude from the restore point. If no disks are specified, all disks will be included. |
|
| properties.instanceView |
The restore point instance view. |
|
| properties.provisioningState |
string |
Gets the provisioning state of the restore point. |
| properties.sourceMetadata |
Gets the details of the VM captured at the time of the restore point creation. |
|
| properties.sourceRestorePoint |
Resource Id of the source restore point from which a copy needs to be created. |
|
| properties.timeCreated |
string |
Gets the creation time of the restore point. |
| type |
string |
Resource type |
RestorePointEncryption
Encryption at rest settings for disk restore point. It is an optional property that can be specified in the input while creating a restore point.
| Name | Type | Description |
|---|---|---|
| diskEncryptionSet |
Describes the parameter of customer managed disk encryption set resource id that can be specified for disk. Note: The disk encryption set resource id can only be specified for managed disk. Please refer https://aka.ms/mdssewithcmkoverview for more details. |
|
| type |
The type of key used to encrypt the data of the disk restore point. |
RestorePointEncryptionType
The type of key used to encrypt the data of the disk restore point.
| Value | Description |
|---|---|
| EncryptionAtRestWithCustomerKey |
Disk Restore Point is encrypted at rest with Customer managed key that can be changed and revoked by a customer. |
| EncryptionAtRestWithPlatformAndCustomerKeys |
Disk Restore Point is encrypted at rest with 2 layers of encryption. One of the keys is Customer managed and the other key is Platform managed. |
| EncryptionAtRestWithPlatformKey |
Disk Restore Point is encrypted at rest with Platform managed key. |
RestorePointInstanceView
The instance view of a restore point.
| Name | Type | Description |
|---|---|---|
| diskRestorePoints |
The disk restore points information. |
|
| statuses |
The resource status information. |
RestorePointSourceMetadata
Describes the properties of the Virtual Machine for which the restore point was created. The properties provided are a subset and the snapshot of the overall Virtual Machine properties captured at the time of the restore point creation.
| Name | Type | Description |
|---|---|---|
| diagnosticsProfile |
Gets the diagnostics profile. |
|
| hardwareProfile |
Gets the hardware profile. |
|
| hyperVGeneration |
HyperVGeneration of the source VM for which restore point is captured. |
|
| licenseType |
string |
Gets the license type, which is for bring your own license scenario. |
| location |
string |
Location of the VM from which the restore point was created. |
| osProfile |
Gets the OS profile. |
|
| securityProfile |
Gets the security profile. |
|
| storageProfile |
Gets the storage profile. |
|
| userData |
string |
UserData associated with the source VM for which restore point is captured, which is a base-64 encoded value. |
| vmId |
string |
Gets the virtual machine unique id. |
RestorePointSourceVMDataDisk
Describes a data disk.
| Name | Type | Description |
|---|---|---|
| caching |
Gets the caching type. |
|
| diskRestorePoint |
Contains Disk Restore Point properties. |
|
| diskSizeGB |
integer |
Gets the initial disk size in GB for blank data disks, and the new desired size for existing OS and Data disks. |
| lun |
integer |
Gets the logical unit number. |
| managedDisk |
Contains the managed disk details. |
|
| name |
string |
Gets the disk name. |
| writeAcceleratorEnabled |
boolean |
Shows true if the disk is write-accelerator enabled. |
RestorePointSourceVMOSDisk
Describes an Operating System disk.
| Name | Type | Description |
|---|---|---|
| caching |
Gets the caching type. |
|
| diskRestorePoint |
Contains Disk Restore Point properties. |
|
| diskSizeGB |
integer |
Gets the disk size in GB. |
| encryptionSettings |
Gets the disk encryption settings. |
|
| managedDisk |
Gets the managed disk details |
|
| name |
string |
Gets the disk name. |
| osType |
Gets the Operating System type. |
|
| writeAcceleratorEnabled |
boolean |
Shows true if the disk is write-accelerator enabled. |
RestorePointSourceVMStorageProfile
Describes the storage profile.
| Name | Type | Description |
|---|---|---|
| dataDisks |
Gets the data disks of the VM captured at the time of the restore point creation. |
|
| diskControllerType |
Gets the disk controller type of the VM captured at the time of the restore point creation. |
|
| osDisk |
Gets the OS disk of the VM captured at the time of the restore point creation. |
securityEncryptionTypes
Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob.. Note: It can be set for only Confidential VMs.
