Restore Point Collections - Create Or Update
The operation to create or update the restore point collection. Please refer to https://aka.ms/RestorePoints for more details. When updating a restore point collection, only tags may be modified.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/restorePointCollections/{restorePointCollectionName}?api-version=2025-04-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
restore
|
path | True |
string |
The name of the restore point collection. |
|
subscription
|
path | True |
string minLength: 1 |
The ID of the target subscription. |
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| ___location | True |
string |
The geo-___location where the resource lives |
| properties.instantAccess |
boolean |
This property determines whether instant access snapshot is enabled for restore points created under this restore point collection for Premium SSD v2 or Ultra disk. Instant access snapshot for Premium SSD v2 or Ultra disk is instantaneously available for restoring disk with fast restore performance. |
|
| properties.source |
The properties of the source resource that this restore point collection is created from. |
||
| tags |
object |
Resource tags. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Resource 'RestorePointCollection' update operation succeeded |
|
| 201 Created |
Resource 'RestorePointCollection' create operation succeeded |
|
| Other Status Codes |
An unexpected error response. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
| Create or update a restore point collection for cross region copy. |
| Create or update a restore point collection. |
Create or update a restore point collection for cross region copy.
Sample request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/myRpc?api-version=2025-04-01
{
"___location": "norwayeast",
"properties": {
"source": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/sourceRpcName"
}
},
"tags": {
"myTag1": "tagValue1"
}
}
Sample response
{
"name": "myRpc",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/myRpc",
"type": "Microsoft.Compute/restorePointCollections",
"___location": "norwayeast",
"tags": {
"myTag1": "tagValue1"
},
"properties": {
"source": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM",
"___location": "eastus"
},
"restorePointCollectionId": "638f052b-a7c2-450c-89e7-6a3b8f1d6a7c",
"provisioningState": "Succeeded"
}
}{
"name": "myRpc",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/myRpc",
"type": "Microsoft.Compute/restorePointCollections",
"___location": "norwayeast",
"tags": {
"myTag1": "tagValue1"
},
"properties": {
"source": {
"id": "subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/sourceRpcName",
"___location": "eastus"
},
"restorePointCollectionId": "638f052b-a7c2-450c-89e7-6a3b8f1d6a7c",
"provisioningState": "Succeeded"
}
}Create or update a restore point collection.
Sample request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/myRpc?api-version=2025-04-01
{
"___location": "norwayeast",
"properties": {
"source": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM"
},
"instantAccess": true
},
"tags": {
"myTag1": "tagValue1"
}
}
Sample response
{
"name": "myRpc",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/myRpc",
"type": "Microsoft.Compute/restorePointCollections",
"___location": "norwayeast",
"tags": {
"myTag1": "tagValue1"
},
"properties": {
"source": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM",
"___location": "eastus"
},
"instantAccess": true,
"restorePointCollectionId": "638f052b-a7c2-450c-89e7-6a3b8f1d6a7c",
"provisioningState": "Succeeded"
}
}{
"name": "myRpc",
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/restorePointCollections/myRpc",
"type": "Microsoft.Compute/restorePointCollections",
"___location": "norwayeast",
"tags": {
"myTag1": "tagValue1"
},
"properties": {
"source": {
"id": "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM",
"___location": "eastus"
},
"instantAccess": true,
"restorePointCollectionId": "638f052b-a7c2-450c-89e7-6a3b8f1d6a7c",
"provisioningState": "Succeeded"
}
}Definitions
| Name | Description |
|---|---|
|
Additional |
Specifies additional XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. Contents are defined by setting name, component name, and the pass in which the content is applied. |
|
Api |
The API entity reference. |
|
Api |
Api error. |
|
Api |
Api error base. |
|
Boot |
Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor. |
|
Caching |
Specifies the caching requirements. Possible values are: None, ReadOnly, ReadWrite. The default values are: None for Standard storage. ReadOnly for Premium storage |
|
Cloud |
An error response from the Compute service. |
|
Component |
|
|
Consistency |
ConsistencyMode of the RestorePoint. Can be specified in the input while creating a restore point. For now, only CrashConsistent is accepted as a valid input. Please refer to https://aka.ms/RestorePoints for more details. |
|
created |
The type of identity that created the resource. |
|
Diagnostics |
Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15. |
|
Disk |
Specifies the disk controller type configured for the VM and VirtualMachineScaleSet. This property is only supported for virtual machines whose operating system disk and VM sku supports Generation 2 (https://docs.microsoft.com/en-us/azure/virtual-machines/generation-2), please check the HyperVGenerations capability returned as part of VM sku capabilities in the response of Microsoft.Compute SKUs api for the region contains V2 (https://docs.microsoft.com/rest/api/compute/resourceskus/list). For more information about Disk Controller Types supported please refer to https://aka.ms/azure-diskcontrollertypes. |
|
Disk |
Describes the parameter of customer managed disk encryption set resource id that can be specified for disk. Note: The disk encryption set resource id can only be specified for managed disk. Please refer https://aka.ms/mdssewithcmkoverview for more details. |
|
Disk |
Describes a Encryption Settings for a Disk |
|
Disk |
Disk Restore Point details. |
|
Disk |
The instance view of a disk restore point. |
|
Disk |
The instance view of a disk restore point. |
|
Encryption |
Specifies the Managed Identity used by ADE to get access token for keyvault operations. |
|
Hardware |
Specifies the hardware settings for the virtual machine. |
|
Host |
Specifies particular host endpoint settings. |
|
Hyper |
Specifies the HyperVGeneration Type |
|
Inner |
Inner error details. |
|
Instance |
Instance view status. |
|
Key |
Describes a reference to Key Vault Key |
|
Key |
Describes a reference to Key Vault Secret |
|
Linux |
Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions. |
|
Linux |
