Microsoft.Compute virtualMachineScaleSets 2016-03-30

Template format

To create a Microsoft.Compute/virtualMachineScaleSets resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Compute/virtualMachineScaleSets",
  "apiVersion": "2016-03-30",
  "location": "string",
  "tags": {},
  "sku": {
    "name": "string",
    "tier": "string",
    "capacity": "integer"
  },
  "properties": {
    "upgradePolicy": {
      "mode": "string"
    },
    "virtualMachineProfile": {
      "osProfile": {
        "computerNamePrefix": "string",
        "adminUsername": "string",
        "adminPassword": "string",
        "customData": "string",
        "windowsConfiguration": {
          "provisionVMAgent": "boolean",
          "enableAutomaticUpdates": "boolean",
          "timeZone": "string",
          "additionalUnattendContent": [
            {
              "passName": "OobeSystem",
              "componentName": "Microsoft-Windows-Shell-Setup",
              "settingName": "string",
              "content": "string"
            }
          ],
          "winRM": {
            "listeners": [
              {
                "protocol": "string",
                "certificateUrl": "string"
              }
            ]
          }
        },
        "linuxConfiguration": {
          "disablePasswordAuthentication": "boolean",
          "ssh": {
            "publicKeys": [
              {
                "path": "string",
                "keyData": "string"
              }
            ]
          }
        },
        "secrets": [
          {
            "sourceVault": {
              "id": "string"
            },
            "vaultCertificates": [
              {
                "certificateUrl": "string",
                "certificateStore": "string"
              }
            ]
          }
        ]
      },
      "storageProfile": {
        "imageReference": {
          "publisher": "string",
          "offer": "string",
          "sku": "string",
          "version": "string"
        },
        "osDisk": {
          "name": "string",
          "caching": "string",
          "createOption": "string",
          "osType": "string",
          "image": {
            "uri": "string"
          },
          "vhdContainers": [
            "string"
          ]
        }
      },
      "networkProfile": {
        "networkInterfaceConfigurations": [
          {
            "id": "string",
            "name": "string",
            "properties": {
              "primary": "boolean",
              "ipConfigurations": [
                {
                  "id": "string",
                  "name": "string",
                  "properties": {
                    "subnet": {
                      "id": "string"
                    },
                    "applicationGatewayBackendAddressPools": [
                      {
                        "id": "string"
                      }
                    ],
                    "loadBalancerBackendAddressPools": [
                      {
                        "id": "string"
                      }
                    ],
                    "loadBalancerInboundNatPools": [
                      {
                        "id": "string"
                      }
                    ]
                  }
                }
              ]
            }
          }
        ]
      },
      "extensionProfile": {
        "extensions": [
          {
            "id": "string",
            "name": "string",
            "properties": {
              "publisher": "string",
              "type": "string",
              "typeHandlerVersion": "string",
              "autoUpgradeMinorVersion": "boolean",
              "settings": {},
              "protectedSettings": {}
            }
          }
        ]
      }
    },
    "overProvision": "boolean"
  },
  "identity": {
    "type": "SystemAssigned"
  }
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Compute/virtualMachineScaleSets object

Name Type Required Value
name string Yes The name of the VM scale set to create or update.
type enum Yes Microsoft.Compute/virtualMachineScaleSets
apiVersion enum Yes 2016-03-30
location string Yes Resource location
tags object No Resource tags
sku object No The virtual machine scale set sku. - Sku object
properties object Yes VirtualMachineScaleSetProperties object
identity object No The identity of the virtual machine scale set, if configured. - VirtualMachineScaleSetIdentity object

Sku object

Name Type Required Value
name string No The sku name.
tier string No Specifies the tier of virtual machines in a scale set.

Possible Values:

Standard

Basic
capacity integer No Specifies the number of virtual machines in the scale set.

VirtualMachineScaleSetProperties object

Name Type Required Value
upgradePolicy object No The upgrade policy. - UpgradePolicy object
virtualMachineProfile object No The virtual machine profile. - VirtualMachineScaleSetVMProfile object
overProvision boolean No Specifies whether the Virtual Machine Scale Set should be overprovisioned.

