Public/Deploy/IaaS/vm/New-CmAzIaasVm.json
|
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "VirtualMachines": { "type": "Array" }, "KeyVault": { "type": "SecureObject" }, "Credentials": { "type": "SecureObject" }, "WorkspaceId": { "type": "String" }, "AutomationAccount": { "type": "Object" }, "ProximityPlacementGroups": { "type": "array" }, "AvailabilitySets": { "type": "array" } }, "resources": [ { "condition": "[not(equals(parameters('ProximityPlacementGroups')[copyIndex('ProximityPlacementGroupsCopy')].generatedName, 'none'))]", "name": "[parameters('ProximityPlacementGroups')[copyIndex('ProximityPlacementGroupsCopy')].templateName]", "type": "Microsoft.Resources/Deployments", "resourceGroup": "[parameters('ProximityPlacementGroups')[copyIndex('ProximityPlacementGroupsCopy')].resourceGroupName]", "apiVersion": "2019-10-01", "copy": { "name": "ProximityPlacementGroupsCopy", "count": "[length(parameters('ProximityPlacementGroups'))]" }, "properties": { "mode": "Incremental", "expressionEvaluationOptions": { "scope": "inner" }, "parameters": { "ProximityPlacementGroup": { "value": "[parameters('ProximityPlacementGroups')[copyIndex('ProximityPlacementGroupsCopy')]]" } }, "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "ProximityPlacementGroup": { "type": "Object" } }, "resources": [ { "apiVersion": "2019-03-01", "type": "Microsoft.Compute/proximityPlacementGroups", "name": "[parameters('ProximityPlacementGroup').generatedName]", "location": "[parameters('ProximityPlacementGroup').location]", "tags": { "cm-service": "[parameters('ProximityPlacementGroup').service.publish.proximityPlacementGroup]" }, "properties": {} } ] } } }, { "condition": "[not(equals(parameters('AvailabilitySets')[copyIndex('AvailabilitySetsCopy')].generatedName, 'none'))]", "name": "[parameters('AvailabilitySets')[copyIndex('AvailabilitySetsCopy')].templateName]", "type": "Microsoft.Resources/Deployments", "resourceGroup": "[parameters('AvailabilitySets')[copyIndex('AvailabilitySetsCopy')].resourceGroupName]", "apiVersion": "2019-10-01", "copy": { "name": "AvailabilitySetsCopy", "count": "[Length(parameters('AvailabilitySets'))]" }, "dependsOn": [ "ProximityPlacementGroupsCopy" ], "properties": { "mode": "Incremental", "expressionEvaluationOptions": { "scope": "inner" }, "parameters": { "AvailabilitySet": { "value": "[parameters('AvailabilitySets')[copyIndex('AvailabilitySetsCopy')]]" } }, "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "AvailabilitySet": { "type": "Object" } }, "resources": [ { "type": "Microsoft.Compute/availabilitySets", "name": "[parameters('AvailabilitySet').generatedName]", "apiVersion": "2020-06-01", "location": "[parameters('AvailabilitySet').location]", "tags": { "cm-service": "[parameters('AvailabilitySet').service.publish.availabilitySet]" }, "properties": { "platformFaultDomainCount": "[parameters('AvailabilitySet').platformFaultDomainCount]", "platformUpdateDomainCount": "[parameters('AvailabilitySet').platformUpdateDomainCount]", "proximityPlacementGroup": "[if(not(empty(parameters('AvailabilitySet').proximityPlacementGroup)), json(concat('{\"id\": \"', resourceId('Microsoft.Compute/proximityPlacementGroups', parameters('AvailabilitySet').proximityPlacementGroup), '\"}')), json('null'))]" }, "sku": "[parameters('AvailabilitySet').sku]" } ] } } }, { "name": "[parameters('VirtualMachines')[copyIndex('VirtualMachinesCopy')].templateName]", "type": "Microsoft.Resources/Deployments", "resourceGroup": "[parameters('VirtualMachines')[copyIndex('VirtualMachinesCopy')].resourceGroupName]", "apiVersion": "2019-10-01", "copy": { "name": "VirtualMachinesCopy", "count": "[Length(parameters('VirtualMachines'))]" }, "dependsOn": [ "AvailabilitySetsCopy" ], "properties": { "mode": "Incremental", "expressionEvaluationOptions": { "scope": "inner" }, "parameters": { "VM": { "value": "[parameters('VirtualMachines')[copyIndex('VirtualMachinesCopy')]]" }, "KeyVault": { "value": "[parameters('KeyVault')]" }, "Credentials": { "value": "[parameters('Credentials')]" }, "WorkspaceId": { "value": "[parameters('WorkspaceId')]" }, "AutomationAccount": { "value": "[parameters('AutomationAccount')]" } }, "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "VM": { "type": "Object" }, "KeyVault": { "type": "SecureObject" }, "Credentials": { "type": "SecureObject" }, "WorkspaceId": { "type": "String" }, "AutomationAccount": { "type": "Object" } }, "variables": { "privateIPAllocationMethod": "[if(empty(parameters('VM').networking.ipAddress), 