| Value | Description |
|---|---|
| DiskWithVMGuestState | |
| NonPersistedTPM | |
| VMGuestStateOnly |
SecurityProfile
Specifies the Security profile settings for the virtual machine or virtual machine scale set.
| Name | Type | Description |
|---|---|---|
| encryptionAtHost |
boolean |
This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine or virtual machine scale set. This will enable the encryption for all the disks including Resource/Temp disk at host itself. The default behavior is: The Encryption at host will be disabled unless this property is set to true for the resource. |
| encryptionIdentity |
Specifies the Managed Identity used by ADE to get access token for keyvault operations. |
|
| proxyAgentSettings |
Specifies ProxyAgent settings while creating the virtual machine. Minimum api-version: 2023-09-01. |
|
| securityType |
Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. |
|
| uefiSettings |
Specifies the security settings like secure boot and vTPM used while creating the virtual machine. Minimum api-version: 2020-12-01. |
SecurityTypes
Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set.
| Value | Description |
|---|---|
| ConfidentialVM | |
| TrustedLaunch |
SettingNames
Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon.
| Value | Description |
|---|---|
| AutoLogon | |
| FirstLogonCommands |
SshConfiguration
SSH configuration for Linux based VMs running on Azure
| Name | Type | Description |
|---|---|---|
| publicKeys |
The list of SSH public keys used to authenticate with linux based VMs. |
SshPublicKey
Contains information about SSH certificate public key and the path on the Linux VM where the public key is placed.
| Name | Type | Description |
|---|---|---|
| keyData |
string |
SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format. For creating ssh keys, see [Create SSH keys on Linux and Mac for Linux VMs in Azure]https://docs.microsoft.com/azure/virtual-machines/linux/create-ssh-keys-detailed). |
| path |
string |
Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys |
StatusLevelTypes
The level code.
| Value | Description |
|---|---|
| Error | |
| Info | |
| Warning |
StorageAccountTypes
Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk.
| Value | Description |
|---|---|
| PremiumV2_LRS | |
| Premium_LRS | |
| Premium_ZRS | |
| StandardSSD_LRS | |
| StandardSSD_ZRS | |
| Standard_LRS | |
| UltraSSD_LRS |
SubResource
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id |
UefiSettings
Specifies the security settings like secure boot and vTPM used while creating the virtual machine. Minimum api-version: 2020-12-01.
| Name | Type | Description |
|---|---|---|
| secureBootEnabled |
boolean |
Specifies whether secure boot should be enabled on the virtual machine. Minimum api-version: 2020-12-01. |
| vTpmEnabled |
boolean |
Specifies whether vTPM should be enabled on the virtual machine. Minimum api-version: 2020-12-01. |
VaultCertificate
Describes a single certificate reference in a Key Vault, and where the certificate should reside on the VM.
| Name | Type | Description |
|---|---|---|
| certificateStore |
string |
For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account. For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted. |
| certificateUrl |
string |
This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: |
VaultSecretGroup
Describes a set of certificates which are all in the same Key Vault.
| Name | Type | Description |
|---|---|---|
| sourceVault |
The relative URL of the Key Vault containing all of the certificates in VaultCertificates. |
|
| vaultCertificates |
The list of key vault references in SourceVault which contain certificates. |
VirtualMachineSizeTypes
Specifies the size of the virtual machine. The enum data type is currently deprecated and will be removed by December 23rd 2023. The recommended way to get the list of available sizes is using these APIs: List all available virtual machine sizes in an availability set, List all available virtual machine sizes in a region, List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set.