Specifies the mode of VM Guest Patch Assessment for the IaaS virtual machine. |
|
Linux |
Specifies settings related to VM Guest Patching on Linux. |
|
Linux |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
|
Linux |
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Linux patch settings. |
|
Linux |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
|
Managed |
The parameters of a managed disk. |
| Mode |
Specifies the mode that ProxyAgent will execute on if the feature is enabled. ProxyAgent will start to audit or monitor but not enforce access control over requests to host endpoints in Audit mode, while in Enforce mode it will enforce access control. The default value is Enforce mode. |
| Modes |
Specifies the execution mode. In Audit mode, the system acts as if it is enforcing the access control policy, including emitting access denial entries in the logs but it does not actually deny any requests to host endpoints. In Enforce mode, the system will enforce the access control and it is the recommended mode of operation. |
|
Operating |
Gets the Operating System type. |
| OSProfile |
Specifies the operating system settings for the virtual machine. Some of the settings cannot be changed once VM is provisioned. |
|
Pass |
|
|
Patch |
Specifies settings related to VM Guest Patching on Windows. |
|
Protocol |
Specifies the protocol of WinRM listener. Possible values are: http, https. |
|
Proxy |
Specifies ProxyAgent settings for the virtual machine or virtual machine scale set. Minimum api-version: 2023-09-01. |
|
Restore |
Restore Point details. |
|
Restore |
Create or update Restore Point collection parameters. |
|
Restore |
The properties of the source resource that this restore point collection is created from. |
|
Restore |
Encryption at rest settings for disk restore point. It is an optional property that can be specified in the input while creating a restore point. |
|
Restore |
The type of key used to encrypt the data of the disk restore point. |
|
Restore |
The instance view of a restore point. |
|
Restore |
Describes the properties of the Virtual Machine for which the restore point was created. The properties provided are a subset and the snapshot of the overall Virtual Machine properties captured at the time of the restore point creation. |
|
Restore |
Describes a data disk. |
|
Restore |
Describes an Operating System disk. |
|
Restore |
Describes the storage profile. |
|
Security |
Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob.. Note: It can be set for only Confidential VMs. |
|
Security |
Specifies the Security profile settings for the virtual machine or virtual machine scale set. |
|
Security |
Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. |
|
Setting |
Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. |
|
Snapshot |
The state of snapshot which determines the access availability of the snapshot. |
|
Ssh |
SSH configuration for Linux based VMs running on Azure |
|
Ssh |
Contains information about SSH certificate public key and the path on the Linux VM where the public key is placed. |
|
Status |
The level code. |
|
Storage |
Specifies the storage account type for the managed disk. Managed OS disk storage account type can only be set when you create the scale set. NOTE: UltraSSD_LRS can only be used with data disks. It cannot be used with OS Disk. Standard_LRS uses Standard HDD. StandardSSD_LRS uses Standard SSD. Premium_LRS uses Premium SSD. UltraSSD_LRS uses Ultra disk. Premium_ZRS uses Premium SSD zone redundant storage. StandardSSD_ZRS uses Standard SSD zone redundant storage. For more information regarding disks supported for Windows Virtual Machines, refer to https://docs.microsoft.com/azure/virtual-machines/windows/disks-types and, for Linux Virtual Machines, refer to https://docs.microsoft.com/azure/virtual-machines/linux/disks-types |
|
Sub |
|
|
system |
Metadata pertaining to creation and last modification of the resource. |
|
Uefi |
Specifies the security settings like secure boot and vTPM used while creating the virtual machine. Minimum api-version: 2020-12-01. |
|
Vault |
Describes a single certificate reference in a Key Vault, and where the certificate should reside on the VM. |
|
Vault |
Describes a set of certificates which are all in the same Key Vault. |
|
Virtual |
Specifies the size of the virtual machine. The enum data type is currently deprecated and will be removed by December 23rd 2023. The recommended way to get the list of available sizes is using these APIs: List all available virtual machine sizes in an availability set, List all available virtual machine sizes in a region, List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set. |
|
VMDisk |
Specifies the security profile settings for the managed disk. Note: It can only be set for Confidential VMs. |
|
VMSize |
Specifies VM Size Property settings on the virtual machine. |
|
Windows |
Specifies Windows operating system settings on the virtual machine. |
|
Windows |
Specifies the mode of VM Guest patch assessment for the IaaS virtual machine. |
|
Windows |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
|
Windows |
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Windows patch settings. |
|
Windows |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
|
Win |
Describes Windows Remote Management configuration of the VM |
|
Win |
Describes Protocol and thumbprint of Windows Remote Management listener |
AdditionalUnattendContent
Specifies additional XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. Contents are defined by setting name, component name, and the pass in which the content is applied.
| Name | Type | Description |
|---|---|---|
| componentName |
The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. |
|
| content |
string |
Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted. |
| passName |
The pass name. Currently, the only allowable value is OobeSystem. |
|
| settingName |
Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. |
ApiEntityReference
The API entity reference.
| Name | Type | Description |
|---|---|---|
| id |
string |
The ARM resource id in the form of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/... |
ApiError
Api error.
| Name | Type | Description |
|---|---|---|
| code |
string |
The error code. |
| details |
The Api error details |
|
| innererror |
The Api inner error |
|
| message |
string |
The error message. |
| target |
string |
The target of the particular error. |
ApiErrorBase
Api error base.
| Name | Type | Description |
|---|---|---|
| code |
string |
The error code. |
| message |
string |
The error message. |
| target |
string |
The target of the particular error. |
BootDiagnostics
Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor.
