mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-03 20:01:01 -05:00
d3466da393
Signed-off-by: Malte Poll <mp@edgeless.systems>
205 lines
7.2 KiB
JSON
205 lines
7.2 KiB
JSON
{
|
|
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
|
|
"contentVersion": "1.0.0.0",
|
|
"parameters": {
|
|
"location": {
|
|
"type": "string"
|
|
},
|
|
"networkInterfaceName": {
|
|
"type": "string"
|
|
},
|
|
"networkSecurityGroupName": {
|
|
"type": "string"
|
|
},
|
|
"networkSecurityGroupRules": {
|
|
"type": "array"
|
|
},
|
|
"virtualNetworkId": {
|
|
"type": "string"
|
|
},
|
|
"subnetRef": {
|
|
"type": "string"
|
|
},
|
|
"publicIpAddressName": {
|
|
"type": "string"
|
|
},
|
|
"publicIpAddressType": {
|
|
"type": "string"
|
|
},
|
|
"publicIpAddressSku": {
|
|
"type": "string"
|
|
},
|
|
"pipDeleteOption": {
|
|
"type": "string"
|
|
},
|
|
"virtualMachineName": {
|
|
"type": "string"
|
|
},
|
|
"virtualMachineComputerName": {
|
|
"type": "string"
|
|
},
|
|
"osDiskType": {
|
|
"type": "string"
|
|
},
|
|
"osDiskDeleteOption": {
|
|
"type": "string"
|
|
},
|
|
"virtualMachineSize": {
|
|
"type": "string"
|
|
},
|
|
"nicDeleteOption": {
|
|
"type": "string"
|
|
},
|
|
"adminUsername": {
|
|
"type": "string"
|
|
},
|
|
"adminPublicKey": {
|
|
"type": "secureString"
|
|
},
|
|
"securityType": {
|
|
"type": "string"
|
|
},
|
|
"secureBoot": {
|
|
"type": "bool"
|
|
},
|
|
"vTPM": {
|
|
"type": "bool"
|
|
}
|
|
},
|
|
"variables": {
|
|
"nsgId": "[resourceId(resourceGroup().name, 'Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroupName'))]",
|
|
"vnetId": "[parameters('virtualNetworkId')]",
|
|
"vnetName": "[last(split(variables('vnetId'), '/'))]"
|
|
},
|
|
"resources": [
|
|
{
|
|
"name": "[parameters('networkInterfaceName')]",
|
|
"type": "Microsoft.Network/networkInterfaces",
|
|
"apiVersion": "2021-03-01",
|
|
"location": "[parameters('location')]",
|
|
"dependsOn": [
|
|
"[concat('Microsoft.Network/networkSecurityGroups/', parameters('networkSecurityGroupName'))]",
|
|
"[concat('Microsoft.Network/publicIpAddresses/', parameters('publicIpAddressName'))]"
|
|
],
|
|
"properties": {
|
|
"ipConfigurations": [
|
|
{
|
|
"name": "ipconfig1",
|
|
"properties": {
|
|
"subnet": {
|
|
"id": "[parameters('subnetRef')]"
|
|
},
|
|
"privateIPAllocationMethod": "Dynamic",
|
|
"publicIpAddress": {
|
|
"id": "[resourceId(resourceGroup().name, 'Microsoft.Network/publicIpAddresses', parameters('publicIpAddressName'))]",
|
|
"properties": {
|
|
"deleteOption": "[parameters('pipDeleteOption')]"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"networkSecurityGroup": {
|
|
"id": "[variables('nsgId')]"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name": "[parameters('networkSecurityGroupName')]",
|
|
"type": "Microsoft.Network/networkSecurityGroups",
|
|
"apiVersion": "2019-02-01",
|
|
"location": "[parameters('location')]",
|
|
"properties": {
|
|
"securityRules": "[parameters('networkSecurityGroupRules')]"
|
|
}
|
|
},
|
|
{
|
|
"name": "[parameters('publicIpAddressName')]",
|
|
"type": "Microsoft.Network/publicIpAddresses",
|
|
"apiVersion": "2020-08-01",
|
|
"location": "[parameters('location')]",
|
|
"properties": {
|
|
"publicIpAllocationMethod": "[parameters('publicIpAddressType')]"
|
|
},
|
|
"sku": {
|
|
"name": "[parameters('publicIpAddressSku')]"
|
|
}
|
|
},
|
|
{
|
|
"name": "[parameters('virtualMachineName')]",
|
|
"type": "Microsoft.Compute/virtualMachines",
|
|
"apiVersion": "2022-03-01",
|
|
"location": "[parameters('location')]",
|
|
"dependsOn": [
|
|
"[concat('Microsoft.Network/networkInterfaces/', parameters('networkInterfaceName'))]"
|
|
],
|
|
"properties": {
|
|
"hardwareProfile": {
|
|
"vmSize": "[parameters('virtualMachineSize')]"
|
|
},
|
|
"storageProfile": {
|
|
"osDisk": {
|
|
"createOption": "fromImage",
|
|
"managedDisk": {
|
|
"storageAccountType": "[parameters('osDiskType')]",
|
|
"securityProfile": {
|
|
"securityEncryptionType": "DiskWithVMGuestState"
|
|
}
|
|
},
|
|
"deleteOption": "[parameters('osDiskDeleteOption')]"
|
|
},
|
|
"imageReference": {
|
|
"publisher": "canonical",
|
|
"offer": "0001-com-ubuntu-confidential-vm-focal",
|
|
"sku": "20_04-lts-cvm",
|
|
"version": "latest"
|
|
}
|
|
},
|
|
"networkProfile": {
|
|
"networkInterfaces": [
|
|
{
|
|
"id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaceName'))]",
|
|
"properties": {
|
|
"deleteOption": "[parameters('nicDeleteOption')]"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"osProfile": {
|
|
"computerName": "[parameters('virtualMachineComputerName')]",
|
|
"adminUsername": "[parameters('adminUsername')]",
|
|
"linuxConfiguration": {
|
|
"disablePasswordAuthentication": true,
|
|
"ssh": {
|
|
"publicKeys": [
|
|
{
|
|
"path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]",
|
|
"keyData": "[parameters('adminPublicKey')]"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"securityProfile": {
|
|
"securityType": "[parameters('securityType')]",
|
|
"uefiSettings": {
|
|
"secureBootEnabled": "[parameters('secureBoot')]",
|
|
"vTpmEnabled": "[parameters('vTPM')]"
|
|
}
|
|
},
|
|
"diagnosticsProfile": {
|
|
"bootDiagnostics": {
|
|
"enabled": true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"outputs": {
|
|
"adminUsername": {
|
|
"type": "string",
|
|
"value": "[parameters('adminUsername')]"
|
|
}
|
|
}
|
|
}
|