| Value | Description |
|---|---|
| Basic_A0 | |
| Basic_A1 | |
| Basic_A2 | |
| Basic_A3 | |
| Basic_A4 | |
| Standard_A0 | |
| Standard_A1 | |
| Standard_A10 | |
| Standard_A11 | |
| Standard_A1_v2 | |
| Standard_A2 | |
| Standard_A2_v2 | |
| Standard_A2m_v2 | |
| Standard_A3 | |
| Standard_A4 | |
| Standard_A4_v2 | |
| Standard_A4m_v2 | |
| Standard_A5 | |
| Standard_A6 | |
| Standard_A7 | |
| Standard_A8 | |
| Standard_A8_v2 | |
| Standard_A8m_v2 | |
| Standard_A9 | |
| Standard_B1ms | |
| Standard_B1s | |
| Standard_B2ms | |
| Standard_B2s | |
| Standard_B4ms | |
| Standard_B8ms | |
| Standard_D1 | |
| Standard_D11 | |
| Standard_D11_v2 | |
| Standard_D12 | |
| Standard_D12_v2 | |
| Standard_D13 | |
| Standard_D13_v2 | |
| Standard_D14 | |
| Standard_D14_v2 | |
| Standard_D15_v2 | |
| Standard_D16_v3 | |
| Standard_D16s_v3 | |
| Standard_D1_v2 | |
| Standard_D2 | |
| Standard_D2_v2 | |
| Standard_D2_v3 | |
| Standard_D2s_v3 | |
| Standard_D3 | |
| Standard_D32_v3 | |
| Standard_D32s_v3 | |
| Standard_D3_v2 | |
| Standard_D4 | |
| Standard_D4_v2 | |
| Standard_D4_v3 | |
| Standard_D4s_v3 | |
| Standard_D5_v2 | |
| Standard_D64_v3 | |
| Standard_D64s_v3 | |
| Standard_D8_v3 | |
| Standard_D8s_v3 | |
| Standard_DS1 | |
| Standard_DS11 | |
| Standard_DS11_v2 | |
| Standard_DS12 | |
| Standard_DS12_v2 | |
| Standard_DS13 | |
| Standard_DS13-2_v2 | |
| Standard_DS13-4_v2 | |
| Standard_DS13_v2 | |
| Standard_DS14 | |
| Standard_DS14-4_v2 | |
| Standard_DS14-8_v2 | |
| Standard_DS14_v2 | |
| Standard_DS15_v2 | |
| Standard_DS1_v2 | |
| Standard_DS2 | |
| Standard_DS2_v2 | |
| Standard_DS3 | |
| Standard_DS3_v2 | |
| Standard_DS4 | |
| Standard_DS4_v2 | |
| Standard_DS5_v2 | |
| Standard_E16_v3 | |
| Standard_E16s_v3 | |
| Standard_E2_v3 | |
| Standard_E2s_v3 | |
| Standard_E32-16_v3 | |
| Standard_E32-8s_v3 | |
| Standard_E32_v3 | |
| Standard_E32s_v3 | |
| Standard_E4_v3 | |
| Standard_E4s_v3 | |
| Standard_E64-16s_v3 | |
| Standard_E64-32s_v3 | |
| Standard_E64_v3 | |
| Standard_E64s_v3 | |
| Standard_E8_v3 | |
| Standard_E8s_v3 | |
| Standard_F1 | |
| Standard_F16 | |
| Standard_F16s | |
| Standard_F16s_v2 | |
| Standard_F1s | |
| Standard_F2 | |
| Standard_F2s | |
| Standard_F2s_v2 | |
| Standard_F32s_v2 | |
| Standard_F4 | |
| Standard_F4s | |
| Standard_F4s_v2 | |
| Standard_F64s_v2 | |
| Standard_F72s_v2 | |
| Standard_F8 | |
| Standard_F8s | |
| Standard_F8s_v2 | |
| Standard_G1 | |
| Standard_G2 | |
| Standard_G3 | |
| Standard_G4 | |
| Standard_G5 | |
| Standard_GS1 | |
| Standard_GS2 | |
| Standard_GS3 | |
| Standard_GS4 | |
| Standard_GS4-4 | |
| Standard_GS4-8 | |
| Standard_GS5 | |
| Standard_GS5-16 | |
| Standard_GS5-8 | |
| Standard_H16 | |
| Standard_H16m | |
| Standard_H16mr | |
| Standard_H16r | |
| Standard_H8 | |
| Standard_H8m | |
| Standard_L16s | |
| Standard_L32s | |
| Standard_L4s | |
| Standard_L8s | |
| Standard_M128-32ms | |
| Standard_M128-64ms | |
| Standard_M128ms | |
| Standard_M128s | |
| Standard_M64-16ms | |
| Standard_M64-32ms | |
| Standard_M64ms | |
| Standard_M64s | |
| Standard_NC12 | |
| Standard_NC12s_v2 | |
| Standard_NC12s_v3 | |
| Standard_NC24 | |
| Standard_NC24r | |
| Standard_NC24rs_v2 | |
| Standard_NC24rs_v3 | |
| Standard_NC24s_v2 | |
| Standard_NC24s_v3 | |
| Standard_NC6 | |
| Standard_NC6s_v2 | |
| Standard_NC6s_v3 | |
| Standard_ND12s | |
| Standard_ND24rs | |
| Standard_ND24s | |
| Standard_ND6s | |
| Standard_NV12 | |
| Standard_NV24 | |
| Standard_NV6 |
VMDiskSecurityProfile
Specifies the security profile settings for the managed disk. Note: It can only be set for Confidential VMs.