| Name | Type | Description |
|---|---|---|
| enabled |
boolean |
Whether boot diagnostics should be enabled on the Virtual Machine. |
| storageUri |
string |
Uri of the storage account to use for placing the console output and screenshot. If storageUri is not specified while enabling boot diagnostics, managed storage will be used. |
CachingTypes
Specifies the caching requirements. Possible values are: None, ReadOnly, ReadWrite. The default values are: None for Standard storage. ReadOnly for Premium storage
| Value | Description |
|---|---|
| None | |
| ReadOnly | |
| ReadWrite |
CloudError
An error response from the Compute service.
| Name | Type | Description |
|---|---|---|
| error |
Api error. |
ComponentNames
| Value | Description |
|---|---|
| Microsoft-Windows-Shell-Setup |
ConsistencyModeTypes
ConsistencyMode of the RestorePoint. Can be specified in the input while creating a restore point. For now, only CrashConsistent is accepted as a valid input. Please refer to https://aka.ms/RestorePoints for more details.
| Value | Description |
|---|---|
| CrashConsistent | |
| FileSystemConsistent | |
| ApplicationConsistent |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
DiagnosticsProfile
Specifies the boot diagnostic settings state. Minimum api-version: 2015-06-15.
| Name | Type | Description |
|---|---|---|
| bootDiagnostics |
Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. NOTE: If storageUri is being specified then ensure that the storage account is in the same region and subscription as the VM. You can easily view the output of your console log. Azure also enables you to see a screenshot of the VM from the hypervisor. |
DiskControllerTypes
Specifies the disk controller type configured for the VM and VirtualMachineScaleSet. This property is only supported for virtual machines whose operating system disk and VM sku supports Generation 2 (https://docs.microsoft.com/en-us/azure/virtual-machines/generation-2), please check the HyperVGenerations capability returned as part of VM sku capabilities in the response of Microsoft.Compute SKUs api for the region contains V2 (https://docs.microsoft.com/rest/api/compute/resourceskus/list). For more information about Disk Controller Types supported please refer to https://aka.ms/azure-diskcontrollertypes.
| Value | Description |
|---|---|
| SCSI | |
| NVMe |
DiskEncryptionSetParameters
Describes the parameter of customer managed disk encryption set resource id that can be specified for disk. Note: The disk encryption set resource id can only be specified for managed disk. Please refer https://aka.ms/mdssewithcmkoverview for more details.
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id |
DiskEncryptionSettings
Describes a Encryption Settings for a Disk
| Name | Type | Description |
|---|---|---|
| diskEncryptionKey |
Specifies the ___location of the disk encryption key, which is a Key Vault Secret. |
|
| enabled |
boolean |
Specifies whether disk encryption should be enabled on the virtual machine. |
| keyEncryptionKey |
Specifies the ___location of the key encryption key in Key Vault. |
DiskRestorePointAttributes
Disk Restore Point details.
| Name | Type | Description |
|---|---|---|
| encryption |
Encryption at rest settings for disk restore point. It is an optional property that can be specified in the input while creating a restore point. |
|
| id |
string |
Resource Id |
| sourceDiskRestorePoint |
Resource Id of the source disk restore point. |
DiskRestorePointInstanceView
The instance view of a disk restore point.
| Name | Type | Description |
|---|---|---|
| id |
string |
Disk restore point Id. |
| replicationStatus |
The disk restore point replication status information. |
|
| snapshotAccessState |
The state of snapshot which determines the access availability of the snapshot. |
DiskRestorePointReplicationStatus
The instance view of a disk restore point.
| Name | Type | Description |
|---|---|---|
| completionPercent |
integer (int32) |
Replication completion percentage. |
| status |
The resource status information. |
EncryptionIdentity
Specifies the Managed Identity used by ADE to get access token for keyvault operations.
| Name | Type | Description |
|---|---|---|
| userAssignedIdentityResourceId |
string |
Specifies ARM Resource ID of one of the user identities associated with the VM. |
HardwareProfile
Specifies the hardware settings for the virtual machine.
| Name | Type | Description |
|---|---|---|
| vmSize |
Specifies the size of the virtual machine. The enum data type is currently deprecated and will be removed by December 23rd 2023. The recommended way to get the list of available sizes is using these APIs: List all available virtual machine sizes in an availability set, List all available virtual machine sizes in a region, List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set. |
|
| vmSizeProperties |
Specifies the properties for customizing the size of the virtual machine. Minimum api-version: 2021-07-01. This feature is still in preview mode and is not supported for VirtualMachineScaleSet. Please follow the instructions in VM Customization for more details. |
HostEndpointSettings
Specifies particular host endpoint settings.
| Name | Type | Description |
|---|---|---|
| inVMAccessControlProfileReferenceId |
string |
Specifies the InVMAccessControlProfileVersion resource id in the format of /subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroupName}/providers/Microsoft.Compute/galleries/{galleryName}/inVMAccessControlProfiles/{profile}/versions/{version} |
| mode |
Specifies the execution mode. In Audit mode, the system acts as if it is enforcing the access control policy, including emitting access denial entries in the logs but it does not actually deny any requests to host endpoints. In Enforce mode, the system will enforce the access control and it is the recommended mode of operation. |
HyperVGenerationTypes
Specifies the HyperVGeneration Type
| Value | Description |
|---|---|
| V1 | |
| V2 |
InnerError
Inner error details.
| Name | Type | Description |
|---|---|---|
| errordetail |
string |
The internal error message or exception dump. |
| exceptiontype |
string |
The exception type. |
InstanceViewStatus
Instance view status.