'Dynamic', 'Static')]", "subnetId": "[concat(parameters('VM').networking.virtualNetworkId, '/subnets/', parameters('VM').networking.subnetName)]", "nicId": "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Network/networkInterfaces', parameters('VM').nicName)]", "initDataDisks": "InitDataDisks", "initDataDisksExtensionResourceId": "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('initDataDisks'))]", "isWindows": "[equals(toLower(parameters('VM').osDisk.osType), 'windows')]", "antimalwareExtensionName": "Antimalware", "windowsDeploymentDetails": { "monitoringAgentExtentionType": "MicrosoftMonitoringAgent", "monitoringAgentExtensionTypeHandlerVersion": "1.0", "monitoringAgentExtensionName": "MicrosoftMonitoringAgent", "dependencyAgentExtensionType": "DependencyAgentWindows", "diskEncryptionExtensionType": "AzureDiskEncryption", "diskEncryptionExtensionTypeHandler": "2.2", "dscExtensionName": "Microsoft.Powershell.DSC", "dscExtensionPublisher": "Microsoft.Powershell", "dscExtensionType": "DSC", "dscExtensionTypeHandler": "2.77", "customScriptExtentionPublisher": "Microsoft.Compute", "customScriptExtentionType": "CustomScriptExtension", "customScriptExtentionTypeHandlerVersion": "1.7", "osProfile": { "computerName": "[parameters('VM').computerName]", "adminUsername": "[parameters('Credentials')['LocalAdminUsername']]", "adminPassword": "[parameters('Credentials')['LocalAdminPassword']]", "windowsConfiguration": { "provisionVMAgent": true, "enableAutomaticUpdates": true, "timeZone": "[parameters('VM').timeZone]" }, "allowExtensionOperations": true }, "dscSettings": { "ModulesUrl": "", "SasToken": "", "ConfigurationFunction": "", "Properties": [ { "Name": "RegistrationKey", "Value": { "UserName": "empty", "Password": "PrivateSettingsRef:registrationKeyPrivate" }, "TypeName": "System.Management.Automation.PSCredential" }, { "Name": "RegistrationUrl", "Value": "[parameters('AutomationAccount').registrationUrl]", "TypeName": "System.String" }, { "Name": "NodeConfigurationName", "Value": "[parameters('AutomationAccount').nodeConfigurationName]", "TypeName": "System.String" } ] }, "dscProtectedSettings": { "Items": { "registrationKeyPrivate": "[parameters('AutomationAccount').primaryKey]" } }, "driveMountCommand": "powershell.exe -ExecutionPolicy Bypass -NoLogo -Command \"Get-Disk | Where-Object PartitionStyle -eq 'RAW' | Initialize-Disk -PartitionStyle MBR -PassThru | New-Partition -AssignDriveLetter -UseMaximumSize | Format-Volume -FileSystem NTFS -Confirm:$false\"" }, "linuxDeploymentDetails": { "monitoringAgentExtentionType": "OmsAgentForLinux", "monitoringAgentExtensionTypeHandlerVersion": "1.4", "monitoringAgentExtensionName": "OMSExtension", "dependencyAgentExtensionType": "DependencyAgentLinux", "diskEncryptionExtensionType": "AzureDiskEncryptionForLinux", "diskEncryptionExtensionTypeHandler": "1.1", "dscExtensionName": "enabledsc", "dscExtensionPublisher": "Microsoft.OSTCExtensions", "dscExtensionType": "DSCForLinux", "dscExtensionTypeHandler": "2.0", "customScriptExtentionPublisher": "Microsoft.Azure.Extensions", "customScriptExtentionType": "CustomScript", "customScriptExtentionTypeHandlerVersion": "2.1", "osProfile": { "computerName": "[parameters('VM').computerName]", "adminUsername": "[parameters('Credentials')['LocalAdminUsername']]", "adminPassword": "[parameters('Credentials')['LocalAdminPassword']]", "linuxConfiguration": { "provisionVMAgent": true }, "allowExtensionOperations": true }, "dscSettings": { "ExtensionAction": "Register", "NodeConfigurationName": "[parameters('AutomationAccount').nodeConfigurationName]" }, "dscProtectedSettings": { "RegistrationUrl": "[parameters('AutomationAccount').registrationUrl]", "RegistrationKey": "[parameters('AutomationAccount').primaryKey]" }, "driveMountCommand": "UUID0='$(blkid -s UUID -o value /dev/disk/azure/scsi1/lun0)' mkdir /data0 echo 'UUID=$UUID0 /data0 ext4 defaults,nofail 0 0' >>/etc/fstab mount -a" }, "deploymentDetails": "[if(variables('isWindows'), variables('windowsDeploymentDetails'), variables('linuxDeploymentDetails'))]" }, "resources": [ { "type": "Microsoft.Network/networkInterfaces", "apiVersion": "2019-12-01", "name": "[parameters('VM').nicName]", "location": "[parameters('VM').location]", "tags": { "cm-service": "[parameters('VM').service.publish.nic]" }, "properties": { "ipConfigurations": [ { "name": "[concat(parameters('VM').fullName,'_IP-Config')]", "properties": { "privateIPAddress": "[parameters('VM').networking.ipAddress]", "privateIPAllocationMethod": "[variables('privateIPAllocationMethod')]", "subnet": { "id": "[variables('subnetId')]" } } } ] } }, { "type": "Microsoft.Compute/virtualMachines", "apiVersion": "2019-12-01", "name": "[parameters('VM').fullName]", "location": "[parameters('VM').location]", "tags": { "cm-update": "[parameters('VM').updateTag]", "cm-service": "[parameters('VM').service.publish.vm]" }, "dependsOn": [ "[parameters('VM').nicName]" ], "zones": "[if(equals(parameters('VM').zone, 'none'), json('null'), array(parameters('VM').zone))]", "plan": "[if(empty(parameters('VM').plan), json('null'), parameters('VM').plan)]", "properties": { "hardwareProfile": { "VMSize": "[parameters('VM').size]" }, "availabilitySet": "[if(not(empty(parameters('VM').availabilitySet)), json(concat('{\"id\": \"', resourceId('Microsoft.Compute/availabilitySets', parameters('VM').availabilitySet), '\"}')), json('null'))]", "storageProfile": { "imageReference": { "publisher": "[parameters('VM').imageReference.publisher]", "version": "[parameters('VM').imageReference.version]", "offer": "[parameters('VM').imageReference.offer]", "sku": "[parameters('VM').imageReference.sku]" }, "osDisk": { "osType": "[parameters('VM').osDisk.osType]", "name": "[parameters('VM').osDisk.name]", "createOption": "FromImage", "diskSizeGB": "[parameters('VM').osDisk.expandableDiskSizeGB]", "caching": "[parameters('VM').osDisk.caching]" }, "dataDisks": "[parameters('VM').dataDisks]" }, "osProfile": "[variables('deploymentDetails').osProfile]", "networkProfile": { "networkInterfaces": [ { "id": "[variables('nicId')]" } ] } } }, { "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2019-12-01", "name": "[concat(parameters('VM').fullName, '/', variables('initDataDisks'))]", "location": "[parameters('VM').location]", "dependsOn": [ "[parameters('VM').fullName]" ], "properties": { "publisher": "[variables('deploymentDetails').customScriptExtentionPublisher]", "type": "[variables('deploymentDetails').customScriptExtentionType]", "typeHandlerVersion": "[variables('deploymentDetails').customScriptExtentionTypeHandlerVersion]", "autoUpgradeMinorVersion": true, "settings": { "commandToExecute": "[variables('deploymentDetails').driveMountCommand]" } } }, { "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2017-12-01", "name": "[concat(parameters('VM').fullName, '/', variables('deploymentDetails').dependencyAgentExtensionType)]", "location": "[parameters('VM').location]", "dependsOn": [ "[variables('initDataDisksExtensionResourceId')]" ], "properties": { "publisher": "Microsoft.Azure.Monitoring.DependencyAgent", "type": "[variables('deploymentDetails').dependencyAgentExtensionType]", "typeHandlerVersion": "9.5", "autoUpgradeMinorVersion": true } }, { "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2017-12-01", "name": "[concat(parameters('VM').fullName, '/', variables('deploymentDetails').monitoringAgentExtensionName)]", "location": "[parameters('VM').location]", "dependsOn": [ "[variables('initDataDisksExtensionResourceId')]" ], "properties": { "publisher": "Microsoft.EnterpriseCloud.Monitoring", "type": "[variables('deploymentDetails').monitoringAgentExtentionType]", "typeHandlerVersion": "[variables('deploymentDetails').monitoringAgentExtensionTypeHandlerVersion]", "autoUpgradeMinorVersion": true, "settings": { "workspaceId": "[reference(parameters('WorkspaceId'), '2015-03-20').customerId]", "stopOnMultipleConnections": true }, "protectedSettings": { "workspaceKey": "[listKeys(parameters('WorkspaceId'), '2015-03-20').primarySharedKey]" } } }, { "condition": "[and(variables('isWindows'), not(empty(parameters('AutomationAccount').nodeConfigurationName)))]", "type": "Microsoft.Compute/virtualMachines/extensions", "name": "[concat(parameters('VM').fullName, '/', variables('deploymentDetails').dscExtensionName)]", "apiVersion": "2018-06-01", "location": "[parameters('VM').location]", "dependsOn": [ "[variables('initDataDisksExtensionResourceId')]" ], "properties": { "publisher": "[variables('deploymentDetails').dscExtensionPublisher]", "type": "[variables('deploymentDetails').dscExtensionType]", "typeHandlerVersion": "[variables('deploymentDetails').dscExtensionTypeHandler]", "autoUpgradeMinorVersion": true, "protectedSettings": "[variables('deploymentDetails').dscProtectedSettings]", "settings": "[variables('deploymentDetails').dscSettings]" } }, { "condition": "[and(parameters('VM').antimalware.enable, variables('isWindows'))]", "type": "Microsoft.Compute/virtualMachines/extensions", "name": "[concat(parameters('VM').fullName,'/', variables('antimalwareExtensionName'))]", "apiVersion": "2015-06-15", "location": "[parameters('VM').location]", "dependsOn": [ "[parameters('VM').fullName]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').dependencyAgentExtensionType)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').monitoringAgentExtensionName)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').dscExtensionName)]" ], "properties": { "publisher": "Microsoft.Azure.Security", "type": "IaaSAntimalware", "typeHandlerVersion": "1.3", "autoUpgradeMinorVersion": true, "settings": { "AntimalwareEnabled": true, "Exclusions": { "Paths": "[parameters('VM').antimalware.exclusions.paths]", "Extensions": "[parameters('VM').antimalware.exclusions.extensions]", "Processes": "[parameters('VM').antimalware.exclusions.processes]" }, "RealtimeProtectionEnabled": "[parameters('VM').antimalware.realtimeProtectionEnabled]", "ScheduledScanSettings": "[parameters('VM').antimalware.schedule]" }, "protectedSettings": null } }, { "condition": "[parameters('VM').vulnerabilityScan]", "type": "Microsoft.Compute/virtualMachines/providers/serverVulnerabilityAssessments", "apiVersion": "2020-01-01", "dependsOn": [ "[parameters('VM').fullName]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').dependencyAgentExtensionType)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').monitoringAgentExtensionName)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').dscExtensionName)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('antimalwareExtensionName'))]" ], "name": "[concat(parameters('VM').fullName, '/Microsoft.Security/default')]" }, { "type": "Microsoft.Compute/virtualMachines/extensions", "name": "[concat(parameters('VM').fullName, '/DiskEncryption')]", "apiVersion": "2019-03-01", "location": "[parameters('VM').location]", "dependsOn": [ "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').dependencyAgentExtensionType)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').monitoringAgentExtensionName)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('deploymentDetails').dscExtensionName)]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/extensions', parameters('VM').fullName, variables('antimalwareExtensionName'))]", "[resourceId(parameters('VM').resourceGroupName, 'Microsoft.Compute/virtualMachines/providers/serverVulnerabilityAssessments', parameters('VM').fullName, 'Microsoft.Security', 'default')]" ], "properties": { "publisher": "Microsoft.Azure.Security", "type": "[variables('deploymentDetails').diskEncryptionExtensionType]", "typeHandlerVersion": "[variables('deploymentDetails').diskEncryptionExtensionTypeHandler]", "autoUpgradeMinorVersion": true, "settings": { "EncryptionOperation": "EnableEncryption", "KeyVaultURL": "[parameters('KeyVault').vaultUri]", "KeyEncryptionAlgorithm": "RSA-OAEP", "VolumeType": "All", "KeyEncryptionKeyURL": "[parameters('KeyVault').keyEncryptionKeyUrl]", "KeyVaultResourceId": "[parameters('KeyVault').resourceId]", "KekVaultResourceId": "[parameters('KeyVault').resourceId]" } } }, ] } } } ] } |