Microsoft.Compute virtualMachines

Template format

To create a Microsoft.Compute/virtualMachines resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Compute/virtualMachines",
  "apiVersion": "2020-12-01",
  "location": "string",
  "tags": {},
  "plan": {
    "name": "string",
    "publisher": "string",
    "product": "string",
    "promotionCode": "string"
  },
  "properties": {
    "hardwareProfile": {
      "vmSize": "string"
    },
    "storageProfile": {
      "imageReference": {
        "id": "string",
        "publisher": "string",
        "offer": "string",
        "sku": "string",
        "version": "string"
      },
      "osDisk": {
        "osType": "string",
        "encryptionSettings": {
          "diskEncryptionKey": {
            "secretUrl": "string",
            "sourceVault": {
              "id": "string"
            }
          },
          "keyEncryptionKey": {
            "keyUrl": "string",
            "sourceVault": {
              "id": "string"
            }
          },
          "enabled": "boolean"
        },
        "name": "string",
        "vhd": {
          "uri": "string"
        },
        "image": {
          "uri": "string"
        },
        "caching": "string",
        "writeAcceleratorEnabled": "boolean",
        "diffDiskSettings": {
          "option": "Local",
          "placement": "string"
        },
        "createOption": "string",
        "diskSizeGB": "integer",
        "managedDisk": {
          "id": "string",
          "storageAccountType": "string",
          "diskEncryptionSet": {
            "id": "string"
          }
        }
      },
      "dataDisks": [
        {
          "lun": "integer",
          "name": "string",
          "vhd": {
            "uri": "string"
          },
          "image": {
            "uri": "string"
          },
          "caching": "string",
          "writeAcceleratorEnabled": "boolean",
          "createOption": "string",
          "diskSizeGB": "integer",
          "managedDisk": {
            "id": "string",
            "storageAccountType": "string",
            "diskEncryptionSet": {
              "id": "string"
            }
          },
          "toBeDetached": "boolean",
          "detachOption": "ForceDetach"
        }
      ]
    },
    "additionalCapabilities": {
      "ultraSSDEnabled": "boolean"
    },
    "osProfile": {
      "computerName": "string",
      "adminUsername": "string",
      "adminPassword": "string",
      "customData": "string",
      "windowsConfiguration": {
        "provisionVMAgent": "boolean",
        "enableAutomaticUpdates": "boolean",
        "timeZone": "string",
        "additionalUnattendContent": [
          {
            "passName": "OobeSystem",
            "componentName": "Microsoft-Windows-Shell-Setup",
            "settingName": "string",
            "content": "string"
          }
        ],
        "patchSettings": {
          "patchMode": "string",
          "enableHotpatching": "boolean"
        },
        "winRM": {
          "listeners": [
            {
              "protocol": "string",
              "certificateUrl": "string"
            }
          ]
        }
      },
      "linuxConfiguration": {
        "disablePasswordAuthentication": "boolean",
        "ssh": {
          "publicKeys": [
            {
              "path": "string",
              "keyData": "string"
            }
          ]
        },
        "provisionVMAgent": "boolean",
        "patchSettings": {
          "patchMode": "string"
        }
      },
      "secrets": [
        {
          "sourceVault": {
            "id": "string"
          },
          "vaultCertificates": [
            {
              "certificateUrl": "string",
              "certificateStore": "string"
            }
          ]
        }
      ],
      "allowExtensionOperations": "boolean",
      "requireGuestProvisionSignal": "boolean"
    },
    "networkProfile": {
      "networkInterfaces": [
        {
          "id": "string",
          "properties": {
            "primary": "boolean"
          }
        }
      ]
    },
    "securityProfile": {
      "uefiSettings": {
        "secureBootEnabled": "boolean",
        "vTpmEnabled": "boolean"
      },
      "encryptionAtHost": "boolean",
      "securityType": "TrustedLaunch"
    },
    "diagnosticsProfile": {
      "bootDiagnostics": {
        "enabled": "boolean",
        "storageUri": "string"
      }
    },
    "availabilitySet": {
      "id": "string"
    },
    "virtualMachineScaleSet": {
      "id": "string"
    },
    "proximityPlacementGroup": {
      "id": "string"
    },
    "priority": "string",
    "evictionPolicy": "string",
    "billingProfile": {
      "maxPrice": "number"
    },
    "host": {
      "id": "string"
    },
    "hostGroup": {
      "id": "string"
    },
    "licenseType": "string",
    "extensionsTimeBudget": "string",
    "platformFaultDomain": "integer"
  },
  "identity": {
    "type": "string",
    "userAssignedIdentities": {}
  },
  "zones": [
    "string"
  ],
  "extendedLocation": {
    "name": "string",
    "type": "EdgeZone"
  },
  "resources": []
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Compute/virtualMachines object

Note

In Bicep, type and apiVersion are specified in the first line of the resource declaration. Use the format <type>@<apiVersion>. Don't set those properties in the resource body.

