Creating a Azure VM using Azure Resource Manger API - rest

I am using following azure rest api to create a virtual machine in Azure Resource Manager mode
PUT
https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/Microsoft.Compute/virtualMachines/{vm-name}?validating={true|false}&api-version={api-version}
The virtual machine gets created and it remains in Creating state as i can see the status or new portal of azure
I am able to RDP into the machine.
But after a login it fails.
What could be the reason?
Any thing i am missing?
Note : I am creating a virtual machine using a image.
Request Json :
{
"properties": {
"hardwareProfile": {
"vmSize": "Standard_A0"
},
"storageProfile": {
"osDisk": {
"osType": "Windows",
"name": "goldentemplate-osDisk",
"createOption": "FromImage",
"image": {
"uri": "https://storagename.blob.core.windows.net/system/Microsoft.Compute/Images/mytemplates/goldentemplate-osDisk.vhd"
},
"vhd": {
"uri": "https://storagename.blob.core.windows.net/vmcontainersagar/sagargoden.vhd"
},
"caching": "None"
}
,
"dataDisks": []
},
"osProfile": {
"computerName": "sagarHostVM",
"adminUsername": "itadmin",
"adminPassword": "Micr0s0ft12!#"
},
"networkProfile": {
"networkInterfaces": [
{
"properties": {},
"id": "/subscriptions/subscritpionid/resourceGroups/harigroup/providers/Microsoft.Network/networkInterfaces/sagarhostnic"
}
]
}
},
"name": "sagarHostVM",
"type": "Microsoft.Compute/virtualMachines",
"location": "WestUs",
"tags": {}
}

Related

Enable .NET Core collection in AppService with ARM or PowerShell

I would like to enable the .NET Core collection level with applicationInsight in Azure AppService as shown in below picture. From Azure Portal it works well. Keep in mind that by default value is set to disabled:
Now I would like to automate this using either ARM template or powershell.
I did a export template to see how it looks on ARM but there is no settings related to .NET Core collection
I check documentation on MS website but nothing about ARM template with enabling collection too
In PowerShell same problem
Is there anyone in the community who know how to enable the collection using ARM or PowerShell ?
Thanks a lot !
It's simply setting an app setting called XDT_MicrosoftApplicationInsights_Mode with value recommended (to enable) or default (to disable) as described here. You can do that both in ARM or PowerShell as below.
ARM (check appSettings part):
{
"resources": [
{
"name": "[parameters('name')]",
"type": "Microsoft.Web/sites",
"properties": {
"siteConfig": {
"appSettings": [
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference('microsoft.insights/components/AppMonitoredSite', '2015-05-01').InstrumentationKey]"
},
{
"name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
"value": "[reference('microsoft.insights/components/AppMonitoredSite', '2015-05-01').ConnectionString]"
},
{
"name": "ApplicationInsightsAgent_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "XDT_MicrosoftApplicationInsights_Mode ",
"value": "recommended"
}
]
},
"name": "[parameters('name')]",
"serverFarmId": "[concat('/subscriptions/', parameters('subscriptionId'),'/resourcegroups/', parameters('serverFarmResourceGroup'), '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"hostingEnvironment": "[parameters('hostingEnvironment')]"
},
"dependsOn": [
"[concat('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"microsoft.insights/components/AppMonitoredSite"
],
"apiVersion": "2016-03-01",
"location": "[parameters('location')]"
},
{
"apiVersion": "2016-09-01",
"name": "[parameters('hostingPlanName')]",
"type": "Microsoft.Web/serverfarms",
"location": "[parameters('location')]",
"properties": {
"name": "[parameters('hostingPlanName')]",
"workerSizeId": "[parameters('workerSize')]",
"numberOfWorkers": "1",
"hostingEnvironment": "[parameters('hostingEnvironment')]"
},
"sku": {
"Tier": "[parameters('sku')]",
"Name": "[parameters('skuCode')]"
}
},
{
"apiVersion": "2015-05-01",
"name": "AppMonitoredSite",
"type": "microsoft.insights/components",
"location": "West US 2",
"properties": {
"ApplicationId": "[parameters('name')]",
"Request_Source": "IbizaWebAppExtensionCreate"
}
}
],
"parameters": {
"name": {
"type": "string"
},
"hostingPlanName": {
"type": "string"
},
"hostingEnvironment": {
"type": "string"
},
"location": {
"type": "string"
},
"sku": {
"type": "string"
},
"skuCode": {
"type": "string"
},
"workerSize": {
"type": "string"
},
"serverFarmResourceGroup": {
"type": "string"
},
"subscriptionId": {
"type": "string"
}
},
"$schema": "https://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "1.0.0.0"
}
Powershell:
$app = Get-AzWebApp -ResourceGroupName "AppMonitoredRG" -Name "AppMonitoredSite" -ErrorAction Stop
$newAppSettings = #{} # case-insensitive hash map
$app.SiteConfig.AppSettings | %{$newAppSettings[$_.Name] = $_.Value} # preserve non Application Insights application settings.
$newAppSettings["APPINSIGHTS_INSTRUMENTATIONKEY"] = "012345678-abcd-ef01-2345-6789abcd"; # set the Application Insights instrumentation key
$newAppSettings["APPLICATIONINSIGHTS_CONNECTION_STRING"] = "InstrumentationKey=012345678-abcd-ef01-2345-6789abcd"; # set the Application Insights connection string
$newAppSettings["ApplicationInsightsAgent_EXTENSION_VERSION"] = "~2"; # enable the ApplicationInsightsAgent
$newAppSettings["XDT_MicrosoftApplicationInsights_Mode"] = "recommended"; # set the APM collection to recommended
$app = Set-AzWebApp -AppSettings $newAppSettings -ResourceGroupNamrecommendede $app.ResourceGroup -Name $app.Name -ErrorAction Stop