| Name | Type | Description |
|---|---|---|
| diskEncryptionSet |
Specifies the customer managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. |
|
| securityEncryptionType |
Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob.. Note: It can be set for only Confidential VMs. |
VMSizeProperties
Specifies VM Size Property settings on the virtual machine.
| Name | Type | Description |
|---|---|---|
| vCPUsAvailable |
integer |
Specifies the number of vCPUs available for the VM. When this property is not specified in the request body the default behavior is to set it to the value of vCPUs available for that VM size exposed in api response of List all available virtual machine sizes in a region. |
| vCPUsPerCore |
integer |
Specifies the vCPU to physical core ratio. When this property is not specified in the request body the default behavior is set to the value of vCPUsPerCore for the VM Size exposed in api response of List all available virtual machine sizes in a region. Setting this property to 1 also means that hyper-threading is disabled. |
WindowsConfiguration
Specifies Windows operating system settings on the virtual machine.
| Name | Type | Description |
|---|---|---|
| additionalUnattendContent |
Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. |
|
| enableAutomaticUpdates |
boolean |
Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true. For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning. |
| enableVMAgentPlatformUpdates |
boolean |
Indicates whether VMAgent Platform Updates are enabled for the Windows Virtual Machine. |
| patchSettings |
[Preview Feature] Specifies settings related to VM Guest Patching on Windows. |
|
| provisionVMAgent |
boolean |
Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, it is set to true by default. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
| timeZone |
string |
Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time". Possible values can be TimeZoneInfo.Id value from time zones returned by TimeZoneInfo.GetSystemTimeZones. |
| winRM |
Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. |
WindowsPatchAssessmentMode
Specifies the mode of VM Guest patch assessment for the IaaS virtual machine.
Possible values are:
ImageDefault - You control the timing of patch assessments on a virtual machine.
AutomaticByPlatform - The platform will trigger periodic patch assessments. The property provisionVMAgent must be true.
| Value | Description |
|---|---|
| AutomaticByPlatform | |
| ImageDefault |
WindowsVMGuestPatchAutomaticByPlatformRebootSetting
Specifies the reboot setting for all AutomaticByPlatform patch installation operations.
| Value | Description |
|---|---|
| Always | |
| IfRequired | |
| Never | |
| Unknown |
WindowsVMGuestPatchAutomaticByPlatformSettings
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Windows patch settings.
| Name | Type | Description |
|---|---|---|
| bypassPlatformSafetyChecksOnUserSchedule |
boolean |
Enables customer to schedule patching without accidental upgrades |
| rebootSetting |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
WindowsVMGuestPatchMode
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible.
Possible values are:
Manual - You control the application of patches to a virtual machine. You do this by applying patches manually inside the VM. In this mode, automatic updates are disabled; the property WindowsConfiguration.enableAutomaticUpdates must be false
AutomaticByOS - The virtual machine will automatically be updated by the OS. The property WindowsConfiguration.enableAutomaticUpdates must be true.
AutomaticByPlatform - the virtual machine will automatically updated by the platform. The properties provisionVMAgent and WindowsConfiguration.enableAutomaticUpdates must be true
| Value | Description |
|---|---|
| AutomaticByOS | |
| AutomaticByPlatform | |
| Manual |
WinRMConfiguration
Describes Windows Remote Management configuration of the VM
| Name | Type | Description |
|---|---|---|
| listeners |
The list of Windows Remote Management listeners |
WinRMListener
Describes Protocol and thumbprint of Windows Remote Management listener
| Name | Type | Description |
|---|---|---|
| certificateUrl |
string |
This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be the Base64 encoding of the following JSON Object which is encoded in UTF-8: |
| protocol |
Specifies the protocol of WinRM listener. Possible values are: http, https. |