Name Type Required Value
name string Yes The name of the virtual machine.
type enum Yes For JSON - Microsoft.Compute/virtualMachines
apiVersion enum Yes For JSON - 2020-12-01
location string Yes Resource location
tags object No Resource tags
plan object No Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. In the Azure portal, find the marketplace image that you want to use and then click Want to deploy programmatically, Get Started ->. Enter any required information and then click Save. - Plan object
properties object Yes VirtualMachineProperties object
identity object No The identity of the virtual machine, if configured. - VirtualMachineIdentity object
zones array No The virtual machine zones. - string
extendedLocation object No The extended location of the Virtual Machine. - ExtendedLocation object
resources array No extensions

Plan object

Name Type Required Value
name string No The plan ID.
publisher string No The publisher ID.
product string No Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.
promotionCode string No The promotion code.

VirtualMachineProperties object

Name Type Required Value
hardwareProfile object No Specifies the hardware settings for the virtual machine. - HardwareProfile object
storageProfile object No Specifies the storage settings for the virtual machine disks. - StorageProfile object
additionalCapabilities object No Specifies additional capabilities enabled or disabled on the virtual machine. - AdditionalCapabilities object
osProfile object No Specifies the operating system settings used while creating the virtual machine. Some of the settings cannot be changed once VM is provisioned. - OSProfile object
networkProfile object No Specifies the network interfaces of the virtual machine. - NetworkProfile object
securityProfile object No Specifies the Security related profile settings for the virtual machine. - SecurityProfile object
diagnosticsProfile object No Specifies the boot diagnostic settings state.

Minimum api-version: 2015-06-15. - DiagnosticsProfile object
availabilitySet object No Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see Manage the availability of virtual machines.

For more information on Azure planned maintenance, see Planned maintenance for virtual machines in Azure

Currently, a VM can only be added to availability set at creation time. The availability set to which the VM is being added should be under the same resource group as the availability set resource. An existing VM cannot be added to an availability set.

This property cannot exist along with a non-null properties.virtualMachineScaleSet reference. - SubResource object
virtualMachineScaleSet object No Specifies information about the virtual machine scale set that the virtual machine should be assigned to. Virtual machines specified in the same virtual machine scale set are allocated to different nodes to maximize availability. Currently, a VM can only be added to virtual machine scale set at creation time. An existing VM cannot be added to a virtual machine scale set.

This property cannot exist along with a non-null properties.availabilitySet reference.

Minimum api‐version: 2019‐03‐01 - SubResource object
proximityPlacementGroup object No Specifies information about the proximity placement group that the virtual machine should be assigned to.

Minimum api-version: 2018-04-01. - SubResource object
priority enum No Specifies the priority for the virtual machine.

Minimum api-version: 2019-03-01. - Regular, Low, Spot
evictionPolicy enum No Specifies the eviction policy for the Azure Spot virtual machine and Azure Spot scale set.

For Azure Spot virtual machines, both 'Deallocate' and 'Delete' are supported and the minimum api-version is 2019-03-01.

For Azure Spot scale sets, both 'Deallocate' and 'Delete' are supported and the minimum api-version is 2017-10-30-preview. - Deallocate or Delete
billingProfile object No Specifies the billing related details of a Azure Spot virtual machine.

Minimum api-version: 2019-03-01. - BillingProfile object
host object No Specifies information about the dedicated host that the virtual machine resides in.

Minimum api-version: 2018-10-01. - SubResource object
hostGroup object No Specifies information about the dedicated host group that the virtual machine resides in.

Minimum api-version: 2020-06-01.

NOTE: User cannot specify both host and hostGroup properties. - SubResource object
licenseType string No Specifies that the image or disk that is being used was licensed on-premises.

Possible values for Windows Server operating system are:

Windows_Client

Windows_Server

Possible values for Linux Server operating system are:

RHEL_BYOS (for RHEL)

SLES_BYOS (for SUSE)

For more information, see Azure Hybrid Use Benefit for Windows Server

Azure Hybrid Use Benefit for Linux Server

Minimum api-version: 2015-06-15
extensionsTimeBudget string No Specifies the time alloted for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. The default value is 90 minutes (PT1H30M).

Minimum api-version: 2020-06-01
platformFaultDomain integer No Specifies the scale set logical fault domain into which the Virtual Machine will be created. By default, the Virtual Machine will by automatically assigned to a fault domain that best maintains balance across available fault domains.
  • This is applicable only if the 'virtualMachineScaleSet' property of this Virtual Machine is set.
  • The Virtual Machine Scale Set that is referenced, must have 'platformFaultDomainCount' > 1.
  • This property cannot be updated once the Virtual Machine is created.
  • Fault domain assignment can be viewed in the Virtual Machine Instance View.

    Minimum api‐version: 2020‐12‐01
  • VirtualMachineIdentity object

    Name Type Required Value
    type enum No The type of identity used for the virtual machine. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. - SystemAssigned, UserAssigned, SystemAssigned, UserAssigned, None
    userAssignedIdentities object No The list of user identities associated with the Virtual Machine. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    ExtendedLocation object

    Name Type Required Value
    name string No The name of the extended location.
    type enum No The type of the extended location. - EdgeZone

    HardwareProfile object

    Name Type Required Value
    vmSize enum No Specifies the size of the virtual machine.