deploying webapp in azure devops pipeline release w powershell / json templates - error - modal dialog box is not valid

#Using Azure DevOps pipeline release with a powershell script and a json template file and json parameter #file. Note-authenticating to the azure portal requires multi factor authentication (ie.authenticator on my mobile)
#'ERROR- >>>>> <strong>"Showing a modal dialog box or form when the application is not running in #UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly #style to display a notification from a service application."</strong>
#(Note- Bottom of logs immediately below contains this modal error.)'
2020-11-14T20:33:38.7159389Z ##[section]Starting: WebApp_Create01
2020-11-14T20:33:38.7499602Z ==============================================================================
2020-11-14T20:33:38.7499865Z Task : Azure PowerShell
2020-11-14T20:33:38.7499927Z Description : Run a PowerShell script within an Azure environment
2020-11-14T20:33:38.7499981Z Version : 3.1.28
2020-11-14T20:33:38.7500050Z Author : Microsoft Corporation
2020-11-14T20:33:38.7500132Z Help : https://learn.microsoft.com/azure/devops/pipelines/tasks/deploy/azure-powershell
2020-11-14T20:33:38.7500215Z ==============================================================================
2020-11-14T20:33:40.5542183Z ##[command]Import-Module -Name C:\Program Files\WindowsPowerShell\Modules\AzureRM\6.13.1\AzureRM.psd1 -Global
2020-11-14T20:33:54.9421385Z ##[command]Clear-AzureRmContext -Scope Process
2020-11-14T20:33:55.3824175Z ##[command]Disable-AzureRmContextAutosave -ErrorAction Stop
2020-11-14T20:33:56.1766169Z ##[command]Add-AzureRMAccount -ServicePrincipal -Tenant *** -Credential System.Management.Automation.PSCredential -Environment AzXXXXXXXXXXXXXnt #processScope
2020-11-14T20:33:57.8815316Z ##[command] Select-AzureRMSubscription -SubscriptionId c27XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2 -TenantId ***
2020-11-14T20:33:58.5484671Z ##[command]& 'C:\agent\Workfolder_CloudUiPathAgent03\_temp\939d1XXXXXXXXXXXXXXXXXXXXXXXX2127.ps1'
2020-11-14T20:33:58.7424214Z ##[command]Disconnect-AzureRmAccount -Scope Process -ErrorAction Stop
2020-11-14T20:33:59.1018440Z ##[command]Clear-AzureRmContext -Scope Process -ErrorAction Stop
<strong>2020-11-14T20:33:59.7603535Z ##[error]Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application.</strong>
2020-11-14T20:33:59.8133689Z ##[section]Finishing: WebApp_Create01
<br>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
#The immediately below is the ps1 pasted into the section for the "Inline" script. Pipeline was #created as "Azure Powershell":
Connect-AzureRmAccount -Environment AzXXXXXXXXXXXXXnt -TenantId '410XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXf1d' -Force
Select-AzureRmSubscription -Subscription "c271XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX832"
# Tried both Connect-AzureRmAccount and Login-AzureRmAccount without any success?
#Login-AzureRmAccount -Environment AzXXXXXXXXXXXXXt | Out-Null
#Select-AzureRmSubscription -Subscription "c271XXXXXXXXXXXXXXXXXXXXXXXXX832" | Out-Null