| Name | Type | Description |
|---|---|---|
| code |
string |
The status code. |
| displayStatus |
string |
The short localizable label for the status. |
| level |
The level code. |
|
| message |
string |
The detailed status message, including for alerts and error messages. |
| time |
string (date-time) |
The time of the status. |
KeyVaultKeyReference
Describes a reference to Key Vault Key
| Name | Type | Description |
|---|---|---|
| keyUrl |
string |
The URL referencing a key encryption key in Key Vault. |
| sourceVault |
The relative URL of the Key Vault containing the key. |
KeyVaultSecretReference
Describes a reference to Key Vault Secret
| Name | Type | Description |
|---|---|---|
| secretUrl |
string |
The URL referencing a secret in a Key Vault. |
| sourceVault |
The relative URL of the Key Vault containing the secret. |
LinuxConfiguration
Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions.
| Name | Type | Description |
|---|---|---|
| disablePasswordAuthentication |
boolean |
Specifies whether password authentication should be disabled. |
| enableVMAgentPlatformUpdates |
boolean |
Indicates whether VMAgent Platform Updates is enabled for the Linux virtual machine. Default value is false. |
| patchSettings |
[Preview Feature] Specifies settings related to VM Guest Patching on Linux. |
|
| provisionVMAgent |
boolean |
Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
| ssh |
Specifies the ssh key configuration for a Linux OS. |
LinuxPatchAssessmentMode
Specifies the mode of VM Guest Patch Assessment for the IaaS virtual machine.
Possible values are:
ImageDefault - You control the timing of patch assessments on a virtual machine.
AutomaticByPlatform - The platform will trigger periodic patch assessments. The property provisionVMAgent must be true.
| Value | Description |
|---|---|
| ImageDefault | |
| AutomaticByPlatform |
LinuxPatchSettings
Specifies settings related to VM Guest Patching on Linux.
| Name | Type | Description |
|---|---|---|
| assessmentMode |
Specifies the mode of VM Guest Patch Assessment for the IaaS virtual machine. |
|
| automaticByPlatformSettings |
Specifies additional settings for patch mode AutomaticByPlatform in VM Guest Patching on Linux. |
|
| patchMode |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
LinuxVMGuestPatchAutomaticByPlatformRebootSetting
Specifies the reboot setting for all AutomaticByPlatform patch installation operations.
| Value | Description |
|---|---|
| Unknown | |
| IfRequired | |
| Never | |
| Always |
LinuxVMGuestPatchAutomaticByPlatformSettings
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Linux patch settings.
| Name | Type | Description |
|---|---|---|
| bypassPlatformSafetyChecksOnUserSchedule |
boolean |
Enables customer to schedule patching without accidental upgrades |
| rebootSetting |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
LinuxVMGuestPatchMode
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible.
Possible values are:
ImageDefault - The virtual machine's default patching configuration is used.
AutomaticByPlatform - The virtual machine will be automatically updated by the platform. The property provisionVMAgent must be true
| Value | Description |
|---|---|
| ImageDefault | |
| AutomaticByPlatform |
ManagedDiskParameters
The parameters of a managed disk.
| Name | Type | Description |
|---|---|---|
| diskEncryptionSet |
Specifies the customer managed disk encryption set resource id for the managed disk. |
|
| id |
string |
Resource Id |
| securityProfile |
Specifies the security profile for the managed disk. |
|
| storageAccountType |
Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. |
Mode
Specifies the mode that ProxyAgent will execute on if the feature is enabled. ProxyAgent will start to audit or monitor but not enforce access control over requests to host endpoints in Audit mode, while in Enforce mode it will enforce access control. The default value is Enforce mode.
| Value | Description |
|---|---|
| Audit | |
| Enforce |
Modes
Specifies the execution mode. In Audit mode, the system acts as if it is enforcing the access control policy, including emitting access denial entries in the logs but it does not actually deny any requests to host endpoints. In Enforce mode, the system will enforce the access control and it is the recommended mode of operation.
| Value | Description |
|---|---|
| Audit | |
| Enforce | |
| Disabled |
OperatingSystemType
Gets the Operating System type.
| Value | Description |
|---|---|
| Windows | |
| Linux |
OSProfile
Specifies the operating system settings for the virtual machine. Some of the settings cannot be changed once VM is provisioned.
| Name | Type | Description |
|---|---|---|
| adminPassword |
string (password) |
Specifies the password of the administrator account. |
| adminUsername |
string |
Specifies the name of the administrator account. |
| allowExtensionOperations |
boolean |
Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine. |
| computerName |
string |
Specifies the host OS name of the virtual machine. This name cannot be updated after the VM is created. Max-length (Windows): 15 characters. Max-length (Linux): 64 characters. For naming conventions and restrictions see Azure infrastructure services implementation guidelines. |
| customData |
string |
Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. Note: Do not pass any secrets or passwords in customData property. This property cannot be updated after the VM is created. The property 'customData' is passed to the VM to be saved as a file, for more information see Custom Data on Azure VMs. For using cloud-init for your Linux VM, see Using cloud-init to customize a Linux VM during creation. |
| linuxConfiguration |
Specifies the Linux operating system settings on the virtual machine. For a list of supported Linux distributions, see Linux on Azure-Endorsed Distributions. |
|
| requireGuestProvisionSignal |
boolean |
Optional property which must either be set to True or omitted. |
| secrets |
Specifies set of certificates that should be installed onto the virtual machine. To install certificates on a virtual machine it is recommended to use the Azure Key Vault virtual machine extension for Linux or the Azure Key Vault virtual machine extension for Windows. |
|
| windowsConfiguration |
Specifies Windows operating system settings on the virtual machine. |
PassNames
| Value | Description |
|---|---|
| OobeSystem |
PatchSettings
Specifies settings related to VM Guest Patching on Windows.