    The enum data type is currently deprecated and will be removed by December 23rd 2023.

    Recommended way to get the list of available sizes is using these APIs:

    List all available virtual machine sizes in an availability set

    List all available virtual machine sizes in a region

    List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines.

    The available VM sizes depend on region and availability set. - Basic_A0, Basic_A1, Basic_A2, Basic_A3, Basic_A4, Standard_A0, Standard_A1, Standard_A2, Standard_A3, Standard_A4, Standard_A5, Standard_A6, Standard_A7, Standard_A8, Standard_A9, Standard_A10, Standard_A11, Standard_A1_v2, Standard_A2_v2, Standard_A4_v2, Standard_A8_v2, Standard_A2m_v2, Standard_A4m_v2, Standard_A8m_v2, Standard_B1s, Standard_B1ms, Standard_B2s, Standard_B2ms, Standard_B4ms, Standard_B8ms, Standard_D1, Standard_D2, Standard_D3, Standard_D4, Standard_D11, Standard_D12, Standard_D13, Standard_D14, Standard_D1_v2, Standard_D2_v2, Standard_D3_v2, Standard_D4_v2, Standard_D5_v2, Standard_D2_v3, Standard_D4_v3, Standard_D8_v3, Standard_D16_v3, Standard_D32_v3, Standard_D64_v3, Standard_D2s_v3, Standard_D4s_v3, Standard_D8s_v3, Standard_D16s_v3, Standard_D32s_v3, Standard_D64s_v3, Standard_D11_v2, Standard_D12_v2, Standard_D13_v2, Standard_D14_v2, Standard_D15_v2, Standard_DS1, Standard_DS2, Standard_DS3, Standard_DS4, Standard_DS11, Standard_DS12, Standard_DS13, Standard_DS14, Standard_DS1_v2, Standard_DS2_v2, Standard_DS3_v2, Standard_DS4_v2, Standard_DS5_v2, Standard_DS11_v2, Standard_DS12_v2, Standard_DS13_v2, Standard_DS14_v2, Standard_DS15_v2, Standard_DS13-4_v2, Standard_DS13-2_v2, Standard_DS14-8_v2, Standard_DS14-4_v2, Standard_E2_v3, Standard_E4_v3, Standard_E8_v3, Standard_E16_v3, Standard_E32_v3, Standard_E64_v3, Standard_E2s_v3, Standard_E4s_v3, Standard_E8s_v3, Standard_E16s_v3, Standard_E32s_v3, Standard_E64s_v3, Standard_E32-16_v3, Standard_E32-8s_v3, Standard_E64-32s_v3, Standard_E64-16s_v3, Standard_F1, Standard_F2, Standard_F4, Standard_F8, Standard_F16, Standard_F1s, Standard_F2s, Standard_F4s, Standard_F8s, Standard_F16s, Standard_F2s_v2, Standard_F4s_v2, Standard_F8s_v2, Standard_F16s_v2, Standard_F32s_v2, Standard_F64s_v2, Standard_F72s_v2, Standard_G1, Standard_G2, Standard_G3, Standard_G4, Standard_G5, Standard_GS1, Standard_GS2, Standard_GS3, Standard_GS4, Standard_GS5, Standard_GS4-8, Standard_GS4-4, Standard_GS5-16, Standard_GS5-8, Standard_H8, Standard_H16, Standard_H8m, Standard_H16m, Standard_H16r, Standard_H16mr, Standard_L4s, Standard_L8s, Standard_L16s, Standard_L32s, Standard_M64s, Standard_M64ms, Standard_M128s, Standard_M128ms, Standard_M64-32ms, Standard_M64-16ms, Standard_M128-64ms, Standard_M128-32ms, Standard_NC6, Standard_NC12, Standard_NC24, Standard_NC24r, Standard_NC6s_v2, Standard_NC12s_v2, Standard_NC24s_v2, Standard_NC24rs_v2, Standard_NC6s_v3, Standard_NC12s_v3, Standard_NC24s_v3, Standard_NC24rs_v3, Standard_ND6s, Standard_ND12s, Standard_ND24s, Standard_ND24rs, Standard_NV6, Standard_NV12, Standard_NV24

    StorageProfile object

    Name Type Required Value
    imageReference object No Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations. - ImageReference object
    osDisk object No Specifies information about the operating system disk used by the virtual machine.

    For more information about disks, see About disks and VHDs for Azure virtual machines. - OSDisk object
    dataDisks array No Specifies the parameters that are used to add a data disk to a virtual machine.

    For more information about disks, see About disks and VHDs for Azure virtual machines. - DataDisk object

    AdditionalCapabilities object

    Name Type Required Value
    ultraSSDEnabled boolean No The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled.

    OSProfile object

    Name Type Required Value
    computerName string No Specifies the host OS name of the virtual machine.