<br>
# Deploy App Service Plan, Web App & Deployment Slots
$DeploymentParametersBuildVM = #{
ResourceGroupName = 'DXXXXXXXXXXXXXXXXXXXXXXXXamic'
TemplateUri = 'https://dXXXXXXXXXXXXXXXXX.blob.core.XXXXXcloudapi.net/blob-uXXXXXXXXXXXXXXXXXXXXXXXXX7/webappcreate.json'
TemplateParameterFile = "https://XXXXXXXXXXXXXapi.net/blob-uXXXXXXXXXXXXXXXXXXXXXXXXX7/webappcreate.parameters.json"
Verbose = $true
webAppName = 'uXXXXXXXXXXXXXXXXXXXXXXXXXXX7'
hostingPlanName = 'WebXXXXXXXXXXXXXXXXXXXXXX01'
templateSasToken = 'mtAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXpSTQ=='
subscriptionId = 'c271XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX832'
name = 'uXXXXXXXXXXXXXXXXXXXXX7'
location = 'UXXXXXXXXXXXXXXX'
serverFarmResourceGroup = 'DXXXXXXXXXXXXXXXXXXXXXXXXamic'
Tenantid = '410XXXXXXXXXXXXXXXXXXXXXXXXXXXf1d'
alwaysOn = 'off'
sku = 'Free'
skuCode = 'F1'
workerSize = '0'
workerSizeId = '0'
numberOfWorkers = '1'
currentStack = 'dotnet'
phpVersion = 'OFF'
appInsightValue = 'uXXXXXXXXXXXXXXXXXXXXXXo7Insight'
netFrameworkVersion = 'v4.0'
azureAccountPassword = '12XXXXXXXXXXXXXXXXXditto'
accountid = 'a183XXXXXXXXXXXXXXXXXXXXXXXXXXXXX68fa'
Credential = '12XXXXXXXXXXXXXXXXXditto'
ServicePrincipal = '_MV_XXXXXXXXXXXXXXXXXXXXXXXXXXXX9~1e'
}
# DEPLOY
New-AzureRmResourceGroupDeployment #DeploymentParametersBuildVM
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
#webapp.parameters.json (this is the azure webapp "parameter" json immediately below):
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"subscriptionId": {
"value": "c271XXXXXXXXXXXXXXXXXXXXXXXXXXXXX832"
},
"name": {
"value": "uXXXXXXXXXXXXXXXXXXX7"
},
"location": {
"value": "UXXXXXXXXXXXXXX"
},
"hostingPlanName": {
"value": "WebXXXXXXXXXXXXXXXXXXX01"
},
"serverFarmResourceGroup": {
"value": "DXXXXXXXXXXXXXXXXXXXic"
},
"alwaysOn": {
"value": "true"
},
"sku": {
"value": "Free"
},
"skuCode": {
"value": "F1"
},
"workerSize": {
"value": "0"
},
"workerSizeId": {
"value": "0"
},
"numberOfWorkers": {
"value": "1"
},
"currentStack": {
"value": "dotnet"
},
"phpVersion": {
"value": "OFF"
},
"appInsightValue": {
"value": "uXXXXXXXXXXXXXXXXXX7Insight"
},
"netFrameworkVersion": {
"value": "v4.0"
}
}
}
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
#webappacreate.json (this is the azure webapp "template" json immediately below)
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"subscriptionId": {
"type": "string"
},
"name": {
"type": "string"
},
"location": {
"type": "string"
},
"hostingPlanName": {
"type": "string"
},
"serverFarmResourceGroup": {
"type": "string"
},
"alwaysOn": {
"type": "bool"
},
"sku": {
"type": "string"
},
"skuCode": {
"type": "string"
},
"workerSize": {
"type": "string"
},
"workerSizeId": {
"type": "string"
},
"numberOfWorkers": {
"type": "string"
},
"currentStack": {
"type": "string"
},
"phpVersion": {
"type": "string"
},
"appInsightValue": {
"type": "string"
},
"netFrameworkVersion": {
"type": "string"
}
},
"variables": {
"appInsightName": "[concat('microsoft.insights/components/',parameters('appInsightValue'))]"
},
"resources": [
{
