Microsoft.Compute/virtualMachines template reference

API Version: 2017-12-01

Template format

To create a Microsoft.Compute/virtualMachines resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Compute/virtualMachines",
  "apiVersion": "2017-12-01",
  "location": "string",
  "tags": {},
  "plan": {
    "name": "string",
    "publisher": "string",
    "product": "string",
    "promotionCode": "string"
  },
  "properties": {
    "hardwareProfile": {
      "vmSize": "string"
    },
    "storageProfile": {
      "imageReference": {
        "id": "string",
        "publisher": "string",
        "offer": "string",
        "sku": "string",
        "version": "string"
      },
      "osDisk": {
        "osType": "string",
        "encryptionSettings": {
          "diskEncryptionKey": {
            "secretUrl": "string",
            "sourceVault": {
              "id": "string"
            }
          },
          "keyEncryptionKey": {
            "keyUrl": "string",
            "sourceVault": {
              "id": "string"
            }
          },
          "enabled": boolean
        },
        "name": "string",
        "vhd": {
          "uri": "string"
        },
        "image": {
          "uri": "string"
        },
        "caching": "string",
        "createOption": "string",
        "diskSizeGB": "integer",
        "managedDisk": {
          "id": "string",
          "storageAccountType": "string"
        }
      },
      "dataDisks": [
        {
          "lun": "integer",
          "name": "string",
          "vhd": {
            "uri": "string"
          },
          "image": {
            "uri": "string"
          },
          "caching": "string",
          "createOption": "string",
          "diskSizeGB": "integer",
          "managedDisk": {
            "id": "string",
            "storageAccountType": "string"
          }
        }
      ]
    },
    "osProfile": {
      "computerName": "string",
      "adminUsername": "string",
      "adminPassword": "string",
      "customData": "string",
      "windowsConfiguration": {
        "provisionVMAgent": boolean,
        "enableAutomaticUpdates": boolean,
        "timeZone": "string",
        "additionalUnattendContent": [
          {
            "passName": "OobeSystem",
            "componentName": "Microsoft-Windows-Shell-Setup",
            "settingName": "string",
            "content": "string"
          }
        ],
        "winRM": {
          "listeners": [
            {
              "protocol": "string",
              "certificateUrl": "string"
            }
          ]
        }
      },
      "linuxConfiguration": {
        "disablePasswordAuthentication": boolean,
        "ssh": {
          "publicKeys": [
            {
              "path": "string",
              "keyData": "string"
            }
          ]
        }
      },
      "secrets": [
        {
          "sourceVault": {
            "id": "string"
          },
          "vaultCertificates": [
            {
              "certificateUrl": "string",
              "certificateStore": "string"
            }
          ]
        }
      ]
    },
    "networkProfile": {
      "networkInterfaces": [
        {
          "id": "string",
          "properties": {
            "primary": boolean
          }
        }
      ]
    },
    "diagnosticsProfile": {
      "bootDiagnostics": {
        "enabled": boolean,
        "storageUri": "string"
      }
    },
    "availabilitySet": {
      "id": "string"
    },
    "licenseType": "string"
  },
  "identity": {
    "type": "string",
    "identityIds": [
      "string"
    ]
  },
  "zones": [
    "string"
  ],
  "resources": []
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Compute/virtualMachines object

Name Type Required Value
name string Yes
type enum Yes Microsoft.Compute/virtualMachines
apiVersion enum Yes 2017-12-01
location string Yes Resource location
tags object No Resource tags
plan object No Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. In the Azure portal, find the marketplace image that you want to use and then click Want to deploy programmatically, Get Started ->. Enter any required information and then click Save. - Plan object
properties object Yes VirtualMachineProperties object
identity object No The identity of the virtual machine, if configured. - VirtualMachineIdentity object
zones array No The virtual machine zones. - string
resources array No extensions

Plan object

Name Type Required Value
name string No The plan ID.
publisher string No The publisher ID.
product string No Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.
promotionCode string No The promotion code.