VirtualMachineScaleSetIdentity object

Name Type Required Value
type enum No The type of identity used for the virtual machine scale set. Currently, the only supported type is 'SystemAssigned', which implicitly creates an identity. - SystemAssigned

UpgradePolicy object

Name Type Required Value
mode enum No Specifies the mode of an upgrade to virtual machines in the scale set.

Possible values are:

Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action.

Automatic - All virtual machines in the scale set are automatically updated at the same time. - Automatic or Manual

VirtualMachineScaleSetVMProfile object

Name Type Required Value
osProfile object No The virtual machine scale set OS profile. - VirtualMachineScaleSetOSProfile object
storageProfile object No The virtual machine scale set storage profile. - VirtualMachineScaleSetStorageProfile object
networkProfile object No The virtual machine scale set network profile. - VirtualMachineScaleSetNetworkProfile object
extensionProfile object No The virtual machine scale set extension profile. - VirtualMachineScaleSetExtensionProfile object

VirtualMachineScaleSetOSProfile object

Name Type Required Value
computerNamePrefix string No Specifies the computer name prefix for all of the virtual machines in the scale set. Computer name prefixes must be 1 to 15 characters long.
adminUsername string No Specifies the name of the administrator account.

Windows-only restriction: Cannot end in "."

Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5".

Minimum-length (Linux): 1 character

Max-length (Linux): 64 characters

Max-length (Windows): 20 characters

  • For root access to the Linux VM, see Using root privileges on Linux virtual machines in Azure
  • For a list of built-in system users on Linux that should not be used in this field, see Selecting User Names for Linux on Azure
  • adminPassword string No Specifies the password of the administrator account.

    Minimum-length (Windows): 8 characters

    Minimum-length (Linux): 6 characters

    Max-length (Windows): 123 characters

    Max-length (Linux): 72 characters

    Complexity requirements: 3 out of 4 conditions below need to be fulfilled
    Has lower characters
    Has upper characters
    Has a digit
    Has a special character (Regex match [\W_])

    Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"

    For resetting the password, see How to reset the Remote Desktop service or its login password in a Windows VM

    For resetting root password, see Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension
    customData string No A base-64 encoded string of custom data.
    windowsConfiguration object No The Windows Configuration of the OS profile. - WindowsConfiguration object
    linuxConfiguration object No The Linux Configuration of the OS profile. - LinuxConfiguration object
    secrets array No The List of certificates for addition to the VM. - VaultSecretGroup object

    VirtualMachineScaleSetStorageProfile object

    Name Type Required Value
    imageReference object No The image reference. - ImageReference object
    osDisk object No The OS disk. - VirtualMachineScaleSetOSDisk object

    VirtualMachineScaleSetNetworkProfile object

    Name Type Required Value
    networkInterfaceConfigurations array No The list of network configurations. - VirtualMachineScaleSetNetworkConfiguration object

    VirtualMachineScaleSetExtensionProfile object

    Name Type Required Value
    extensions array No The virtual machine scale set child extension resources. - VirtualMachineScaleSetExtension object

    WindowsConfiguration object

    Name Type Required Value
    provisionVMAgent boolean No Indicates whether virtual machine agent should be provisioned on the virtual machine.

    When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.
    enableAutomaticUpdates boolean No Indicates whether virtual machine is enabled for automatic updates.
    timeZone string No Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time"
    additionalUnattendContent array No Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object
    winRM object No Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. - WinRMConfiguration object

    LinuxConfiguration object

    Name Type Required Value
    disablePasswordAuthentication boolean No Specifies whether password authentication should be disabled.
    ssh object No Specifies the ssh key configuration for a Linux OS. - SshConfiguration object

    VaultSecretGroup object

    Name Type Required Value
    sourceVault object No The relative URL of the Key Vault containing all of the certificates in VaultCertificates. - SubResource object
    vaultCertificates array No The list of key vault references in SourceVault which contain certificates. - VaultCertificate object

    ImageReference object

    Name Type Required Value
    publisher string No The image publisher.
    offer string No Specifies the offer of the platform image or marketplace image used to create the virtual machine.
    sku string No The image SKU.
    version string No Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available.