| Name | Type | Description |
|---|---|---|
| assessmentMode |
Specifies the mode of VM Guest patch assessment for the IaaS virtual machine. |
|
| automaticByPlatformSettings |
Specifies additional settings for patch mode AutomaticByPlatform in VM Guest Patching on Windows. |
|
| enableHotpatching |
boolean |
Enables customers to patch their Azure VMs without requiring a reboot. For enableHotpatching, the 'provisionVMAgent' must be set to true and 'patchMode' must be set to 'AutomaticByPlatform'. |
| patchMode |
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible. |
ProtocolTypes
Specifies the protocol of WinRM listener. Possible values are: http, https.
| Value | Description |
|---|---|
| Http | |
| Https |
ProxyAgentSettings
Specifies ProxyAgent settings for the virtual machine or virtual machine scale set. Minimum api-version: 2023-09-01.
| Name | Type | Description |
|---|---|---|
| addProxyAgentExtension |
boolean |
Specify whether to implicitly install the ProxyAgent Extension. This option is currently applicable only for Linux Os. |
| enabled |
boolean |
Specifies whether ProxyAgent feature should be enabled on the virtual machine or virtual machine scale set. |
| imds |
Specifies the IMDS endpoint settings while creating the virtual machine or virtual machine scale set. Minimum api-version: 2024-03-01. |
|
| keyIncarnationId |
integer (int32) |
Increase the value of this property allows users to reset the key used for securing communication channel between guest and host. |
| mode |
Specifies the mode that ProxyAgent will execute on. Warning: this property has been deprecated, please specify 'mode' under particular hostendpoint setting. |
|
| wireServer |
Specifies the Wire Server endpoint settings while creating the virtual machine or virtual machine scale set. Minimum api-version: 2024-03-01. |
RestorePoint
Restore Point details.
| Name | Type | Description |
|---|---|---|
| id |
string |
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} |
| name |
string |
The name of the resource |
| properties.consistencyMode |
ConsistencyMode of the RestorePoint. Can be specified in the input while creating a restore point. For now, only CrashConsistent is accepted as a valid input. Please refer to https://aka.ms/RestorePoints for more details. |
|
| properties.excludeDisks |
List of disk resource ids that the customer wishes to exclude from the restore point. If no disks are specified, all disks will be included. |
|
| properties.instanceView |
The restore point instance view. |
|
| properties.instantAccessDurationMinutes |
integer (int32) |
This property determines the time in minutes the snapshot is retained as instant access for restoring Premium SSD v2 or Ultra disk with fast restore performance in this restore point. |
| properties.provisioningState |
string |
Gets the provisioning state of the restore point. |
| properties.sourceMetadata |
Gets the details of the VM captured at the time of the restore point creation. |
|
| properties.sourceRestorePoint |
Resource Id of the source restore point from which a copy needs to be created. |
|
| properties.timeCreated |
string (date-time) |
Gets the creation time of the restore point. |
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
RestorePointCollection
Create or update Restore Point collection parameters.
| Name | Type | Description |
|---|---|---|
| id |
string |
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} |
| ___location |
string |
The geo-___location where the resource lives |
| name |
string |
The name of the resource |
| properties.instantAccess |
boolean |
This property determines whether instant access snapshot is enabled for restore points created under this restore point collection for Premium SSD v2 or Ultra disk. Instant access snapshot for Premium SSD v2 or Ultra disk is instantaneously available for restoring disk with fast restore performance. |
| properties.provisioningState |
string |
The provisioning state of the restore point collection. |
| properties.restorePointCollectionId |
string |
The unique id of the restore point collection. |
| properties.restorePoints |
A list containing all restore points created under this restore point collection. |
|
| properties.source |
The properties of the source resource that this restore point collection is created from. |
|
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| tags |
object |
Resource tags. |
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
RestorePointCollectionSourceProperties
The properties of the source resource that this restore point collection is created from.
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id of the source resource used to create this restore point collection |
| ___location |
string |
Location of the source resource used to create this restore point collection. |
RestorePointEncryption
Encryption at rest settings for disk restore point. It is an optional property that can be specified in the input while creating a restore point.
| Name | Type | Description |
|---|---|---|
| diskEncryptionSet |
Describes the parameter of customer managed disk encryption set resource id that can be specified for disk. Note: The disk encryption set resource id can only be specified for managed disk. Please refer https://aka.ms/mdssewithcmkoverview for more details. |
|
| type |
The type of key used to encrypt the data of the disk restore point. |
RestorePointEncryptionType
The type of key used to encrypt the data of the disk restore point.
| Value | Description |
|---|---|
| EncryptionAtRestWithPlatformKey |
Disk Restore Point is encrypted at rest with Platform managed key. |
| EncryptionAtRestWithCustomerKey |
Disk Restore Point is encrypted at rest with Customer managed key that can be changed and revoked by a customer. |
| EncryptionAtRestWithPlatformAndCustomerKeys |
Disk Restore Point is encrypted at rest with 2 layers of encryption. One of the keys is Customer managed and the other key is Platform managed. |
RestorePointInstanceView
The instance view of a restore point.
| Name | Type | Description |
|---|---|---|
| diskRestorePoints |
The disk restore points information. |
|
| statuses |
The resource status information. |
RestorePointSourceMetadata
Describes the properties of the Virtual Machine for which the restore point was created. The properties provided are a subset and the snapshot of the overall Virtual Machine properties captured at the time of the restore point creation.