"apiVersion": "2018-11-01",
"name": "[parameters('name')]",
"type": "Microsoft.Web/sites",
"location": "[parameters('location')]",
"tags": {},
"dependsOn": [
"[concat('microsoft.insights/components/',parameters('appInsightValue'))]",
"[concat('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]"
],
"properties": {
"name": "[parameters('name')]",
"siteConfig": {
"appSettings": [
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(variables('appInsightName'), '2015-05-01').InstrumentationKey]"
},
{
"name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
"value": "[reference(variables('appInsightName'), '2015-05-01').ConnectionString]"
},
{
"name": "ApplicationInsightsAgent_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "XDT_MicrosoftApplicationInsights_Mode",
"value": "default"
}
],
"metadata": [
{
"name": "CURRENT_STACK",
"value": "[parameters('currentStack')]"
}
],
"phpVersion": "[parameters('phpVersion')]",
"netFrameworkVersion": "[parameters('netFrameworkVersion')]",
"alwaysOn": "[parameters('alwaysOn')]"
},
"serverFarmId": "[concat('/subscriptions/', parameters('subscriptionId'),'/resourcegroups/', parameters('serverFarmResourceGroup'), '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"clientAffinityEnabled": true
}
},
{
"apiVersion": "2018-11-01",
"name": "[parameters('hostingPlanName')]",
"type": "Microsoft.Web/serverfarms",
"location": "[parameters('location')]",
"kind": "",
"tags": {},
"dependsOn": [],
"properties": {
"name": "[parameters('hostingPlanName')]",
"workerSize": "[parameters('workerSize')]",
"workerSizeId": "[parameters('workerSizeId')]",
"numberOfWorkers": "[parameters('numberOfWorkers')]"
},
"sku": {
"Tier": "[parameters('sku')]",
"Name": "[parameters('skuCode')]"
}
},
{
"apiVersion": "2015-05-01",
"name": "[parameters('appInsightValue')]",
"type": "microsoft.insights/components",
"location": "[parameters('location')]",
"tags": {},
"properties": {
"ApplicationId": "[parameters('name')]",
"Request_Source": "IbizaWebAppExtensionCreate"
}
}
]
}
According to the error message, it seems you need to set the options of MessageBox.Show to either ServiceNotification or DefaultDesktopOnly. You can try the workaround provided in this ticket: adding MessageBoxOptions.ServiceNotification
MessageBox.Show(msg, "Print Error", System.Windows.Forms.MessageBoxButtons.YesNo,
System.Windows.Forms.MessageBoxIcon.Error,
System.Windows.Forms.MessageBoxDefaultButton.Button1,
System.Windows.Forms.MessageBoxOptions.ServiceNotification);
But, MessageBox is for use within windows (as opposed to web) applications. It would attempt to open a message box on the server. Here is a ticket you can refer to.
Found out that no authentication was required for azure devops pipeline hence no login or connect is required. This got rid of the popup (modal error).
Next I checked with the azure devops person and he said to not use powershell in the pipeline.
He recommended "Azure Resource Group Deployment" option for the pipeline release. This does not require any initiation script but just a json template and a json parameter.
Thank You.