    VirtualMachineScaleSetOSDisk object

    Name Type Required Value
    name string Yes The disk name.
    caching enum No Specifies the caching requirements.

    Possible values are:

    None

    ReadOnly

    ReadWrite

    Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite
    createOption enum Yes Specifies how the virtual machines in the scale set should be created.

    The only allowed value is: FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. - FromImage, Empty, Attach
    osType enum No This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD.

    Possible values are:

    Windows

    Linux. - Windows or Linux
    image object No The Source User Image VirtualHardDisk. This VirtualHardDisk will be copied before using it to attach to the Virtual Machine. If SourceImage is provided, the destination VirtualHardDisk should not exist. - VirtualHardDisk object
    vhdContainers array No The list of virtual hard disk container uris. - string

    VirtualMachineScaleSetNetworkConfiguration object

    Name Type Required Value
    id string No Resource Id
    name string Yes The network configuration name.
    properties object No VirtualMachineScaleSetNetworkConfigurationProperties object

    VirtualMachineScaleSetExtension object

    Name Type Required Value
    id string No Resource Id
    name string No The name of the extension.
    properties object No VirtualMachineScaleSetExtensionProperties object

    AdditionalUnattendContent object

    Name Type Required Value
    passName enum No The pass name. Currently, the only allowable value is OobeSystem. - OobeSystem
    componentName enum No The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. - Microsoft-Windows-Shell-Setup
    settingName enum No Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. - AutoLogon or FirstLogonCommands
    content string No Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted.

    WinRMConfiguration object

    Name Type Required Value
    listeners array No The list of Windows Remote Management listeners - WinRMListener object

    SshConfiguration object

    Name Type Required Value
    publicKeys array No The list of SSH public keys used to authenticate with linux based VMs. - SshPublicKey object

    SubResource object

    Name Type Required Value
    id string No Resource Id

    VaultCertificate object

    Name Type Required Value
    certificateUrl string No This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

    {
    "data":"",
    "dataType":"pfx",
    "password":""
    }
    certificateStore string No For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account.

    For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted.

    VirtualHardDisk object

    Name Type Required Value
    uri string No Specifies the virtual hard disk's uri.

    VirtualMachineScaleSetNetworkConfigurationProperties object

    Name Type Required Value
    primary boolean No Whether this is a primary NIC on a virtual machine.
    ipConfigurations array Yes The virtual machine scale set IP Configuration. - VirtualMachineScaleSetIPConfiguration object

    VirtualMachineScaleSetExtensionProperties object

    Name Type Required Value
    publisher string No The name of the extension handler publisher.
    type string No The type of the extension handler.
    typeHandlerVersion string No The type version of the extension handler.
    autoUpgradeMinorVersion boolean No Whether the extension handler should be automatically upgraded across minor versions.
    settings object No Json formatted public settings for the extension.
    protectedSettings object No Json formatted protected settings for the extension.

    WinRMListener object

    Name Type Required Value
    protocol enum No Specifies the protocol of listener.

    Possible values are:
    http

    https. - Http or Https
    certificateUrl string No This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

    {
    "data":"",
    "dataType":"pfx",
    "password":""
    }

    SshPublicKey object

    Name Type Required Value
    path string No Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys
    keyData string No SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format.

    For creating ssh keys, see Create SSH keys on Linux and Mac for Linux VMs in Azure.

    VirtualMachineScaleSetIPConfiguration object

    Name Type Required Value
    id string No Resource Id
    name string Yes The IP configuration name.
    properties object No VirtualMachineScaleSetIPConfigurationProperties object

    VirtualMachineScaleSetIPConfigurationProperties object

    Name Type Required Value
    subnet object Yes The subnet. - ApiEntityReference object
    applicationGatewayBackendAddressPools array No The application gateway backend address pools. - SubResource object
    loadBalancerBackendAddressPools array No The load balancer backend address pools. - SubResource object
    loadBalancerInboundNatPools array No The load balancer inbound nat pools. - SubResource object

    ApiEntityReference object

    Name Type Required Value
    id string No The ARM resource id in the form of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/...

