Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
- Latest
- 2025-04-01
- 2024-11-01
- 2024-07-01
- 2024-03-01
- 2023-09-01
- 2023-07-01
- 2023-03-01
- 2022-11-01
- 2022-08-01
- 2022-03-01
- 2021-11-01
- 2021-07-01
- 2021-04-01
- 2021-03-01
- 2020-12-01
- 2020-06-01
- 2019-12-01
- 2019-07-01
- 2019-03-01
- 2018-10-01
- 2018-06-01
- 2018-04-01
- 2017-12-01
- 2017-03-30
- 2016-04-30-preview
- 2016-03-30
- 2015-06-15
Bicep resource definition
The virtualMachines/extensions resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Compute/virtualMachines/extensions resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Compute/virtualMachines/extensions@2021-07-01' = {
  parent: resourceSymbolicName
  ___location: 'string'
  name: 'string'
  properties: {
    autoUpgradeMinorVersion: bool
    enableAutomaticUpgrade: bool
    forceUpdateTag: 'string'
    instanceView: {
      name: 'string'
      statuses: [
        {
          code: 'string'
          displayStatus: 'string'
          level: 'string'
          message: 'string'
          time: 'string'
        }
      ]
      substatuses: [
        {
          code: 'string'
          displayStatus: 'string'
          level: 'string'
          message: 'string'
          time: 'string'
        }
      ]
      type: 'string'
      typeHandlerVersion: 'string'
    }
    protectedSettings: any(...)
    publisher: 'string'
    settings: any(...)
    suppressFailures: bool
    type: 'string'
    typeHandlerVersion: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}
Property Values
Microsoft.Compute/virtualMachines/extensions
| Name | Description | Value | 
|---|---|---|
| ___location | Resource ___location | string (required) | 
| name | The resource name | string (required) | 
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. | Symbolic name for resource of type: virtualMachines | 
| properties | Describes the properties of a Virtual Machine Extension. | VirtualMachineExtensionProperties | 
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates | 
InstanceViewStatus
| Name | Description | Value | 
|---|---|---|
| code | The status code. | string | 
| displayStatus | The short localizable label for the status. | string | 
| level | The level code. | 'Error' 'Info' 'Warning' | 
| message | The detailed status message, including for alerts and error messages. | string | 
| time | The time of the status. | string | 
ResourceTags
| Name | Description | Value | 
|---|
VirtualMachineExtensionInstanceView
| Name | Description | Value | 
|---|---|---|
| name | The virtual machine extension name. | string | 
| statuses | The resource status information. | InstanceViewStatus[] | 
| substatuses | The resource status information. | InstanceViewStatus[] | 
| type | Specifies the type of the extension; an example is "CustomScriptExtension". | string | 
| typeHandlerVersion | Specifies the version of the script handler. | string | 
VirtualMachineExtensionProperties
| Name | Description | Value | 
|---|---|---|
| autoUpgradeMinorVersion | Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true. | bool | 
| enableAutomaticUpgrade | Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available. | bool | 
| forceUpdateTag | How the extension handler should be forced to update even if the extension configuration has not changed. | string | 
| instanceView | The virtual machine extension instance view. | VirtualMachineExtensionInstanceView | 
| protectedSettings | The extension can contain either protectedSettings or protectedSettingsFromKeyVault or no protected settings at all. | any | 
| publisher | The name of the extension handler publisher. | string | 
| settings | Json formatted public settings for the extension. | any | 
| suppressFailures | Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false. | bool | 
| type | Specifies the type of the extension; an example is "CustomScriptExtension". | string | 
| typeHandlerVersion | Specifies the version of the script handler. | string | 
Usage Examples
Azure Quickstart Samples
The following Azure Quickstart templates contain Bicep samples for deploying this resource type.