| Name | Type | Description |
|---|---|---|
| diagnosticsProfile |
Gets the diagnostics profile. |
|
| hardwareProfile |
Gets the hardware profile. |
|
| hyperVGeneration |
HyperVGeneration of the source VM for which restore point is captured. |
|
| licenseType |
string |
Gets the license type, which is for bring your own license scenario. |
| ___location |
string |
Location of the VM from which the restore point was created. |
| osProfile |
Gets the OS profile. |
|
| securityProfile |
Gets the security profile. |
|
| storageProfile |
Gets the storage profile. |
|
| userData |
string |
UserData associated with the source VM for which restore point is captured, which is a base-64 encoded value. |
| vmId |
string |
Gets the virtual machine unique id. |
RestorePointSourceVMDataDisk
Describes a data disk.
| Name | Type | Description |
|---|---|---|
| caching |
Gets the caching type. |
|
| diskRestorePoint |
Contains Disk Restore Point properties. |
|
| diskSizeGB |
integer (int32) |
Gets the initial disk size in GB for blank data disks, and the new desired size for existing OS and Data disks. |
| lun |
integer (int32) |
Gets the logical unit number. |
| managedDisk |
Contains the managed disk details. |
|
| name |
string |
Gets the disk name. |
| writeAcceleratorEnabled |
boolean |
Shows true if the disk is write-accelerator enabled. |
RestorePointSourceVMOSDisk
Describes an Operating System disk.
| Name | Type | Description |
|---|---|---|
| caching |
Gets the caching type. |
|
| diskRestorePoint |
Contains Disk Restore Point properties. |
|
| diskSizeGB |
integer (int32) |
Gets the disk size in GB. |
| encryptionSettings |
Gets the disk encryption settings. |
|
| managedDisk |
Gets the managed disk details |
|
| name |
string |
Gets the disk name. |
| osType |
Gets the Operating System type. |
|
| writeAcceleratorEnabled |
boolean |
Shows true if the disk is write-accelerator enabled. |
RestorePointSourceVMStorageProfile
Describes the storage profile.
| Name | Type | Description |
|---|---|---|
| dataDisks |
Gets the data disks of the VM captured at the time of the restore point creation. |
|
| diskControllerType |
Gets the disk controller type of the VM captured at the time of the restore point creation. |
|
| osDisk |
Gets the OS disk of the VM captured at the time of the restore point creation. |
SecurityEncryptionTypes
Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob.. Note: It can be set for only Confidential VMs.
| Value | Description |
|---|---|
| VMGuestStateOnly | |
| DiskWithVMGuestState | |
| NonPersistedTPM |
SecurityProfile
Specifies the Security profile settings for the virtual machine or virtual machine scale set.
| Name | Type | Description |
|---|---|---|
| encryptionAtHost |
boolean |
This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine or virtual machine scale set. This will enable the encryption for all the disks including Resource/Temp disk at host itself. The default behavior is: The Encryption at host will be disabled unless this property is set to true for the resource. |
| encryptionIdentity |
Specifies the Managed Identity used by ADE to get access token for keyvault operations. |
|
| proxyAgentSettings |
Specifies ProxyAgent settings while creating the virtual machine. Minimum api-version: 2023-09-01. |
|
| securityType |
Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. |
|
| uefiSettings |
Specifies the security settings like secure boot and vTPM used while creating the virtual machine. Minimum api-version: 2020-12-01. |
SecurityTypes
Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set.
| Value | Description |
|---|---|
| TrustedLaunch | |
| ConfidentialVM |
SettingNames
Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon.
| Value | Description |
|---|---|
| AutoLogon | |
| FirstLogonCommands |
SnapshotAccessState
The state of snapshot which determines the access availability of the snapshot.
| Value | Description |
|---|---|
| Unknown |
Default value. |
| Pending |
The snapshot cannot be used for restore, copy or download to offline. |
| Available |
The snapshot can be used for restore, copy to different region, and download to offline. |
| InstantAccess |
The snapshot can be used for restoring disks with fast performance but cannot be copied or downloaded. |
| AvailableWithInstantAccess |
The snapshot can be used for restoring disks with fast performance, copied and downloaded. |
SshConfiguration
SSH configuration for Linux based VMs running on Azure
| Name | Type | Description |
|---|---|---|
| publicKeys |
The list of SSH public keys used to authenticate with linux based VMs. |
SshPublicKey
Contains information about SSH certificate public key and the path on the Linux VM where the public key is placed.
| Name | Type | Description |
|---|---|---|
| keyData |
string |
SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format. For creating ssh keys, see [Create SSH keys on Linux and Mac for Linux VMs in Azure]https://docs.microsoft.com/azure/virtual-machines/linux/create-ssh-keys-detailed). |
| path |
string |
Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys |
StatusLevelTypes
The level code.
| Value | Description |
|---|---|
| Info | |
| Warning | |
| Error |
StorageAccountTypes
Specifies the storage account type for the managed disk. Managed OS disk storage account type can only be set when you create the scale set. NOTE: UltraSSD_LRS can only be used with data disks. It cannot be used with OS Disk. Standard_LRS uses Standard HDD. StandardSSD_LRS uses Standard SSD. Premium_LRS uses Premium SSD. UltraSSD_LRS uses Ultra disk. Premium_ZRS uses Premium SSD zone redundant storage. StandardSSD_ZRS uses Standard SSD zone redundant storage. For more information regarding disks supported for Windows Virtual Machines, refer to https://docs.microsoft.com/azure/virtual-machines/windows/disks-types and, for Linux Virtual Machines, refer to https://docs.microsoft.com/azure/virtual-machines/linux/disks-types
| Value | Description |
|---|---|
| Standard_LRS | |
| Premium_LRS | |
| StandardSSD_LRS | |
| UltraSSD_LRS | |
| Premium_ZRS | |
| StandardSSD_ZRS | |
| PremiumV2_LRS |
SubResource
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |
UefiSettings
Specifies the security settings like secure boot and vTPM used while creating the virtual machine. Minimum api-version: 2020-12-01.