VirtualMachineProperties object

Name Type Required Value
hardwareProfile object No Specifies the hardware settings for the virtual machine. - HardwareProfile object
storageProfile object No Specifies the storage settings for the virtual machine disks. - StorageProfile object
osProfile object No Specifies the operating system settings for the virtual machine. - OSProfile object
networkProfile object No Specifies the network interfaces of the virtual machine. - NetworkProfile object
diagnosticsProfile object No Specifies the boot diagnostic settings state.

Minimum api-version: 2015-06-15. - DiagnosticsProfile object
availabilitySet object No Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see Manage the availability of virtual machines.

For more information on Azure planned maintainance, see Planned maintenance for virtual machines in Azure

Currently, a VM can only be added to availability set at creation time. An existing VM cannot be added to an availability set. - SubResource object
licenseType string No Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system.

Possible values are:

Windows_Client

Windows_Server

If this element is included in a request for an update, the value must match the initial value. This value cannot be updated.

For more information, see Azure Hybrid Use Benefit for Windows Server

Minimum api-version: 2015-06-15

VirtualMachineIdentity object

Name Type Required Value
type enum No The type of identity used for the virtual machine. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. - SystemAssigned, UserAssigned, SystemAssigned, UserAssigned, None
identityIds array No The list of user identities associated with the Virtual Machine. The user identity references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/identities/{identityName}'. - string

HardwareProfile object

Name Type Required Value
vmSize enum No Specifies the size of the virtual machine. For more information about virtual machine sizes, see Sizes for virtual machines.

The available VM sizes depend on region and availability set. For a list of available sizes use these APIs:

List all available virtual machine sizes in an availability set

List all available virtual machine sizes in a region

List all available virtual machine sizes for resizing. - Basic_A0, Basic_A1, Basic_A2, Basic_A3, Basic_A4, Standard_A0, Standard_A1, Standard_A2, Standard_A3, Standard_A4, Standard_A5, Standard_A6, Standard_A7, Standard_A8, Standard_A9, Standard_A10, Standard_A11, Standard_A1_v2, Standard_A2_v2, Standard_A4_v2, Standard_A8_v2, Standard_A2m_v2, Standard_A4m_v2, Standard_A8m_v2, Standard_D1, Standard_D2, Standard_D3, Standard_D4, Standard_D11, Standard_D12, Standard_D13, Standard_D14, Standard_D1_v2, Standard_D2_v2, Standard_D3_v2, Standard_D4_v2, Standard_D5_v2, Standard_D11_v2, Standard_D12_v2, Standard_D13_v2, Standard_D14_v2, Standard_D15_v2, Standard_DS1, Standard_DS2, Standard_DS3, Standard_DS4, Standard_DS11, Standard_DS12, Standard_DS13, Standard_DS14, Standard_DS1_v2, Standard_DS2_v2, Standard_DS3_v2, Standard_DS4_v2, Standard_DS5_v2, Standard_DS11_v2, Standard_DS12_v2, Standard_DS13_v2, Standard_DS14_v2, Standard_DS15_v2, Standard_F1, Standard_F2, Standard_F4, Standard_F8, Standard_F16, Standard_F1s, Standard_F2s, Standard_F4s, Standard_F8s, Standard_F16s, Standard_G1, Standard_G2, Standard_G3, Standard_G4, Standard_G5, Standard_GS1, Standard_GS2, Standard_GS3, Standard_GS4, Standard_GS5, Standard_H8, Standard_H16, Standard_H8m, Standard_H16m, Standard_H16r, Standard_H16mr, Standard_L4s, Standard_L8s, Standard_L16s, Standard_L32s, Standard_NC6, Standard_NC12, Standard_NC24, Standard_NC24r, Standard_NV6, Standard_NV12, Standard_NV24

StorageProfile object

Name Type Required Value
imageReference object No Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations. - ImageReference object
osDisk object No Specifies information about the operating system disk used by the virtual machine.

For more information about disks, see About disks and VHDs for Azure virtual machines. - OSDisk object
dataDisks array No Specifies the parameters that are used to add a data disk to a virtual machine.