| Bicep File | Description | 
|---|---|
| AKS Cluster with a NAT Gateway and an Application Gateway | This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. | 
| AKS cluster with the Application Gateway Ingress Controller | This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault | 
| Azure Application Gateway Log Analyzer using GoAccess | This template uses the Azure Linux CustomScript extension to deploy an Azure Application Gateway Log Analyzer using GoAccess. The deployment template creates an Ubuntu VM, installs Application Gateway Log Processor, GoAccess, Apache WebServer and configures it to analyze Azure Application Gateway access logs. | 
| Azure Game Developer Virtual Machine | Azure Game Developer Virtual Machine includes Licencsed Engines like Unreal. | 
| Azure Machine Learning end-to-end secure setup | This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. | 
| Azure Machine Learning end-to-end secure setup (legacy) | This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. | 
| Azure Traffic Manager VM example | This template shows how to create an Azure Traffic Manager profile load-balancing across multiple virtual machines. | 
| CentOS/UbuntuServer Auto Dynamic Disks & Docker 1.12(cs) | This is a common template for creating single instance CentOS 7.2/7.1/6.5 or Ubuntu Server 16.04.0-LTS with configurable number of data disks (configurable sizes). Maximum 16 disks can be mentioned in the portal parameters and maximum size of each disk should be less than 1023 GB. The MDADM RAID0 Array is automounted and survives restarts. Latest Docker 1.12(cs3) (Swarm), docker-compose 1.9.0 & docker-machine 0.8.2 is available for usage from user azure-cli is auto running as a docker container. This single instance template is an offshoot of the HPC/GPU Clusters Template @ https://github.com/azurebigcompute/BigComputeBench | 
| Create a cross-region load balancer | This template creates a cross-region load balancer with a backend pool containing two regional load balancers. Cross-region load balancer is currently available in limited regions. The regional load balancers behind the cross-region load balancer can be in any region. | 
| Create a Private AKS Cluster | This sample shows how to create a private AKS cluster in a virtual network along with a jumpbox virtual machine. | 
| Create a sandbox setup of Azure Firewall with Linux VMs | This template creates a virtual network with 3 subnets (server subnet, jumpbox subet and AzureFirewall subnet), a jumpbox VM with public IP, A server VM, UDR route to point to Azure Firewall for the Server Subnet and an Azure Firewall with 1 or more Public IP addresses, 1 sample application rule, 1 sample network rule and default private ranges | 
| Create a standard load-balancer | This template creates an Internet-facing load-balancer, load balancing rules, and three VMs for the backend pool with each VM in a redundant zone. | 
| Create a VM with multiple NICs and RDP accessible | This template allows you to create a Virtual Machines with multiple (2) network interfaces (NICs), and RDP connectable with a configured load balancer and an inbound NAT rule. More NICs can easily be added with this template. This template also deploys a Storage Account, Virtual Network, Public IP address, and 2 Network Interfaces (front-end and back-end). | 
| Create an Azure Application Gateway v2 | This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool | 
| Create an Azure VM with a new AD Forest | This template creates a new Azure VM, it configures the VM to be an AD DC for a new Forest | 
| Create an Azure WAF v2 on Azure Application Gateway | This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool | 
| Create an Ubuntu GNOME desktop | This template creates an ubuntu desktop machine. This works great for use as a jumpbox behind a NAT. | 
| Create new Ubuntu VM pre-populated with Puppet Agent | This template creates a Ubuntu VM and installs the Puppet Agent into it using the CustomScript extension. | 
| Creates AVD with Microsoft Entra ID Join | This template allows you to create Azure Virtual Desktop resources such as host pool, application group, workspace, a test session host and its extensions with Microsoft Entra ID join | 
| Custom Script extension on a Ubuntu VM | This template creates a Ubuntu VM and installs the CustomScript extension | 
| Deploy a Linux or Windows VM with MSI | This template allows you to deploy a Linux or Windows VM with a Managed Service Identity. | 
| Deploy a Nextflow genomics cluster | This template deploys a scalable Nextflow cluster with a Jumpbox, n cluster nodes, docker support and shared storage. | 
| Deploy a simple Ubuntu Linux VM 20.04-LTS | This template deploys an Ubuntu Server with a few options for the VM. You can provide the VM Name, OS Version, VM size, and admin username and password. As default the VM size is Standard_D2s_v3 and OS version is 20.04-LTS. | 
| Deploy a simple Windows VM | This template allows you to deploy a simple Windows VM using a few different options for the Windows version, using the latest patched version. This will deploy an A2 size VM in the resource group ___location and return the FQDN of the VM. | 
| Deploy a trusted launch capable Linux virtual machine | This template allows you to deploy a trusted launch capable Linux virtual machine using a few different options for the Linux version, using the latest patched version. If you enable Secureboot and vTPM, the Guest Attestation extension will be installed on your VM. This extension will perform remote attestation by the cloud. By default, this will deploy an Standard_D2_v3 size virtual machine in the resource group ___location and return the FQDN of the virtual machine. | 
| Deploy a trusted launch capable Windows virtual machine | This template allows you to deploy a trusted launch capable Windows virtual machine using a few different options for the Windows version, using the latest patched version. If you enable Secureboot and vTPM, the Guest Attestation extension will be installed on your VM. This extension will perform remote attestation by the cloud. By default, this will deploy an Standard_D2_v3 size virtual machine in the resource group ___location and return the FQDN of the virtual machine. | 
| Deploy a Windows VM with Windows Admin Center extension | This template allows you to deploy a Windows VM with Windows Admin Center extension to manage the VM directly from Azure Portal. | 
| Deploy Secure AI Foundry with a managed virtual network | This template creates a secure Azure AI Foundry environment with robust network and identity security restrictions. | 
| Deploy Shibboleth Identity Provider cluster on Windows | This template deploys Shibboleth Identity Provider on Windows in a clustered configuration. After the deployment is successful, you can go to https://your-___domain:8443/idp/profile/status (note port number) to check success. | 