| Name | Type | Description |
|---|---|---|
| secureBootEnabled |
boolean |
Specifies whether secure boot should be enabled on the virtual machine. Minimum api-version: 2020-12-01. |
| vTpmEnabled |
boolean |
Specifies whether vTPM should be enabled on the virtual machine. Minimum api-version: 2020-12-01. |
VaultCertificate
Describes a single certificate reference in a Key Vault, and where the certificate should reside on the VM.
| Name | Type | Description |
|---|---|---|
| certificateStore |
string |
For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account. For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for private key. Both of these files are .pem formatted. |
| certificateUrl |
string |
This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: |
VaultSecretGroup
Describes a set of certificates which are all in the same Key Vault.
| Name | Type | Description |
|---|---|---|
| sourceVault |
The relative URL of the Key Vault containing all of the certificates in VaultCertificates. |
|
| vaultCertificates |
The list of key vault references in SourceVault which contain certificates. |
VirtualMachineSizeTypes
Specifies the size of the virtual machine. The enum data type is currently deprecated and will be removed by December 23rd 2023. The recommended way to get the list of available sizes is using these APIs: List all available virtual machine sizes in an availability set, List all available virtual machine sizes in a region, List all available virtual machine sizes for resizing. For more information about virtual machine sizes, see Sizes for virtual machines. The available VM sizes depend on region and availability set.
| Value | Description |
|---|---|
| Basic_A0 | |
| Basic_A1 | |
| Basic_A2 | |
| Basic_A3 | |
| Basic_A4 | |
| Standard_A0 | |
| Standard_A1 | |
| Standard_A2 | |
| Standard_A3 | |
| Standard_A4 | |
| Standard_A5 | |
| Standard_A6 | |
| Standard_A7 | |
| Standard_A8 | |
| Standard_A9 | |
| Standard_A10 | |
| Standard_A11 | |
| Standard_A1_v2 | |
| Standard_A2_v2 | |
| Standard_A4_v2 | |
| Standard_A8_v2 | |
| Standard_A2m_v2 | |
| Standard_A4m_v2 | |
| Standard_A8m_v2 | |
| Standard_B1s | |
| Standard_B1ms | |
| Standard_B2s | |
| Standard_B2ms | |
| Standard_B4ms | |
| Standard_B8ms | |
| Standard_D1 | |
| Standard_D2 | |
| Standard_D3 | |
| Standard_D4 | |
| Standard_D11 | |
| Standard_D12 | |
| Standard_D13 | |
| Standard_D14 | |
| Standard_D1_v2 | |
| Standard_D2_v2 | |
| Standard_D3_v2 | |
| Standard_D4_v2 | |
| Standard_D5_v2 | |
| Standard_D2_v3 | |
| Standard_D4_v3 | |
| Standard_D8_v3 | |
| Standard_D16_v3 | |
| Standard_D32_v3 | |
| Standard_D64_v3 | |
| Standard_D2s_v3 | |
| Standard_D4s_v3 | |
| Standard_D8s_v3 | |
| Standard_D16s_v3 | |
| Standard_D32s_v3 | |
| Standard_D64s_v3 | |
| Standard_D11_v2 | |
| Standard_D12_v2 | |
| Standard_D13_v2 | |
| Standard_D14_v2 | |
| Standard_D15_v2 | |
| Standard_DS1 | |
| Standard_DS2 | |
| Standard_DS3 | |
| Standard_DS4 | |
| Standard_DS11 | |
| Standard_DS12 | |
| Standard_DS13 | |
| Standard_DS14 | |
| Standard_DS1_v2 | |
| Standard_DS2_v2 | |
| Standard_DS3_v2 | |
| Standard_DS4_v2 | |
| Standard_DS5_v2 | |
| Standard_DS11_v2 | |
| Standard_DS12_v2 | |
| Standard_DS13_v2 | |
| Standard_DS14_v2 | |
| Standard_DS15_v2 | |
| Standard_DS13-4_v2 | |
| Standard_DS13-2_v2 | |
| Standard_DS14-8_v2 | |
| Standard_DS14-4_v2 | |
| Standard_E2_v3 | |
| Standard_E4_v3 | |
| Standard_E8_v3 | |
| Standard_E16_v3 | |
| Standard_E32_v3 | |
| Standard_E64_v3 | |
| Standard_E2s_v3 | |
| Standard_E4s_v3 | |
| Standard_E8s_v3 | |
| Standard_E16s_v3 | |
| Standard_E32s_v3 | |
| Standard_E64s_v3 | |
| Standard_E32-16_v3 | |
| Standard_E32-8s_v3 | |
| Standard_E64-32s_v3 | |
| Standard_E64-16s_v3 | |
| Standard_F1 | |
| Standard_F2 | |
| Standard_F4 | |
| Standard_F8 | |
| Standard_F16 | |
| Standard_F1s | |
| Standard_F2s | |
| Standard_F4s | |
| Standard_F8s | |
| Standard_F16s | |
| Standard_F2s_v2 | |
| Standard_F4s_v2 | |
| Standard_F8s_v2 | |
| Standard_F16s_v2 | |
| Standard_F32s_v2 | |
| Standard_F64s_v2 | |
| Standard_F72s_v2 | |
| Standard_G1 | |
| Standard_G2 | |
| Standard_G3 | |
| Standard_G4 | |
| Standard_G5 | |
| Standard_GS1 | |
| Standard_GS2 | |
| Standard_GS3 | |
| Standard_GS4 | |
| Standard_GS5 | |
| Standard_GS4-8 | |
| Standard_GS4-4 | |
| Standard_GS5-16 | |
| Standard_GS5-8 | |
| Standard_H8 | |
| Standard_H16 | |
| Standard_H8m | |
| Standard_H16m | |
| Standard_H16r | |
| Standard_H16mr | |
| Standard_L4s | |
| Standard_L8s | |
| Standard_L16s | |
| Standard_L32s | |
| Standard_M64s | |
| Standard_M64ms | |
| Standard_M128s | |
| Standard_M128ms | |
| Standard_M64-32ms | |
| Standard_M64-16ms | |
| Standard_M128-64ms | |
| Standard_M128-32ms | |
| Standard_NC6 | |
| Standard_NC12 | |
| Standard_NC24 | |
| Standard_NC24r | |
| Standard_NC6s_v2 | |
| Standard_NC12s_v2 | |
| Standard_NC24s_v2 | |
| Standard_NC24rs_v2 | |
| Standard_NC6s_v3 | |
| Standard_NC12s_v3 | |
| Standard_NC24s_v3 | |
| Standard_NC24rs_v3 | |
| Standard_ND6s | |
| Standard_ND12s | |
| Standard_ND24s | |
| Standard_ND24rs | |
| Standard_NV6 | |
| Standard_NV12 | |
| Standard_NV24 |
VMDiskSecurityProfile
Specifies the security profile settings for the managed disk. Note: It can only be set for Confidential VMs.