    This name cannot be updated after the VM is created.

    Max-length (Windows): 15 characters

    Max-length (Linux): 64 characters.

    For naming conventions and restrictions see Azure infrastructure services implementation guidelines.
    adminUsername string No Specifies the name of the administrator account.

    This property cannot be updated after the VM is created.

    Windows-only restriction: Cannot end in "."

    Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5".

    Minimum-length (Linux): 1 character

    Max-length (Linux): 64 characters

    Max-length (Windows): 20 characters

  • For root access to the Linux VM, see Using root privileges on Linux virtual machines in Azure
  • For a list of built-in system users on Linux that should not be used in this field, see Selecting User Names for Linux on Azure
  • adminPassword string No Specifies the password of the administrator account.

    Minimum-length (Windows): 8 characters

    Minimum-length (Linux): 6 characters

    Max-length (Windows): 123 characters

    Max-length (Linux): 72 characters

    Complexity requirements: 3 out of 4 conditions below need to be fulfilled
    Has lower characters
    Has upper characters
    Has a digit
    Has a special character (Regex match [\W_])

    Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"

    For resetting the password, see How to reset the Remote Desktop service or its login password in a Windows VM

    For resetting root password, see Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension
    customData string No Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes.

    Note: Do not pass any secrets or passwords in customData property

    This property cannot be updated after the VM is created.

    customData is passed to the VM to be saved as a file, for more information see Custom Data on Azure VMs

    For using cloud-init for your Linux VM, see Using cloud-init to customize a Linux VM during creation
    windowsConfiguration object No Specifies Windows operating system settings on the virtual machine. - WindowsConfiguration object
    linuxConfiguration object No Specifies the Linux operating system settings on the virtual machine.

    For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions

    For running non-endorsed distributions, see Information for Non-Endorsed Distributions. - LinuxConfiguration object
    secrets array No Specifies set of certificates that should be installed onto the virtual machine. - VaultSecretGroup object
    allowExtensionOperations boolean No Specifies whether extension operations should be allowed on the virtual machine.

    This may only be set to False when no extensions are present on the virtual machine.
    requireGuestProvisionSignal boolean No Specifies whether the guest provision signal is required to infer provision success of the virtual machine. Note: This property is for private testing only, and all customers must not set the property to false.

    NetworkProfile object

    Name Type Required Value
    networkInterfaces array No Specifies the list of resource Ids for the network interfaces associated with the virtual machine. - NetworkInterfaceReference object

    SecurityProfile object

    Name Type Required Value
    uefiSettings object No Specifies the security settings like secure boot and vTPM used while creating the virtual machine.

    Minimum api-version: 2020-12-01 - UefiSettings object
    encryptionAtHost boolean No This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine or virtual machine scale set. This will enable the encryption for all the disks including Resource/Temp disk at host itself.

    Default: The Encryption at host will be disabled unless this property is set to true for the resource.
    securityType enum No Specifies the SecurityType of the virtual machine. It is set as TrustedLaunch to enable UefiSettings.

    Default: UefiSettings will not be enabled unless this property is set as TrustedLaunch. - TrustedLaunch

    DiagnosticsProfile object

    Name Type Required Value
    bootDiagnostics object No Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status.

    You can easily view the output of your console log.

    Azure also enables you to see a screenshot of the VM from the hypervisor. - BootDiagnostics object

    SubResource object

    Name Type Required Value
    id string No Resource Id

    BillingProfile object

    Name Type Required Value
    maxPrice number No Specifies the maximum price you are willing to pay for a Azure Spot VM/VMSS. This price is in US Dollars.

    This price will be compared with the current Azure Spot price for the VM size. Also, the prices are compared at the time of create/update of Azure Spot VM/VMSS and the operation will only succeed if the maxPrice is greater than the current Azure Spot price.

    The maxPrice will also be used for evicting a Azure Spot VM/VMSS if the current Azure Spot price goes beyond the maxPrice after creation of VM/VMSS.

    Possible values are:

    - Any decimal value greater than zero. Example: 0.01538

    -1 – indicates default price to be up-to on-demand.

    You can set the maxPrice to -1 to indicate that the Azure Spot VM/VMSS should not be evicted for price reasons. Also, the default max price is -1 if it is not provided by you.

    Minimum api-version: 2019-03-01.

    ImageReference object

    Name Type Required Value
    id string No Resource Id
    publisher string No The image publisher.
    offer string No Specifies the offer of the platform image or marketplace image used to create the virtual machine.
    sku string No The image SKU.
    version string No Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available.

    OSDisk object

    Name Type Required Value
    osType enum No This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD.

    Possible values are:

    Windows

    Linux. - Windows or Linux
    encryptionSettings object No Specifies the encryption settings for the OS Disk.

    Minimum api-version: 2015-06-15 - DiskEncryptionSettings object
    name string No The disk name.
    vhd object No The virtual hard disk. - VirtualHardDisk object
    image object No The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. - VirtualHardDisk object
    caching enum No Specifies the caching requirements.