Error in running Azure Data Factory Pipeline. Linked Service Reference not found

I am facing the below issue in creating an Azure Machine Learning Batch Execution activity to execute a scoring ML experiment. Please help:
Please let me know if any other relevant information is needed. I am new to this so, please help
Created an AzureML Linked Service as below:
{
"name": "PredictionAzureML",
"properties": {
"typeProperties": {
"mlEndpoint": "https://ussouthcentral.services.azureml.net/workspaces/xxxxx/jobs",
"apiKey": "xxxxxxxx=="
},
"type": "AzureML"
}
}
Created Pipeline as below:
{
"name": "pipeline1",
"properties": {
"description": "use AzureML model",
"activities": [
{
"name": "MLActivity",
"description": "description",
"type": "AzureMLBatchExecution",
"policy": {
"timeout": "02:00:00",
"retry": 1,
"retryIntervalInSeconds": 30
},
"typeProperties": {
"webServiceInput": "PredictionInputDataset",
"webServiceOutputs": {
"output1": "PredictionOutputDataset"
}
},
"inputs": [
{
"name": "PredictionInputDataset"
}
],
"outputs": [
{
"name": "PredictionOutputDataset"
}
],
"linkedServiceName": "PredictionAzureML"
}
]
}
}
Getting the below error:
{
"errorCode": "2109",
"message": "'linkedservicereference' with reference name 'PredictionAzureML' can't be found.",
"failureType": "UserError",
"target": "MLActivity"
}
I got this working in Data Factory v2, so apologies if you are using v1.
Try putting the linkedServiceName as an object in the JSON outside of the typeProperties and use the following structure:
"linkedServiceName": {
"referenceName": "PredictionAzureML",
"type": "LinkedServiceReference"
}
Hope that helps!
Please use "Trigger" instead of "Debug" in the UX. You need publish your pipeline first before click "Trigger" Button.
Please follow this doc to update your payload. It should look like the following.
{
"name": "AzureMLExecutionActivityTemplate",
"description": "description",
"type": "AzureMLBatchExecution",
"linkedServiceName": {
"referenceName": "AzureMLLinkedService",
"type": "LinkedServiceReference"
},
"typeProperties": {
"webServiceInputs": {
"<web service input name 1>": {
"LinkedServiceName":{
"referenceName": "AzureStorageLinkedService1",
"type": "LinkedServiceReference"
},
"FilePath":"path1"
},
"<web service input name 2>": {
"LinkedServiceName":{
"referenceName": "AzureStorageLinkedService1",
"type": "LinkedServiceReference"
},
"FilePath":"path2"
}
},
"webServiceOutputs": {
"<web service output name 1>": {
"LinkedServiceName":{
"referenceName": "AzureStorageLinkedService2",
"type": "LinkedServiceReference"
},
"FilePath":"path3"
},
"<web service output name 2>": {
"LinkedServiceName":{
"referenceName": "AzureStorageLinkedService2",
"type": "LinkedServiceReference"
},
"FilePath":"path4"
}
},
"globalParameters": {
"<Parameter 1 Name>": "<parameter value>",
"<parameter 2 name>": "<parameter 2 value>"
}
}
}

Could I request volume to get encrypted volume through Softlayer API

Currently, I would call 'SoftLayer_Virtual_Guest/getUpgradeItemPrices' to get local or san disk and call 'SoftLayer_Product_Package/id' (which block is based on '222') to get external disks. And I noticed that SoftLayer portal could provision an encrypted file/block volume.
And my question is that how could I request an encrypted disk by Softlayer API through these methods.
Thank you. :)
UPDATE
The encryption will be set automatically once it has completed the provision.
Note that encryption is only available in data centers with an asterisk (so called Upgraded Data centers).You may use the SoftLayer_Network_Storage::getFileBlockEncryptedLocations method to identify which they are.
Try the following REST requests:
For Block storage:
https://[username]:[apiKey]#api.softlayer.com/rest/v3/SoftLayer_Product_Order/verifyOrder
method: POST
{
"parameters":[
{
"complexType": "SoftLayer_Container_Product_Order_Network_Storage_AsAService",
"location": 449494,
"packageId": 759,
"volumeSize": 500,
"prices": [
{
"id": 189433
},
{
"id": 189443
},
{
"id": 193373
},
{
"id": 194633
},
{
"id": 193433
}],
"osFormatType": {
"keyName": "LINUX"
}
}
]
}
For File Storage:
https://[username]:[apiKey]#api.softlayer.com/rest/v3/SoftLayer_Product_Order/verifyOrder
method: POST
{
"parameters":[
{
"complexType": "SoftLayer_Container_Product_Order_Network_Storage_AsAService",
"location": 449600,
"packageId": 759,
"volumeSize": 250,
"prices": [
{
"id": 189433
},
{
"id": 189453
},
{
"id": 192043
},
{
"id": 193013
},
{
"id": 192053
}
],
"osFormatType": {
"keyName": "LINUX"
}
}
]
}
For more information please see below:
https://knowledgelayer.softlayer.com/procedure/migrate-file-storage-encrypted-file-storage
https://knowledgelayer.softlayer.com/faqs/1483#7277