| Deploy Ubuntu VM with Open JDK and Tomcat | This template allows you to create a Ubuntu VM with OpenJDK and Tomcat. Currently custom script file is pulled temporarily from https link on raw.githubusercontent.com/snallami/templates/master/ubuntu/java-tomcat-install.sh. Once the VM is successfully provisioned, tomcat installation can be verified by accessing the http link [FQDN name or public IP]:8080/ | 
| Deploys SQL Server 2014 AG on existing VNET & AD | This template creates three new Azure VMs on an existing VNET: Two VMs are configured as SQL Server 2014 availability group replica nodes and one VM is configured as a File Share Witness for automated cluster failover. In addition to these VMs, the following additional Azure resources are also configured: Internal load balancer, Storage accounts. To configure clustering, SQL Server, and an availability group within each VM, PowerShell DSC is leveraged. For Active Directory support, existing Active Directory ___domain controllers should already be deployed on the existing VNET. | 
| Dokku Instance | Dokku is a mini-heroku-style PaaS on a single VM. | 
| Front Door Premium with VM and Private Link service | This template creates a Front Door Premium and a virtual machine configured as a web server. Front Door uses a private endpoint with Private Link service to send traffic to the VM. | 
| Hazelcast Cluster | Hazelcast is an in-memory data platform that can be used for a variety of data applications. This template will deploy any number of Hazelcast nodes and they will automatically discover each other. | 
| Hyper-V Host Virtual Machine with nested VMs | Deploys a Virtual Machine to by a Hyper-V Host and all dependent resources including virtual network, public IP address and route tables. | 
| IIS Server using DSC extension on a Windows VM | This template creates a Windows VM and sets up an IIS server using the DSC extension. Note, the DSC configuration module needs a SAS token to be passed in if you are using Azure Storage. For DSC module link from GitHub (default in this template), this is not needed. | 
| IIS VMs & SQL Server 2014 VM | Create 1 or 2 IIS Windows 2012 R2 Web Servers and one back end SQL Server 2014 in VNET. | 
| JBoss EAP on RHEL (clustered, multi-VM) | This template allows you to create multiple RHEL 8.6 VMs running JBoss EAP 7.4 cluster and also deploys a web application called eap-session-replication, you can log into the admin console using the JBoss EAP username and password configured at the time of the deployment. | 
| Join a VM to an existing ___domain | This template demonstrates ___domain join to a private AD ___domain up in cloud. | 
| Linux VM with Gnome Desktop RDP VS Code and Azure CLI | This template deploys an Ubuntu Server VM, then uses the Linux CustomScript extension to install the Ubuntu Gnome Desktop and Remote Desktop support (via xrdp). The final provisioned Ubuntu VM support remote connections over RDP. | 
| Linux VM with MSI Accessing Storage | This template deploys a linux VM with a system assigned managed identity that has access to a storage account in a different resource group. | 
| OpenScholar | This template deploys a OpenScholar to the ubuntu VM 16.04 | 
| Private Link service example | This template shows how to create a private link service | 
| Public Load Balancer chained to a Gateway Load Balancer | This template allows you to deploy a Public Standard Load Balancer chained to a Gateway Load Balancer. The traffic incoming from internet is routed to the Gateway Load Balancer with linux VMs (NVAs) in the backend pool. | 
| Push a certificate onto a Windows VM | Push a certificate onto a Windows VM. Create the Key Vault using the template at http://azure.microsoft.com/en-us/documentation/templates/101-create-key-vault | 
| SAP 2-tier S/4HANA Fully Activated Appliance | This template deploys an SAP S/4HANA Fully Activated Appliance system. | 
| Self-host Integration Runtime on Azure VMs | This template creates a selfhost integration runtime and registers it on Azure virtual machines | 
| SQL Server VM with performance optimized storage settings | Create a SQL Server Virtual Machine with performance optimized storage settings on PremiumSSD | 
| Testing environment for Azure Firewall Premium | This template creates an Azure Firewall Premium and Firewall Policy with premium features such as Intrusion Inspection Detection (IDPS), TLS inspection and Web Category filtering | 
| Ubuntu Mate Desktop VM with VS Code | This template allows you to deploy a simple Linux VM using a few different options for the Ubuntu version, using the latest patched version. This will deploy a A1 size VM in the resource group ___location and return the FQDN of the VM. | 
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology | This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. | 
| Virtual machine with an RDP port | Creates a virtual machine and creates a NAT rule for RDP to the VM in load balancer | 
| Virtual Machine with Conditional Resources | This template allows deploying a linux VM using new or existing resources for the Virtual Network, Storage and Public IP Address. It also allows for choosing between SSH and Password authenticate. The templates uses conditions and logic functions to remove the need for nested deployments. | 
| VM Using Managed Identity for Artifact Download | This template shows how to use a managed identity to download artifacts for the virtual machine's custom script extension. | 
| VMs in Availability Zones with a Load Balancer and NAT | This template allows you to create Virtual Machines distributed across Availability Zones with a Load Balancer and configure NAT rules through the load balancer. This template also deploys a Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines | 
| Windows Docker Host with Portainer and Traefik pre-installed | Windows Docker Host with Portainer and Traefik pre-installed | 
| Windows Server VM with SSH | Deploy a single Windows VM with Open SSH enabled so that you can connect through SSH using key-based authentication. | 
| Windows VM with Azure secure baseline | The template creates a virtual machine running Windows Server in a new virtual network, with a public IP address. Once the machine has deployed, the guest configuration extension is installed and the Azure secure baseline for Windows Server is applied. If the configuration of the machines drifts, you can re-apply the settings by deploying the template again. | 
| Windows VM with O365 Pre-installed | This template creates a Windows based VM. It creates the VM in a new vnet, storage account, nic, and public ip with the new compute stack. | 
ARM template resource definition
The virtualMachines/extensions resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Compute/virtualMachines/extensions resource, add the following JSON to your template.