    Quickstart templates

    The following quickstart templates deploy this resource type.

    Template Description
    Azure Container Service Engine (acs-engine) - Swarm Mode

    Deploy to Azure
    The Azure Container Service Engine (acs-engine) generates ARM (Azure Resource Manager) templates for Docker enabled clusters on Microsoft Azure with your choice of DC/OS, Kubernetes, Swarm Mode, or Swarm orchestrators. The input to the tool is a cluster definition. The cluster definition is very similar to (in many cases the same as) the ARM template syntax used to deploy a Microsoft Azure Container Service cluster.
    VMSS with Public IP Prefix

    Deploy to Azure
    Template for deploying VMSS with Public IP Prefix
    Disable encryption on an existing Linux VMSS

    Deploy to Azure
    Disables encryption on an existing Linux VMSS
    Enable data volume encryption on a running Linux VMSS

    Deploy to Azure
    Enables data volume encryption on a running Linux VMSS
    Create and encrypt a new Linux VMSS with jumpbox

    Deploy to Azure
    This template deploys a Linux VMSS using the latest Linux image, adds data volumes, and then encrypts the data volumes of each Linux VMSS instance. It also deploys a jumpbox with a public IP address in the same virtual network as the Linux VMSS instances with private IP addresses. This allows connecting to the jumpbox via its public IP address, and then connecting to the Linux VMSS instances via private IP addresses.
    Create and encrypt a new Windows VMSS with jumpbox

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Windows VMs using the lastest patched version of serveral Windows versions. This template also deploys a jumpbox with a public IP address in the same virtual network. You can connect to the jumpbox via this public IP address, then connect from there to VMs in the scale set via private IP addresses.This template enables encryption on the VM Scale Set of Windows VMs.
    Deploy VM Scale Set with LB probe and automatic repairs

    Deploy to Azure
    This template allows you to deploy a VM scale set of Linux VMs behind a load balancer with health probe configured. The scale set also has automatic instance repairs policy enabled with a grace period of 30 minutes.
    Deploy a VMSS that connects each VM to an Azure Files share

    Deploy to Azure
    This template deploys an Ubuntu Virtual Machine Scale Set and uses a custom script extension to connect each VM to an Azure Files share
    Deploy VM Scale Set with Python Bottle server & AutoScale

    Deploy to Azure
    Deploy a VM Scale Set behind a load balancer/NAT & each VM running a simple Python Bottle app that does work. With Autoscale configured Scale Set will scale out & in as needed
    VM Scale Set from a Managed Image connected to an existing Virtual Network and Application Gateway

    Deploy to Azure
    This template deploys a VM Scale Set based on an existing Managed Image, connected to an existing Virtual Network and existing Application Gateway Backend Pool.
    Deploy a Windows VM Scale Set with a Custom Script Extension

    Deploy to Azure
    This template allows you to deploy a VM Scale Set of Windows VMs using the lastest patched version of various Windows Versions. These VMs have a custom script extension for customization and are behind a load balancer with NAT rules for rdp connections.
    Deploy a VM Scale Set from the Azure Data Science VM

    Deploy to Azure
    These templates deploy VM scale sets, using the Azure Data Science VMs as a source image.
    Deploy a Scale Set into an existing vnet

    Deploy to Azure
    This template deploys a VM Scale Set into an exsisting vnet.
    Deploy a VM Scale Set with Linux VMs behind ILB

    Deploy to Azure
    This template allows you to deploy a VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 15.10 or 14.04.4-LTS. These VMs are behind an internal load balancer with NAT rules for ssh connections.
    Deploy a VM Scale Set with a Linux custom image

    Deploy to Azure
    This template allows you to deploy a custom VM Linux image inside an Scale Set. These VMs are behind a load balancer with HTTP load balancing (by default on port 80). The example uses a custom script to do the application deployment and update, you may have to provide your custom script for your own update procedure. You will have to provide a generalized image of your VM in the same subscription and region where you create the VMSS.
    Deploy a simple VM Scale Set with Linux VMs and a Jumpbox