Azure REST API does not return encryption settings for Virtual Machine

I have a 16.04-LTS Ubuntu Virtual Machine in my Azure account and I am trying Azure Disk Encryption for this virtual machine making use of this azure cli sample script. On running the encryption script, the azure portal shows its OS disk is encrypted. There is Enabled under Encryption header.
However, the Azure REST API (api link) for getting information about the virtual machine does not return the encryptionSettings under properties.storageProfile.osDisk. I tried both Model View and Model View and Instance View for the api-version 2017-03-30 as well as 2017-12-01. Here is the partial response from the API:
{
"name": "ubuntu",
"properties": {
"osProfile": {},
"networkProfile": {},
"storageProfile": {
"imageReference": {
"sku": "16.04-LTS",
"publisher": "Canonical",
"version": "latest",
"offer": "UbuntuServer"
},
"osDisk": {
"name": "ubuntu-OsDisk",
"diskSizeGB": 30,
"managedDisk": {
"storageAccountType": "Premium_LRS",
"id": "..."
},
"caching": "ReadWrite",
"createOption": "FromImage",
"osType": "Linux"
},
"dataDisks": []
},
"diagnosticsProfile": {},
"vmId": "",
"hardwareProfile": {
"vmSize": "Standard_B1s"
},
"provisioningState": "Succeeded"
},
"location": "eastus",
"type": "Microsoft.Compute/virtualMachines",
"id": ""
}
But for my other encrypted windows virtual machine, I get the correct response which contains encryptionSettings in properties.storageProfile.osDisk:
{
"name": "win1",
"properties": {
"osProfile": {},
"networkProfile": {},
"storageProfile": {
"imageReference": {
"sku": "2016-Datacenter-smalldisk",
"publisher": "MicrosoftWindowsServer",
"version": "latest",
"offer": "WindowsServer"
},
"osDisk": {
"name": "win1_OsDisk_1",
"diskSizeGB": 31,
"managedDisk": {
"storageAccountType": "Premium_LRS",
"id": "..."
},
"encryptionSettings": {
"diskEncryptionKey": {
"secretUrl": "...",
"sourceVault": {
"id": "..."
}
},
"keyEncryptionKey": {
"keyUrl": "...",
"sourceVault": {
"id": "..."
}
},
"enabled": true
},
"caching": "ReadWrite",
"createOption": "FromImage",
"osType": "Windows"
},
"dataDisks": []
},
"diagnosticsProfile": {},
"vmId": "...",
"hardwareProfile": {
"vmSize": "Standard_B1s"
},
"provisioningState": "Succeeded"
},
"location": "eastus",
"type": "Microsoft.Compute/virtualMachines",
"id": "..."
}
Why is the Virtual Machine Get API not returning the encryptionSettings for some VMs? Any help would be greatly appreciated.
I create VM using following command.
az vm create \
--resource-group shuivm \
--name shuivm \
--image Canonical:UbuntuServer:16.04-LTS:latest \
--admin-username azureuser \
--generate-ssh-keys
When I use the following API, I could get encryption setting.
https://management.azure.com/subscriptions/**********/resourceGroups/shuivm/providers/Microsoft.Compute/virtualMachines/shuivm?api-version=2017-03-30"
Note: When OS is encrypted successful, I could use API to get encryption setting.
This is because there are two types of at-rest disk encryption for Azure VMs and they are not reported in the same part of the Azure Management API:
Server-Side Encryption: that you can see in the encryptionSettings section of the VM/compute API when you get a vm details. It will show whether you are encypting with a customer managed key or a platform managed key
ADE: Azure Disk Encryption is actually a VM extension and so you can find it in the VM Extension API instead.
see: https://learn.microsoft.com/en-us/rest/api/compute/virtualmachineextensions/list