For more information about disks, see About disks and VHDs for Azure virtual machines. - DataDisk object

OSProfile object

Name Type Required Value
computerName string No Specifies the host OS name of the virtual machine.

Max-length (Windows): 15 characters

Max-length (Linux): 64 characters.

For naming conventions and restrictions see Azure infrastructure services implementation guidelines.
adminUsername string No Specifies the name of the administrator account.

Windows-only restriction: Cannot end in "."

Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5".

Minimum-length (Linux): 1 character

Max-length (Linux): 64 characters

Max-length (Windows): 20 characters

  • For root access to the Linux VM, see Using root privileges on Linux virtual machines in Azure
  • For a list of built-in system users on Linux that should not be used in this field, see Selecting User Names for Linux on Azure
  • adminPassword string No Specifies the password of the administrator account.

    Minimum-length (Windows): 8 characters

    Minimum-length (Linux): 6 characters

    Max-length (Windows): 123 characters

    Max-length (Linux): 72 characters

    Complexity requirements: 3 out of 4 conditions below need to be fulfilled
    Has lower characters
    Has upper characters
    Has a digit
    Has a special character (Regex match [\W_])

    Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"

    For resetting the password, see How to reset the Remote Desktop service or its login password in a Windows VM

    For resetting root password, see Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension
    customData string No Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes.

    For using cloud-init for your VM, see Using cloud-init to customize a Linux VM during creation
    windowsConfiguration object No Specifies Windows operating system settings on the virtual machine. - WindowsConfiguration object
    linuxConfiguration object No Specifies the Linux operating system settings on the virtual machine.

    For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions

    For running non-endorsed distributions, see Information for Non-Endorsed Distributions. - LinuxConfiguration object
    secrets array No Specifies set of certificates that should be installed onto the virtual machine. - VaultSecretGroup object

    NetworkProfile object

    Name Type Required Value
    networkInterfaces array No Specifies the list of resource Ids for the network interfaces associated with the virtual machine. - NetworkInterfaceReference object

    DiagnosticsProfile object

    Name Type Required Value
    bootDiagnostics object No Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status.

    For Linux Virtual Machines, you can easily view the output of your console log.

    For both Windows and Linux virtual machines, Azure also enables you to see a screenshot of the VM from the hypervisor. - BootDiagnostics object

    SubResource object

    Name Type Required Value
    id string No Resource Id

    ImageReference object

    Name Type Required Value
    id string No Resource Id
    publisher string No The image publisher.
    offer string No Specifies the offer of the platform image or marketplace image used to create the virtual machine.
    sku string No The image SKU.
    version string No Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available.

    OSDisk object

    Name Type Required Value
    osType enum No This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD.

    Possible values are:

    Windows

    Linux. - Windows or Linux
    encryptionSettings object No Specifies the encryption settings for the OS Disk.

    Minimum api-version: 2015-06-15 - DiskEncryptionSettings object
    name string No The disk name.
    vhd object No The virtual hard disk. - VirtualHardDisk object
    image object No The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. - VirtualHardDisk object
    caching enum No Specifies the caching requirements.

    Possible values are:

    None

    ReadOnly

    ReadWrite

    Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite
    createOption enum Yes Specifies how the virtual machine should be created.

    Possible values are:

    Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine.

    FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. - FromImage, Empty, Attach
    diskSizeGB integer No Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image.

    This value cannot be larger than 1023 GB
    managedDisk object No The managed disk parameters. - ManagedDiskParameters object

    DataDisk object

    Name Type Required Value
    lun integer Yes Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM.
    name string No The disk name.
    vhd object No The virtual hard disk. - VirtualHardDisk object
    image object No The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist. - VirtualHardDisk object
    caching enum No Specifies the caching requirements.

    Possible values are:

    None

    ReadOnly

    ReadWrite

    Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite
    createOption enum Yes Specifies how the virtual machine should be created.

    Possible values are:

    Attach \u2013 This value is used when you are using a specialized disk to create the virtual machine.

    FromImage \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. - FromImage, Empty, Attach
    diskSizeGB integer No Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image.