{
  "type": "Microsoft.Compute/virtualMachines/extensions",
  "apiVersion": "2021-07-01",
  "name": "string",
  "___location": "string",
  "properties": {
    "autoUpgradeMinorVersion": "bool",
    "enableAutomaticUpgrade": "bool",
    "forceUpdateTag": "string",
    "instanceView": {
      "name": "string",
      "statuses": [
        {
          "code": "string",
          "displayStatus": "string",
          "level": "string",
          "message": "string",
          "time": "string"
        }
      ],
      "substatuses": [
        {
          "code": "string",
          "displayStatus": "string",
          "level": "string",
          "message": "string",
          "time": "string"
        }
      ],
      "type": "string",
      "typeHandlerVersion": "string"
    },
    "protectedSettings": {},
    "publisher": "string",
    "settings": {},
    "suppressFailures": "bool",
    "type": "string",
    "typeHandlerVersion": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}
Property Values
Microsoft.Compute/virtualMachines/extensions
| Name | Description | Value | 
|---|---|---|
| apiVersion | The api version | '2021-07-01' | 
| ___location | Resource ___location | string (required) | 
| name | The resource name | string (required) | 
| properties | Describes the properties of a Virtual Machine Extension. | VirtualMachineExtensionProperties | 
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates | 
| type | The resource type | 'Microsoft.Compute/virtualMachines/extensions' | 
InstanceViewStatus
| Name | Description | Value | 
|---|---|---|
| code | The status code. | string | 
| displayStatus | The short localizable label for the status. | string | 
| level | The level code. | 'Error' 'Info' 'Warning' | 
| message | The detailed status message, including for alerts and error messages. | string | 
| time | The time of the status. | string | 
ResourceTags
| Name | Description | Value | 
|---|
VirtualMachineExtensionInstanceView
| Name | Description | Value | 
|---|---|---|
| name | The virtual machine extension name. | string | 
| statuses | The resource status information. | InstanceViewStatus[] | 
| substatuses | The resource status information. | InstanceViewStatus[] | 
| type | Specifies the type of the extension; an example is "CustomScriptExtension". | string | 
| typeHandlerVersion | Specifies the version of the script handler. | string | 
VirtualMachineExtensionProperties
| Name | Description | Value | 
|---|---|---|
| autoUpgradeMinorVersion | Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true. | bool | 
| enableAutomaticUpgrade | Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available. | bool | 
| forceUpdateTag | How the extension handler should be forced to update even if the extension configuration has not changed. | string | 
| instanceView | The virtual machine extension instance view. | VirtualMachineExtensionInstanceView | 
| protectedSettings | The extension can contain either protectedSettings or protectedSettingsFromKeyVault or no protected settings at all. | any | 
| publisher | The name of the extension handler publisher. | string | 
| settings | Json formatted public settings for the extension. | any | 
| suppressFailures | Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false. | bool | 
| type | Specifies the type of the extension; an example is "CustomScriptExtension". | string | 
| typeHandlerVersion | Specifies the version of the script handler. | string | 
Usage Examples
Azure Quickstart Templates
The following Azure Quickstart templates deploy this resource type.