    Possible values are:

    None

    ReadOnly

    ReadWrite

    Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite
    writeAcceleratorEnabled boolean No Specifies whether writeAccelerator should be enabled or disabled on the disk.
    diffDiskSettings object No Specifies the ephemeral Disk Settings for the operating system disk used by the virtual machine. - DiffDiskSettings object
    createOption enum Yes Specifies how the virtual machine should be created.

    Possible values are:

    Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine.

    FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. - FromImage, Empty, Attach
    diskSizeGB integer No Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image.

    This value cannot be larger than 1023 GB
    managedDisk object No The managed disk parameters. - ManagedDiskParameters object

    DataDisk object

    Name Type Required Value
    lun integer Yes Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM.
    name string No The disk name.
    vhd object No The virtual hard disk. - VirtualHardDisk object
    image object No The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. - VirtualHardDisk object
    caching enum No Specifies the caching requirements.

    Possible values are:

    None

    ReadOnly

    ReadWrite

    Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite
    writeAcceleratorEnabled boolean No Specifies whether writeAccelerator should be enabled or disabled on the disk.
    createOption enum Yes Specifies how the virtual machine should be created.

    Possible values are:

    Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine.

    FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. - FromImage, Empty, Attach
    diskSizeGB integer No Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image.

    This value cannot be larger than 1023 GB
    managedDisk object No The managed disk parameters. - ManagedDiskParameters object
    toBeDetached boolean No Specifies whether the data disk is in process of detachment from the VirtualMachine/VirtualMachineScaleset
    detachOption enum No Specifies the detach behavior to be used while detaching a disk or which is already in the process of detachment from the virtual machine. Supported values: ForceDetach.

    detachOption: ForceDetach is applicable only for managed data disks. If a previous detachment attempt of the data disk did not complete due to an unexpected failure from the virtual machine and the disk is still not released then use force-detach as a last resort option to detach the disk forcibly from the VM. All writes might not have been flushed when using this detach behavior.

    This feature is still in preview mode and is not supported for VirtualMachineScaleSet. To force-detach a data disk update toBeDetached to 'true' along with setting detachOption: 'ForceDetach'. - ForceDetach

    WindowsConfiguration object

    Name Type Required Value
    provisionVMAgent boolean No Indicates whether virtual machine agent should be provisioned on the virtual machine.

    When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.
    enableAutomaticUpdates boolean No Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true.

    For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning.
    timeZone string No Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time".

    Possible values can be TimeZoneInfo.Id value from time zones returned by TimeZoneInfo.GetSystemTimeZones.
    additionalUnattendContent array No Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object
    patchSettings object No [Preview Feature] Specifies settings related to VM Guest Patching on Windows. - PatchSettings object
    winRM object No Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. - WinRMConfiguration object

    LinuxConfiguration object

    Name Type Required Value
    disablePasswordAuthentication boolean No Specifies whether password authentication should be disabled.
    ssh object No Specifies the ssh key configuration for a Linux OS. - SshConfiguration object
    provisionVMAgent boolean No Indicates whether virtual machine agent should be provisioned on the virtual machine.

    When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.
    patchSettings object No [Preview Feature] Specifies settings related to VM Guest Patching on Linux. - LinuxPatchSettings object

    VaultSecretGroup object

    Name Type Required Value
    sourceVault object No The relative URL of the Key Vault containing all of the certificates in VaultCertificates. - SubResource object
    vaultCertificates array No The list of key vault references in SourceVault which contain certificates. - VaultCertificate object

    NetworkInterfaceReference object

    Name Type Required Value
    id string No Resource Id
    properties object No NetworkInterfaceReferenceProperties object

    UefiSettings object

    Name Type Required Value
    secureBootEnabled boolean No Specifies whether secure boot should be enabled on the virtual machine.

    Minimum api-version: 2020-12-01
    vTpmEnabled boolean No Specifies whether vTPM should be enabled on the virtual machine.

    Minimum api-version: 2020-12-01

    BootDiagnostics object

    Name Type Required Value
    enabled boolean No Whether boot diagnostics should be enabled on the Virtual Machine.
    storageUri string No Uri of the storage account to use for placing the console output and screenshot.

    If storageUri is not specified while enabling boot diagnostics, managed storage will be used.

    DiskEncryptionSettings object

    Name Type Required Value
    diskEncryptionKey object No Specifies the location of the disk encryption key, which is a Key Vault Secret. - KeyVaultSecretReference object
    keyEncryptionKey object No Specifies the location of the key encryption key in Key Vault. - KeyVaultKeyReference object
    enabled boolean No Specifies whether disk encryption should be enabled on the virtual machine.

    VirtualHardDisk object

    Name Type Required Value
    uri string No Specifies the virtual hard disk's uri.

    DiffDiskSettings object

    Name Type Required Value
    option enum No Specifies the ephemeral disk settings for operating system disk. - Local
    placement enum No Specifies the ephemeral disk placement for operating system disk.

    Possible values are:

    CacheDisk

    ResourceDisk

    Default: CacheDisk if one is configured for the VM size otherwise ResourceDisk is used.