    This value cannot be larger than 1023 GB
    managedDisk object No The managed disk parameters. - ManagedDiskParameters object

    WindowsConfiguration object

    Name Type Required Value
    provisionVMAgent boolean No Indicates whether virtual machine agent should be provisioned on the virtual machine.

    When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.
    enableAutomaticUpdates boolean No Indicates whether virtual machine is enabled for automatic updates.
    timeZone string No Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time"
    additionalUnattendContent array No Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object
    winRM object No Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. - WinRMConfiguration object

    LinuxConfiguration object

    Name Type Required Value
    disablePasswordAuthentication boolean No Specifies whether password authentication should be disabled.
    ssh object No Specifies the ssh key configuration for a Linux OS. - SshConfiguration object

    VaultSecretGroup object

    Name Type Required Value
    sourceVault object No The relative URL of the Key Vault containing all of the certificates in VaultCertificates. - SubResource object
    vaultCertificates array No The list of key vault references in SourceVault which contain certificates. - VaultCertificate object

    NetworkInterfaceReference object

    Name Type Required Value
    id string No Resource Id
    properties object No NetworkInterfaceReferenceProperties object

    BootDiagnostics object

    Name Type Required Value
    enabled boolean No Whether boot diagnostics should be enabled on the Virtual Machine.
    storageUri string No Uri of the storage account to use for placing the console output and screenshot.

    DiskEncryptionSettings object

    Name Type Required Value
    diskEncryptionKey object No Specifies the location of the disk encryption key, which is a Key Vault Secret. - KeyVaultSecretReference object
    keyEncryptionKey object No Specifies the location of the key encryption key in Key Vault. - KeyVaultKeyReference object
    enabled boolean No Specifies whether disk encryption should be enabled on the virtual machine.

    VirtualHardDisk object

    Name Type Required Value
    uri string No Specifies the virtual hard disk's uri.

    ManagedDiskParameters object

    Name Type Required Value
    id string No Resource Id
    storageAccountType enum No Specifies the storage account type for the managed disk. Possible values are: Standard_LRS or Premium_LRS. - Standard_LRS or Premium_LRS

    AdditionalUnattendContent object

    Name Type Required Value
    passName enum No The pass name. Currently, the only allowable value is OobeSystem. - OobeSystem
    componentName enum No The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. - Microsoft-Windows-Shell-Setup
    settingName enum No Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. - AutoLogon or FirstLogonCommands
    content string No Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted.

    WinRMConfiguration object

    Name Type Required Value
    listeners array No The list of Windows Remote Management listeners - WinRMListener object

    SshConfiguration object

    Name Type Required Value
    publicKeys array No The list of SSH public keys used to authenticate with linux based VMs. - SshPublicKey object

    VaultCertificate object

    Name Type Required Value
    certificateUrl string No This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

    {
    "data":"",
    "dataType":"pfx",
    "password":""
    }
    certificateStore string No For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account.

    For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name .crt for the X509 certificate file and .prv for private key. Both of these files are .pem formatted.

    NetworkInterfaceReferenceProperties object

    Name Type Required Value
    primary boolean No Specifies the primary network interface in case the virtual machine has more than 1 network interface.

    KeyVaultSecretReference object

    Name Type Required Value
    secretUrl string Yes The URL referencing a secret in a Key Vault.
    sourceVault object Yes The relative URL of the Key Vault containing the secret. - SubResource object

    KeyVaultKeyReference object

    Name Type Required Value
    keyUrl string Yes The URL referencing a key encryption key in Key Vault.
    sourceVault object Yes The relative URL of the Key Vault containing the key. - SubResource object

    WinRMListener object

    Name Type Required Value
    protocol enum No Specifies the protocol of listener.

    Possible values are:
    http

    https. - Http or Https
    certificateUrl string No This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

    {
    "data":"",
    "dataType":"pfx",
    "password":""
    }

    SshPublicKey object

    Name Type Required Value
    path string No Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys
    keyData string No SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format.

    For creating ssh keys, see Create SSH keys on Linux and Mac for Linux VMs in Azure.

    Quickstart templates

    For example templates, see Compute templates.