| Template | Description | 
|---|---|
| (++)Ethereum on Ubuntu | This template deploys a (++)Ethereum client on a Ubuntu virtual machines | 
| AKS Cluster with a NAT Gateway and an Application Gateway | This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. | 
| AKS cluster with the Application Gateway Ingress Controller | This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault | 
| Apache Webserver on Ubuntu VM | This template uses the Azure Linux CustomScript extension to deploy an Apache web server. The deployment template creates an Ubuntu VM, installs Apache2 and creates a simple HTML file. Go to ../demo.html to see the deployed page. | 
| Application Security Groups | This template shows how to put together the pieces to secure workloads using NSGs with Application Security Groups. It will deploy a Linux VM running NGINX and through the usage of Applicaton Security Groups on Network Security Groups we will allow access to ports 22 and 80 to a VM assigned to Application Security Group called webServersAsg. | 
| Azure Application Gateway Log Analyzer using GoAccess | This template uses the Azure Linux CustomScript extension to deploy an Azure Application Gateway Log Analyzer using GoAccess. The deployment template creates an Ubuntu VM, installs Application Gateway Log Processor, GoAccess, Apache WebServer and configures it to analyze Azure Application Gateway access logs. | 
| Azure Container Service Engine (acs-engine) - Swarm Mode | The Azure Container Service Engine (acs-engine) generates ARM (Azure Resource Manager) templates for Docker enabled clusters on Microsoft Azure with your choice of DC/OS, Kubernetes, Swarm Mode, or Swarm orchestrators. The input to the tool is a cluster definition. The cluster definition is very similar to (in many cases the same as) the ARM template syntax used to deploy a Microsoft Azure Container Service cluster. | 
| Azure Game Developer Virtual Machine | Azure Game Developer Virtual Machine includes Licencsed Engines like Unreal. | 
| Azure Machine Learning end-to-end secure setup | This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. | 
| Azure Machine Learning end-to-end secure setup (legacy) | This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. | 
| Azure Route Server in BGP peering with Quagga | This template deploys a Router Server and Ubuntu VM with Quagga. Two external BGP sessions are established between the Router Server and Quagga. Installation and configuration of Quagga is executed by Azure custom script extension for linux | 
| Azure Traffic Manager VM example | This template shows how to create an Azure Traffic Manager profile load-balancing across multiple virtual machines. | 
| Azure VM-to-VM bandwidth meter | This template allows you to run VM-to-VM bandwidth test with PsPing utility. | 
| Basic RDS farm deployment | This template creates a basic RDS farm deployment | 
| Bitcore Node and Utilities for Bitcoin on CentOS VM | This template uses the Azure Linux CustomScript extension to deploy a Bitcore Node instance with the complete set of Bitcoin utilities. The deployment template creates a CentOS VM, installs Bitcore and provides a simple bitcored executable. With this template, you will be running a full node on the Bitcoin network as well as a block explorer called Insight. | 
| Blockchain Template | Deploy a VM with Groestlcoin Core installed. | 
| BrowserBox Azure Edition | This template deploys BrowserBox on an Azure Ubuntu Server 22.04 LTS, Debian 11, or RHEL 8.7 LVM VM. | 
| CentOS/UbuntuServer Auto Dynamic Disks & Docker 1.12(cs) | This is a common template for creating single instance CentOS 7.2/7.1/6.5 or Ubuntu Server 16.04.0-LTS with configurable number of data disks (configurable sizes). Maximum 16 disks can be mentioned in the portal parameters and maximum size of each disk should be less than 1023 GB. The MDADM RAID0 Array is automounted and survives restarts. Latest Docker 1.12(cs3) (Swarm), docker-compose 1.9.0 & docker-machine 0.8.2 is available for usage from user azure-cli is auto running as a docker container. This single instance template is an offshoot of the HPC/GPU Clusters Template @ https://github.com/azurebigcompute/BigComputeBench | 
| Chef with JSON parameters on Ubuntu/CentOS | Deploy an Ubuntu/CentOS VM With Chef with JSON parameters | 
| CloudLens with Moloch example | This template shows how to setup network visibility in the Azure public cloud using the CloudLens agent to tap traffic on one vm and forward it to a network packet storing & indexing tool, in this case Moloch. | 
| Concourse CI | Concourse is a CI system composed of simple tools and ideas. It can express entire pipelines, integrating with arbitrary resources, or it can be used to execute one-off tasks, either locally or in another CI system. This template can help to prepare neccessary Azure resources to setup such a CI system, and make the setup more simple. | 
| Connect to a Event Hubs namespace via private endpoint | This sample shows how to use configure a virtual network and private DNS zone to access a Event Hubs namespace via a private endpoint. | 
| Connect to a Key Vault via private endpoint | This sample shows how to use configure a virtual network and private DNS zone to access Key Vault via private endpoint. | 