    Refer to VM size documentation for Windows VM at https://docs.microsoft.com/azure/virtual-machines/windows/sizes and Linux VM at https://docs.microsoft.com/azure/virtual-machines/linux/sizes to check which VM sizes exposes a cache disk. - CacheDisk or ResourceDisk

    ManagedDiskParameters object

    Name Type Required Value
    id string No Resource Id
    storageAccountType enum No Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. - Standard_LRS, Premium_LRS, StandardSSD_LRS, UltraSSD_LRS, Premium_ZRS, StandardSSD_ZRS
    diskEncryptionSet object No Specifies the customer managed disk encryption set resource id for the managed disk. - DiskEncryptionSetParameters object

    AdditionalUnattendContent object

    Name Type Required Value
    passName enum No The pass name. Currently, the only allowable value is OobeSystem. - OobeSystem
    componentName enum No The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. - Microsoft-Windows-Shell-Setup
    settingName enum No Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. - AutoLogon or FirstLogonCommands
    content string No Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted.

    PatchSettings object

    Name Type Required Value
    patchMode enum No Specifies the mode of VM Guest Patching to IaaS virtual machine.

    Possible values are:

    Manual - You control the application of patches to a virtual machine. You do this by applying patches manually inside the VM. In this mode, automatic updates are disabled; the property WindowsConfiguration.enableAutomaticUpdates must be false

    AutomaticByOS - The virtual machine will automatically be updated by the OS. The property WindowsConfiguration.enableAutomaticUpdates must be true.

    AutomaticByPlatform - the virtual machine will automatically updated by the platform. The properties provisionVMAgent and WindowsConfiguration.enableAutomaticUpdates must be true. - Manual, AutomaticByOS, AutomaticByPlatform
    enableHotpatching boolean No Enables customers to patch their Azure VMs without requiring a reboot. For enableHotpatching, the 'provisionVMAgent' must be set to true and 'patchMode' must be set to 'AutomaticByPlatform'.

    WinRMConfiguration object

    Name Type Required Value
    listeners array No The list of Windows Remote Management listeners - WinRMListener object

    SshConfiguration object

    Name Type Required Value
    publicKeys array No The list of SSH public keys used to authenticate with linux based VMs. - SshPublicKey object

    LinuxPatchSettings object

    Name Type Required Value
    patchMode enum No Specifies the mode of VM Guest Patching to IaaS virtual machine.

    Possible values are:

    ImageDefault - The virtual machine's default patching configuration is used.

    AutomaticByPlatform - The virtual machine will be automatically updated by the platform. The property provisionVMAgent must be true. - ImageDefault or AutomaticByPlatform

    VaultCertificate object

    Name Type Required Value
    certificateUrl string No This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

    {
    "data":"",
    "dataType":"pfx",
    "password":""
    }
    certificateStore string No For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account.

    For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted.

    NetworkInterfaceReferenceProperties object

    Name Type Required Value
    primary boolean No Specifies the primary network interface in case the virtual machine has more than 1 network interface.

    KeyVaultSecretReference object

    Name Type Required Value
    secretUrl string Yes The URL referencing a secret in a Key Vault.
    sourceVault object Yes The relative URL of the Key Vault containing the secret. - SubResource object

    KeyVaultKeyReference object

    Name Type Required Value
    keyUrl string Yes The URL referencing a key encryption key in Key Vault.
    sourceVault object Yes The relative URL of the Key Vault containing the key. - SubResource object

    DiskEncryptionSetParameters object

    Name Type Required Value
    id string No Resource Id

    WinRMListener object

    Name Type Required Value
    protocol enum No Specifies the protocol of WinRM listener.

    Possible values are:
    http

    https. - Http or Https
    certificateUrl string No This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

    {
    "data":"",
    "dataType":"pfx",
    "password":""
    }

    SshPublicKey object

    Name Type Required Value
    path string No Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys
    keyData string No SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format.

    For creating ssh keys, see Create SSH keys on Linux and Mac for Linux VMs in Azure.

    Quickstart templates

    The following quickstart templates deploy this resource type.

    Template Description
    Deploy a simple Linux VM and update private IP to static

    Deploy to Azure
    This template allows you to deploy a simple Linux VM using Ubuntu from the marketplace. This will deploy a VNET, Subnet, and an A1 size VM in the resource group location with a dynamically assigned IP address and then convert it to static IP.
    Create VMs in Availability Sets using Resource Loops

    Deploy to Azure
    Create 2-5 VMs in Availability Sets using Resource Loops. The VMs can be Unbuntu or Windows with a maximum of 5 VMs since this sample uses a single storageAccount
    Multi VM Template with Managed Disk

    Deploy to Azure
    This template will create N number of VM's with managed disks, public IPs and network interfaces. It will create the VMs in a single Availability Set. They will be provisioned in a Virtual Network which will also be created as part of the deployment
    Install a file on a Windows VM

