{ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "instanceUid": { "type": "string" }, "customData": { "type": "string" }, "pubKey": { "type": "string" } }, "variables": { "virtualMachineName": "[concat('snp-value-reporter-', parameters('instanceUid'))]", "osDiskName": "[concat(variables('virtualMachineName'), '-osdisk')]", "vnetName": "[concat(variables('virtualMachineName'), '-vnet')]", "nicName": "[concat(variables('virtualMachineName'), '-nic')]", "nsgName": "[concat(variables('virtualMachineName'), '-nsg')]", "subnetName": "[concat(variables('vnetName'), '/subnets/default')]", "nicID": "[concat('/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/snp-value-reporting/providers/Microsoft.Network/networkInterfaces/', variables('nicName'))]", "osDiskId": "[concat('/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/snp-value-reporting/providers/Microsoft.Compute/disks/', variables('osDiskName'))]", "nsgId": "[concat('/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/snp-value-reporting/providers/Microsoft.Network/networkSecurityGroups/', variables('nsgName'))]", "subnetId": "[concat('/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/snp-value-reporting/providers/Microsoft.Network/virtualNetworks/', variables('subnetName'))]", "imageId": "/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/Providers/Microsoft.Compute/Locations/northeurope/Publishers/canonical/ArtifactTypes/VMImage/Offers/0001-com-ubuntu-confidential-vm-focal/Skus/20_04-lts-cvm/Versions/20.04.202208240" }, "resources": [ { "type": "Microsoft.Network/virtualNetworks", "apiVersion": "2020-11-01", "name": "[variables('vnetName')]", "location": "northeurope", "properties": { "addressSpace": { "addressPrefixes": [ "172.20.0.0/16" ] }, "subnets": [ { "name": "default", "properties": { "addressPrefix": "172.20.0.0/24", "delegations": [], "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled" } } ], "virtualNetworkPeerings": [], "enableDdosProtection": false } }, { "type": "Microsoft.Network/virtualNetworks/subnets", "apiVersion": "2020-11-01", "name": "[concat(variables('vnetName'), '/default')]", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" ], "properties": { "addressPrefix": "172.20.0.0/24", "delegations": [], "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled" } }, { "type": "Microsoft.Network/networkSecurityGroups", "apiVersion": "2020-11-01", "name": "[variables('nsgName')]", "location": "northeurope", "properties": { "securityRules": [ { "name": "SSH", "properties": { "protocol": "TCP", "sourcePortRange": "*", "destinationPortRange": "22", "sourceAddressPrefix": "*", "destinationAddressPrefix": "*", "access": "Allow", "priority": 300, "direction": "Inbound", "sourcePortRanges": [], "destinationPortRanges": [], "sourceAddressPrefixes": [], "destinationAddressPrefixes": [] } } ] } }, { "type": "Microsoft.Network/networkSecurityGroups/securityRules", "apiVersion": "2020-11-01", "name": "[concat(variables('nsgName'), '/SSH')]", "dependsOn": [ "[variables('nsgId')]" ], "properties": { "protocol": "TCP", "sourcePortRange": "*", "destinationPortRange": "22", "sourceAddressPrefix": "*", "destinationAddressPrefix": "*", "access": "Allow", "priority": 300, "direction": "Inbound", "sourcePortRanges": [], "destinationPortRanges": [], "sourceAddressPrefixes": [], "destinationAddressPrefixes": [] } }, { "type": "Microsoft.Network/networkInterfaces", "apiVersion": "2020-11-01", "name": "[variables('nicName')]", "dependsOn": [ "[variables('subnetId')]" ], "location": "northeurope", "properties": { "ipConfigurations": [ { "name": "ipconfig1", "properties": { "privateIPAddress": "172.20.0.4", "privateIPAllocationMethod": "Dynamic", "subnet": { "id": "[variables('subnetID')]" }, "primary": true, "privateIPAddressVersion": "IPv4" } } ], "dnsSettings": { "dnsServers": [] }, "enableAcceleratedNetworking": false, "enableIPForwarding": false, "networkSecurityGroup": { "id": "[variables('nsgId')]" } } }, { "type": "Microsoft.Compute/virtualMachines", "apiVersion": "2022-03-01", "name": "[variables('virtualMachineName')]", "dependsOn": [ "[variables('nicID')]" ], "identity": { "type": "UserAssigned", "userAssignedIdentities": { "/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/snp-value-reporting/providers/Microsoft.ManagedIdentity/userAssignedIdentities/TokenAccess": {} } }, "location": "northeurope", "zones": [ "3" ], "properties": { "hardwareProfile": { "vmSize": "Standard_DC2as_v5" }, "storageProfile": { "imageReference": { "publisher": "canonical", "offer": "0001-com-ubuntu-confidential-vm-focal", "sku": "20_04-lts-cvm", "version": "latest" }, "osDisk": { "osType": "Linux", "name": "[variables('osDiskName')]", "createOption": "FromImage", "caching": "ReadWrite", "managedDisk": { "securityProfile": { "securityEncryptionType": "VMGuestStateOnly" }, "storageAccountType": "Premium_LRS" }, "deleteOption": "Delete" }, "dataDisks": [] }, "osProfile": { "computerName": "[variables('virtualMachineName')]", "adminUsername": "azureuser", "linuxConfiguration": { "disablePasswordAuthentication": true, "provisionVMAgent": true, "patchSettings": { "patchMode": "ImageDefault", "assessmentMode": "ImageDefault" }, "ssh": { "publicKeys": [ { "path": "/home/azureuser/.ssh/authorized_keys", "keyData": "[parameters('pubKey')]" } ] } }, "allowExtensionOperations": true, "customData": "[parameters('customData')]" }, "networkProfile": { "networkInterfaces": [ { "id": "[variables('nicID')]", "properties": { "deleteOption": "Delete" } } ] }, "securityProfile": { "uefiSettings": { "secureBootEnabled": true, "vTpmEnabled": true }, "securityType": "ConfidentialVM" } } } ] }