| Name | Type | Description |
|---|---|---|
| diskEncryptionSet |
Specifies the customer managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. |
|
| securityEncryptionType |
Specifies the EncryptionType of the managed disk. It is set to DiskWithVMGuestState for encryption of the managed disk along with VMGuestState blob, VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob.. Note: It can be set for only Confidential VMs. |
VMSizeProperties
Specifies VM Size Property settings on the virtual machine.
| Name | Type | Description |
|---|---|---|
| vCPUsAvailable |
integer (int32) |
Specifies the number of vCPUs available for the VM. When this property is not specified in the request body the default behavior is to set it to the value of vCPUs available for that VM size exposed in api response of List all available virtual machine sizes in a region. |
| vCPUsPerCore |
integer (int32) |
Specifies the vCPU to physical core ratio. When this property is not specified in the request body the default behavior is set to the value of vCPUsPerCore for the VM Size exposed in api response of List all available virtual machine sizes in a region. Setting this property to 1 also means that hyper-threading is disabled. |
WindowsConfiguration
Specifies Windows operating system settings on the virtual machine.
| Name | Type | Description |
|---|---|---|
| additionalUnattendContent |
Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. |
|
| enableAutomaticUpdates |
boolean |
Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true. For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning. |
| enableVMAgentPlatformUpdates |
boolean |
Indicates whether VMAgent Platform Updates are enabled for the Windows Virtual Machine. |
| patchSettings |
[Preview Feature] Specifies settings related to VM Guest Patching on Windows. |
|
| provisionVMAgent |
boolean |
Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, it is set to true by default. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. |
| timeZone |
string |
Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time". Possible values can be TimeZoneInfo.Id value from time zones returned by TimeZoneInfo.GetSystemTimeZones. |
| winRM |
Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. |
WindowsPatchAssessmentMode
Specifies the mode of VM Guest patch assessment for the IaaS virtual machine.
Possible values are:
ImageDefault - You control the timing of patch assessments on a virtual machine.
AutomaticByPlatform - The platform will trigger periodic patch assessments. The property provisionVMAgent must be true.
| Value | Description |
|---|---|
| ImageDefault | |
| AutomaticByPlatform |
WindowsVMGuestPatchAutomaticByPlatformRebootSetting
Specifies the reboot setting for all AutomaticByPlatform patch installation operations.
| Value | Description |
|---|---|
| Unknown | |
| IfRequired | |
| Never | |
| Always |
WindowsVMGuestPatchAutomaticByPlatformSettings
Specifies additional settings to be applied when patch mode AutomaticByPlatform is selected in Windows patch settings.
| Name | Type | Description |
|---|---|---|
| bypassPlatformSafetyChecksOnUserSchedule |
boolean |
Enables customer to schedule patching without accidental upgrades |
| rebootSetting |
Specifies the reboot setting for all AutomaticByPlatform patch installation operations. |
WindowsVMGuestPatchMode
Specifies the mode of VM Guest Patching to IaaS virtual machine or virtual machines associated to virtual machine scale set with OrchestrationMode as Flexible.
Possible values are:
Manual - You control the application of patches to a virtual machine. You do this by applying patches manually inside the VM. In this mode, automatic updates are disabled; the property WindowsConfiguration.enableAutomaticUpdates must be false
AutomaticByOS - The virtual machine will automatically be updated by the OS. The property WindowsConfiguration.enableAutomaticUpdates must be true.
AutomaticByPlatform - the virtual machine will automatically updated by the platform. The properties provisionVMAgent and WindowsConfiguration.enableAutomaticUpdates must be true
| Value | Description |
|---|---|
| Manual | |
| AutomaticByOS | |
| AutomaticByPlatform |
WinRMConfiguration
Describes Windows Remote Management configuration of the VM
| Name | Type | Description |
|---|---|---|
| listeners |
The list of Windows Remote Management listeners |
WinRMListener
Describes Protocol and thumbprint of Windows Remote Management listener
| Name | Type | Description |
|---|---|---|
| certificateUrl |
string |
This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be the Base64 encoding of the following JSON Object which is encoded in UTF-8: |
| protocol |
Specifies the protocol of WinRM listener. Possible values are: http, https. |