    Deploy to Azure
    This template allows you to deploy a Windows VM and run a custom PowerShell script to install a file on that VM.
    Deploy a Premium Windows VM

    Deploy to Azure
    This template allows you to deploy a Premium Windows VM using a few different options for the Windows version, using the latest patched version.
    Create a VM in a VNET in different Resource Group

    Deploy to Azure
    This template creates a VM in a VNET which is in a different Resource Group
    Join a VM to an existing domain

    Deploy to Azure
    This template demonstrates domain join to a private AD domain up in cloud.
    Create a VM with a dynamic selection of data disks

    Deploy to Azure
    This template allows the user to select the number of data disks they'd like to add to the VM.
    Create a VM from a EfficientIP VHD

    Deploy to Azure
    This template creates a VM from a EfficientIP VHD and let you connect it to an existing VNET that can reside in another Resource Group then the virtual machine
    Create a VM from User Image

    Deploy to Azure
    This template allows you to create a Virtual Machines from a User image. This template also deploys a Virtual Network, Public IP addresses and a Network Interface.
    Create a VM in a new or existing vnet from a generalized VHD

    Deploy to Azure
    This template creates a VM from a generalized VHD and let you connect it to a new or existing VNET that can reside in another Resource Group than the virtual machine
    CentOS/UbuntuServer Auto Dynamic Disks & Docker 1.12(cs)

    Deploy to Azure
    This is a common template for creating single instance CentOS 7.2/7.1/6.5 or Ubuntu Server 16.04.0-LTS with configurable number of data disks (configurable sizes). Maximum 16 disks can be mentioned in the portal parameters and maximum size of each disk should be less than 1023 GB. The MDADM RAID0 Array is automounted and survives restarts. Latest Docker 1.12(cs3) (Swarm), docker-compose 1.9.0 & docker-machine 0.8.2 is available for usage from user azure-cli is auto running as a docker container. This single instance template is an offshoot of the HPC/GPU Clusters Template @ https://aka.ms/azurebigcompute
    Classroom Linux JupyterHub

    Deploy to Azure
    This template deploy a Jupyter Server for a classroom of up to 100 users. You can provide the username, password, virtual machine name and select between CPU or GPU computing.
    Linux VM with Serial Output

    Deploy to Azure
    This template creates a simple Linux VM with minimal parameters and serial/console configured to output to storage
    Deploy a simple Windows VM with monitoring and diagnostics

    Deploy to Azure
    This template allows you to deploy a simple Windows VM along with the diagnostics extension which enables monitoring and diagnostics for the VM
    Linux VM with MSI Accessing Storage

    Deploy to Azure
    This template deploys a linux VM with a system assigned managed identity that has access to a storage account in a different resource group.
    Create a VM from a Windows Image with 4 Empty Data Disks

    Deploy to Azure
    This template allows you to create a Windows Virtual Machine from a specified image. It also attaches 4 empty data disks. Note that you can specify the size of the empty data disks.
    Deploy a VM with multiple IPs

    Deploy to Azure
    This template allows you to deploy a VM with 3 IP configurations. This template will deploy a Linux/Windows VM called myVM1 with 3 IP configurations: IPConfig-1, IPConfig-2 and IPConfig-3, respectively.
    Deploy a Linux VM (Ubuntu) with multiple NICs

    Deploy to Azure
    This template creates a VNet with multiple subnets and deploys a Ubuntu VM with multiple NICs
    Virtual Machine with Conditional Resources

    Deploy to Azure
    This template allows deploying a linux VM using new or existing resources for the Virtual Network, Storage and Public IP Address. It also allows for choosing between SSH and Password authenticate. The templates uses conditions and logic functions to remove the need for nested deployments.
    Create VM from existing VHDs and connect it to existingVNET

    Deploy to Azure
    This template creates a VM from VHDs (OS + data disk) and let you connect it to an existing VNET that can reside in another Resource Group then the virtual machine
    Push a certificate onto a Windows VM

    Deploy to Azure
    Push a certificate onto a Windows VM. Create the Key Vault using the template at https://azure.microsoft.com/documentation/templates/101-create-key-vault
    Secure VM password with Key Vault

    Deploy to Azure
    This template allows you to deploy a simple Windows VM by retrieving the password that is stored in a Key Vault. Therefore the password is never put in plain text in the template parameter file
    Deploy a simple FreeBSD VM in resource group location.

    Deploy to Azure
    This template allows you to deploy a simple FreeBSD VM using a few different options for the FreeBSD version, using the latest patched version. This will deploy in resource group location on a D1 VM Size.
    Deploy a simple Ubuntu Linux VM 18.04-LTS.