| Connect to a Service Bus namespace via private endpoint | This sample shows how to use configure a virtual network and private DNS zone to access a Service Bus namespace via private endpoint. | 
| Connect to a storage account from a VM via private endpoint | This sample shows how to use connect a virtual network to access a blob storage account via private endpoint. | 
| Connect to an Azure File Share via a Private Endpoint | This sample shows how to use configure a virtual network and private DNS zone to access an Azure File Share via a private endpoint. | 
| Create a cross-region load balancer | This template creates a cross-region load balancer with a backend pool containing two regional load balancers. Cross-region load balancer is currently available in limited regions. The regional load balancers behind the cross-region load balancer can be in any region. | 
| Create a DevTest environment with P2S VPN and IIS | This template creates a simple DevTest environment with a Point-to-Site VPN and IIS on a Windows server which is a great way to get started. | 
| Create a new AD Domain with 2 DCs using Availability Zones | This template creates 2 VMs in separate Availability Zones to be AD DCs (primary and backup) for a new Forest and Domain | 
| Create a new encrypted windows vm from gallery image | This template creates a new encrypted windows vm using the server 2k12 gallery image. | 
| Create a Private AKS Cluster | This sample shows how to create a private AKS cluster in a virtual network along with a jumpbox virtual machine. | 
| Create a Private AKS Cluster with a Public DNS Zone | This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. | 
| Create a sandbox setup of Azure Firewall with Linux VMs | This template creates a virtual network with 3 subnets (server subnet, jumpbox subet and AzureFirewall subnet), a jumpbox VM with public IP, A server VM, UDR route to point to Azure Firewall for the Server Subnet and an Azure Firewall with 1 or more Public IP addresses, 1 sample application rule, 1 sample network rule and default private ranges | 
| Create a standard load-balancer | This template creates an Internet-facing load-balancer, load balancing rules, and three VMs for the backend pool with each VM in a redundant zone. | 
| Create a VM with multiple NICs and RDP accessible | This template allows you to create a Virtual Machines with multiple (2) network interfaces (NICs), and RDP connectable with a configured load balancer and an inbound NAT rule. More NICs can easily be added with this template. This template also deploys a Storage Account, Virtual Network, Public IP address, and 2 Network Interfaces (front-end and back-end). | 
| Create a Windows VM with Anti-Malware extension enabled | This template creates a Windows VM and sets up the Anti-Malware protection | 
| Create an Azure Application Gateway v2 | This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool | 
| Create an Azure VM with a new AD Forest | This template creates a new Azure VM, it configures the VM to be an AD DC for a new Forest | 
| Create an Azure WAF v2 on Azure Application Gateway | This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool | 
| Create an IPv6 Application Gateway | This template creates an application gateway with an IPv6 frontend in a dual-stack virtual network. | 
| Create an new AD Domain with 2 Domain Controllers | This template creates 2 new VMs to be AD DCs (primary and backup) for a new Forest and Domain | 
| Create an Ubuntu GNOME desktop | This template creates an ubuntu desktop machine. This works great for use as a jumpbox behind a NAT. | 
| Create new encrypted managed disks win-vm from gallery image | This template creates a new encrypted managed disks windows vm using the server 2k12 gallery image. | 
| Create new Ubuntu VM pre-populated with Puppet Agent | This template creates a Ubuntu VM and installs the Puppet Agent into it using the CustomScript extension. | 
| Creates AVD with Microsoft Entra ID Join | This template allows you to create Azure Virtual Desktop resources such as host pool, application group, workspace, a test session host and its extensions with Microsoft Entra ID join | 
| Custom Script extension on a Ubuntu VM | This template creates a Ubuntu VM and installs the CustomScript extension | 
| DDoS attack on a virtual machine | This will deploy a virtual machine, OMS and other network resources. Perform the DDoS attack by following the guidleines and execute the scenario for detection of a DDoS attack. | 
| Deploy a Django app | This template uses the Azure Linux CustomScript extension to deploy an application. This example creates an Ubuntu VM, does a silent install of Python, Django and Apache, then creates a simple Django app | 
| Deploy a Kibana dashboard with Docker | This template allows you to deploy an Ubuntu VM with Docker installed (using the Docker Extension) and Kibana/Elasticsearch containers created and configured to serve an analytic dashboard. | 
| Deploy a LAMP app | This template uses the Azure Linux CustomScript extension to deploy an application. It creates an Ubuntu VM, does a silent install of MySQL, Apache and PHP, then creates a simple PHP script. | 
| Deploy a Linux or Windows VM with MSI | This template allows you to deploy a Linux or Windows VM with a Managed Service Identity. | 