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 15.10 or 14.04.4-LTS. There is also a jumpbox to enable connections from outside of the VNet the VMs are in.
    Deploy a simple VM Scale Set with Linux VMs

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 14.04.4-LTS or 16.04-LTS. These VMs are behind a load balancer with NAT rules for ssh connections.
    Deploy a VM Scale Set with Linux VMs in Availabilty Zones

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 14.04.4-LTS or 16.04-LTS. These VMs are behind a load balancer with NAT rules for ssh connections.
    Deploy a Linux VMSS wth master/slave architecture

    Deploy to Azure
    This template allows you to deploy a Linux VMSS with a Custom Script Extension in master slave architecture
    Deploy a simple VM Scale Set with Linux VMs and public IPv4 per VM

    Deploy to Azure
    This template demonstrates deploying a simple scale set with load balancer, inbound NAT rules, and public IP per VM.
    Manually change the number of VMs in a Scale Set.

    Deploy to Azure
    This template allows you to manually change the number of VMs in a Scale Set.
    Deploy an Ubuntu VM scale set with Azure Application Gateway

    Deploy to Azure
    This template allows you to deploy a simple Ubuntu VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
    Deploy a VM Scale Set with Linux VMs and Auto Scale

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 15.04 or 14.04.4-LTS. These VMs are behind a load balancer with NAT rules for ssh connections.They also have Auto Scale integrated
    VM Scale Set web serverswith git pull deployment

    Deploy to Azure
    VM Scale Set web servers pulling content securely from git using ssh deployment keys
    SSL enabled VM Scale Set

    Deploy to Azure
    Deploys web servers configures with SSL certificates deployed securely form Azure Key Vault
    Deploy a Windows VM scale set with Azure Application Gateway

    Deploy to Azure
    This template allows you to deploy a simple Windows VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
    Deploy a VM Scale Set with Windows VMs and Auto Scale

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Windows VMs using the latest patched version of Windows 2008-R2-SP1, 2012-Datacenter, or 2012-R2-Datacenter. These VMs are behind a load balancer with NAT rules for RDP connections. They also have Auto Scale integrated
    Deploy a VM Scale Set with a Windows custom image

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set usng a custom Windows image. These VMs are behind a load balancer with HTTP load balancing (by default on port 80)
    Deploy a simple VM Scale Set with Windows VMs and a Jumpbox

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Windows VMs using the lastest patched version of serveral Windows versions. This template also deploys a jumpbox with a public IP address in the same virtual network. You can connect to the jumpbox via this public IP address, then connect from there to VMs in the scale set via private IP addresses.
    Deploy a simple VM Scale Set with Windows VMs

    Deploy to Azure
    This template allows you to deploy a simple VM Scale Set of Windows VMs using the lastest patched version of various Windows Versions. These VMs are behind a load balancer with NAT rules for rdp connections.
    Deploy a VM Scale Set with Windows VMs in Availability Zones

    Deploy to Azure
    This template allows you to deploy a VM Scale Set of Windows VMs using the lastest patched version of various Windows Versions. These VMs are behind a load balancer with NAT rules for rdp connections.
    VM Scale Set with autoscale running an IIS WebApp

    Deploy to Azure
    Deploys a Windows VM Scale Set running IIS and a very basic .NET MVC web app. The VMSS PowerShell DSC Extension is leveraged to do the IIS install and WebDeploy package deployment.
    Deploy a Scale Set into an existing vnet

    Deploy to Azure
    This template deploys a Windows 2016 Datacenter VM Scale Set into an exsisting resource group, vnet and subnet.
    Deploy Windows VMSS configure windows featurtes SSL DSC

    Deploy to Azure
    This template allows you to deploy two Windows VMSS, configure windows features like IIS/Web Role, .Net Framework 4.5, windows auth, application initialization, download application deployment packages, URL Rewrite & SSL configuration using DSC and Azure Key Vault
    Add multiple VMs into a Virtual Machine Scale Set

    Deploy to Azure
    This template will create N number of VM's with managed disks, public IPs and network interfaces. It will create the VMs in a Virtula Machine Scale Set. They will be provisioned in a Virtual Network which will also be created as part of the deployment