    Deploy to Azure
    This template deploy a Ubuntu Server with a few options for the VM. You can provide the VM Name, OS Version, VM size, admin username and password. As default the VM size is Standard_B2s and O.S. Version is 18.04-LTS.
    Deploy a simple Linux VM with Accelerated Networking

    Deploy to Azure
    This template allows you to deploy a simple Linux VM with Accelerated Networking using Ubuntu version 18.04-LTS with the latest patched version. This will deploy a D3_v2 size VM in the resource group location and return the FQDN of the VM.
    Red Hat Enterprise Linux VM (RHEL 7.8)

    Deploy to Azure
    This template will deploy a Red Hat Enterprise Linux VM (RHEL 7.8), using the Pay-As-You-Go RHEL VM image for the selected version on Standard D1 VM in the location of your chosen resource group with an additional 100 GiB data disk attached to the VM. Additional charges apply to this image - consult Azure VM Pricing page for details.
    Red Hat Enterprise Linux VM (RHEL 7.8)

    Deploy to Azure
    This template will deploy a Red Hat Enterprise Linux VM (RHEL 7.8), using the Pay-As-You-Go RHEL VM image for the selected version on Standard A1_v2 VM in the location of your chosen resource group with an additional 100 GiB data disk attached to the VM. Additional charges apply to this image - consult Azure VM Pricing page for details.
    SUSE Linux Enterprise Server VM (SLES 12)

    Deploy to Azure
    This template will allow you to deploy a SUSE Linux Enterprise Server VM (SLES 12), using the Pay-As-You-Go SLES VM image for the selected version on Standard D1 VM in the location of your chosen resource group with an additional 100 GiB data disk attached to the VM. Additional charges apply to this image - consult Azure VM Pricing page for details.
    Deploy a simple Windows VM

    Deploy to Azure
    This template allows you to deploy a simple Windows VM using a few different options for the Windows version, using the latest patched version. This will deploy an A2 size VM in the resource group location and return the FQDN of the VM.
    Deploy a Windows Server VM with Visual Studio.

    Deploy to Azure
    This template deploys a Windows Server VM with Visual Code Studio Community 2019, with a few options for the VM. You can provide the name of VM, the admin username and admin password.
    Deploy a VM into an Availability Zone

    Deploy to Azure
    This template allows you to deploy a simple VM (Windows or Ubuntu), using the latest patched version. This will deploy a A2_v2 size VM in the location specified and return the FQDN of the VM.
    Create a VM in a new or existing vnet from a custom VHD

    Deploy to Azure
    This template creates a VM from a specialized VHD and let you connect it to a new or existing VNET that can reside in another Resource Group than the virtual machine
    SQL Server 2014 SP2 Enterprise with Auto Backup

    Deploy to Azure
    This template will create a SQL Server 2014 SP2 Enterprise edition with Auto Backup feature enabled
    SQL Server 2014 SP1 Enterprise with Auto Patching

    Deploy to Azure
    This template will create a SQL Server 2014 SP1 Enterprise edition with Auto Patching feature enabled.
    Deploy a Virtual Machine with SSH rsa public key

    Deploy to Azure
    This template allows you to create a Virtual Machine with SSH rsa public key
    Deploy a simple Windows VM with tags

    Deploy to Azure
    This template allows you to deploy a simple Windows VM with tags using a few different options for the Windows version, using the latest patched version. This will deploy in West US on a D1 VM Size. This will include tags on the Virtual Machine, Storage Account, Public IP, and the Virtual Network.
    Deploy a trusted launch capable Linux virtual machine

    Deploy to Azure
    This template allows you to deploy a trusted launch capable Linux virtual machine using a few different options for the Linux version, using the latest patched version. By default, this will deploy an Standard_D2_v3 size virtual machine in the resource group location and return the FQDN of the virtual machine.
    Deploy a trusted launch capable Windows virtual machine

    Deploy to Azure
    This template allows you to deploy a trusted launch capable Windows virtual machine using a few different options for the Windows version, using the latest patched version. By default, this will deploy an Standard_D2_v3 size virtual machine in the resource group location and return the FQDN of the virtual machine.
    Add multiple VMs into a Virtual Machine Scale Set

    Deploy to Azure
    This template will create N number of VM's with managed disks, public IPs and network interfaces. It will create the VMs in a Virtual Machine Scale Set in Flexible Orchestration mode. They will be provisioned in a Virtual Network which will also be created as part of the deployment
    Deploy a Windows VM with a variable number of data disks

    Deploy to Azure
    This template allows you to deploy a simple VM and specify the number of data disks at deploy time using a parameter. Note that the number and size of data disks is bound by the VM size. The VM size for this sample is Standard_DS4_v2 with a default of 16 data disks.
    Virtual machine with an RDP port

    Deploy to Azure
    Creates a virtual machine and creates a NAT rule for RDP to the VM in load balancer
    Create a VM with multiple empty StandardSSD_LRS Data Disks

    Deploy to Azure
    This template allows you to create a Windows Virtual Machine from a specified image. It also attaches multiple empty StandardSSD data disks by default. Note that you can specify the size and the Storage type (Standard_LRS, StandardSSD_LRS and Premium_LRS) of the empty data disks.
    Deploy a VM Scale Set with Linux VMs behind ILB

    Deploy to Azure
    This template allows you to deploy a VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 15.10 or 14.04.4-LTS. These VMs are behind an internal load balancer with NAT rules for ssh connections.