| Deploy a MySQL Server | This template uses the Azure Linux CustomScript extension to deploy a MySQL server. It creates an Ubuntu VM, does a silent install of MySQL server, version:5.6 | 
| Deploy a Nextflow genomics cluster | This template deploys a scalable Nextflow cluster with a Jumpbox, n cluster nodes, docker support and shared storage. | 
| Deploy a PostgreSQL Server on Ubuntu Virtual Machine | This template uses the Azure Linux CustomScript extension to deploy a postgresql server. It creates an Ubuntu VM, does a silent install of MySQL server, version:9.3.5 | 
| Deploy a simple Ubuntu Linux VM 20.04-LTS | This template deploys an Ubuntu Server with a few options for the VM. You can provide the VM Name, OS Version, VM size, and admin username and password. As default the VM size is Standard_D2s_v3 and OS version is 20.04-LTS. | 
| Deploy a simple Windows VM | This template allows you to deploy a simple Windows VM using a few different options for the Windows version, using the latest patched version. This will deploy an A2 size VM in the resource group ___location and return the FQDN of the VM. | 
| Deploy a single-VM WordPress to Azure | This template deploys a complete LAMP stack, then installs and initializes WordPress. Once the deployment is finished, you need to go to http://fqdn.of.your.vm/wordpress/to finish the configuration, create an account, and get started with WordPress. | 
| Deploy a trusted launch capable Linux virtual machine | This template allows you to deploy a trusted launch capable Linux virtual machine using a few different options for the Linux version, using the latest patched version. If you enable Secureboot and vTPM, the Guest Attestation extension will be installed on your VM. This extension will perform remote attestation by the cloud. By default, this will deploy an Standard_D2_v3 size virtual machine in the resource group ___location and return the FQDN of the virtual machine. | 
| Deploy a trusted launch capable Windows virtual machine | This template allows you to deploy a trusted launch capable Windows virtual machine using a few different options for the Windows version, using the latest patched version. If you enable Secureboot and vTPM, the Guest Attestation extension will be installed on your VM. This extension will perform remote attestation by the cloud. By default, this will deploy an Standard_D2_v3 size virtual machine in the resource group ___location and return the FQDN of the virtual machine. | 
| Deploy a Ubuntu VM with the OMS extension | This template allows you to deploy a Ubuntu VM with the OMS extension installed and onboarded to a specified workspace | 
| Deploy a Windows VM with Windows Admin Center extension | This template allows you to deploy a Windows VM with Windows Admin Center extension to manage the VM directly from Azure Portal. | 
| Deploy a WordPress blog with Docker | This template allows you to deploy an Ubuntu VM with Docker installed (using the Docker Extension) and WordPress/MySQL containers created and configured to serve a blog server. | 
| Deploy an Open-Source Parse Server with Docker | This template allows you to deploy an Ubuntu VM with Docker installed (using the Docker Extension) and an Open Source Parse Server container created and configured to replace the (now sunset) Parse service. | 
| Deploy an Openvpn Access Server | This template uses the Azure Linux CustomScript extension to deploy an openvpn access server. It creates an Ubuntu VM, does a silent install of openvpn access server, then make the basic server network settings: define the VPN Server Hostname to be the VM's public ip's DNS name | 
| Deploy an Ubuntu VM with Docker Engine | This template allows you to deploy an Ubuntu VM with Docker (using the Docker Extension). You can later SSH into the VM and run Docker containers. | 
| Deploy CKAN | This template deploys CKAN using Apache Solr (for search) and PostgreSQL (database) on an Ubuntu VM. CKAN, Solr and PostgreSQL are deployed as individual Docker containers on the VM. | 
| Deploy IOMAD cluster on Ubuntu | This template deploys IOMAD as a LAMP application on Ubuntu. It creates a one or more Ubuntu VM for the front end and a single VM for the backend. It does a silent install of Apache and PHP on the front end VM's and MySQL on the backend VM. Then it deploys IOMAD on the cluster. It configures a load balancer for directing requests to the front end VM's. It also configures NAT rules to allow admin access to each of the VM's. It also sets up a moodledata data directory using file storage shared among the VM's. After the deployment is successful, you can go to /iomad on each frontend VM (using web admin access) to start configuring IOMAD. | 
| Deploy IOMAD on Ubuntu on a single VM | This template deploys IOMAD as a LAMP application on Ubuntu. It creates a single Ubuntu VM, does a silent install of MySQL, Apache and PHP on it, and then deploys IOMAD on it. After the deployment is successful, you can go to /iomad to start congfiguring IOMAD. | 
| Deploy Neo4J in Docker and data on external disk | This template allows you to deploy an Ubuntu VM with Docker installed (using the Docker Extension) and a Neo4J container which uses an external disk to store it's data. | 
| Deploy Net Disk against Ubuntu | This template allows deploying seafile server 6.1.1 on Azure Ubuntu VM | 
| Deploy Octopus Deploy 3.0 with a trial license | This template allows you to deploy a single Octopus Deploy 3.0 server with a trial license. This will deploy on a single Windows Server 2012R2 VM (Standard D2) and SQL DB (S1 tier) into the ___location specified for the Resource Group. | 
| Deploy Open edX (lilac version) through tutor | This template creates a single Ubuntu VM, and deploys Open edX through tutor on them. | 
| Deploy Open edX devstack on a single Ubuntu VM | This template creates a single Ubuntu VM and deploys Open edX devstack on it. | 
| Deploy Open edX Dogwood (Multi-VM) | This template creates a network of Ubuntu VMs, and deploys Open edX Dogwood on them. Deployment supports 1-9 application VMs and backend Mongo and MySQL VMs. | 
| Deploy Open edX fullstack (Ficus) on a single Ubuntu VM | This template creates a single Ubuntu VM and deploys Open edX fullstack (Ficus) on it. | 
| Deploy OpenLDAP cluster on Ubuntu | This template deploys an OpenLDAP cluster on Ubuntu. It creates multiple Ubuntu VMs (up to 5, but can be easily increased) and does a silent install of OpenLDAP on them. Then it sets up N-way multi-master replication on them. After the deployment is successful, you can go to /phpldapadmin to start congfiguring OpenLDAP. | 
| Deploy OpenLDAP on Ubuntu on a single VM | This template deploys OpenLDAP on Ubuntu. It creates a single Ubuntu VM and does a silent install of OpenLDAP on it. After the deployment is successful, you can go to /phpldapadmin to start congfiguring OpenLDAP. | 
| Deploy OpenSIS Community Edition cluster on Ubuntu | This template deploys OpenSIS Community Edition as a LAMP application on Ubuntu. It creates a one or more Ubuntu VM for the front end and a single VM for the backend. It does a silent install of Apache and PHP on the front end VM's and MySQL on the backend VM. Then it deploys OpenSIS Community Edition on the cluster. After the deployment is successful, you can go to /opensis-ce on each of the front end VM's (using web admin access) to start congfiguring OpenSIS. | 
| Deploy OpenSIS Community Edition on Ubuntu on a single VM | This template deploys OpenSIS Community Edition as a LAMP application on Ubuntu. It creates a single Ubuntu VM, does a silent install of MySQL, Apache and PHP on it, and then deploys OpenSIS Community Edition. After the deployment is successful, you can go to /opensis-ce to start congfiguting OpenSIS. | 
| Deploy Secure AI Foundry with a managed virtual network | This template creates a secure Azure AI Foundry environment with robust network and identity security restrictions. | 
| Deploy Shibboleth Identity Provider cluster on Ubuntu | This template deploys Shibboleth Identity Provider on Ubuntu in a clustered configuration. After the deployment is successful, you can go to https://your-___domain:8443/idp/profile/Status (note port number) to check success. | 
| Deploy Shibboleth Identity Provider cluster on Windows | This template deploys Shibboleth Identity Provider on Windows in a clustered configuration. After the deployment is successful, you can go to https://your-___domain:8443/idp/profile/status (note port number) to check success. | 
| Deploy Shibboleth Identity Provider on Ubuntu on a single VM | This template deploys Shibboleth Identity Provider on Ubuntu. After the deployment is successful, you can go to https://your-___domain:8443/idp/profile/status (note port number) to check success. | 
| Deploy Shibboleth Identity Provider on Windows (single VM) | This template deploys Shibboleth Identity Provider on Windows. It creates a single Windows VM, installs JDK and Apache Tomcat, deploys Shibboleth Identity Provider, and then configures everything for SSL access to the Shibboleth IDP. After the deployment is successful, you can go to https://your-server:8443/idp/profile/status to check success. | 
| Deploy Solace PubSub+ message broker onto Azure Linux VM(s) | This template allows you to deploy either a standalone Solace PubSub+ message broker or a three node High Availability cluster of Solace PubSub+ message brokers onto Azure Linux VM(s). | 
| Deploy Ubuntu VM with Open JDK and Tomcat | This template allows you to create a Ubuntu VM with OpenJDK and Tomcat. Currently custom script file is pulled temporarily from https link on raw.githubusercontent.com/snallami/templates/master/ubuntu/java-tomcat-install.sh. Once the VM is successfully provisioned, tomcat installation can be verified by accessing the http link [FQDN name or public IP]:8080/ | 
| Deploy Xfce Desktop | This template uses the Azure Linux CustomScript extension to deploy Xfce Desktop on the VM. It creates an Ubuntu VM, does a silent install of Xfce desktop and xrdp | 
| Deploys a 2 node master/slave MySQL replication cluster | This template deploys a 2 node master/slave MySQL replication cluster on CentOS 6.5 or 6.6 | 
| Deploys a 3 node Consul Cluster | This template deploys a 3 node Consul cluster and auto-joins the nodes via Atlas. Consul is a tool for service discovery, distributed key/value store and a bunch of other cool things. Atlas is provided by Hashicorp (makers of Consul) as a way to quickly create Consul clusters without having to manually join each node | 
| Deploys a 3 node Percona XtraDB Cluster | This template deploys a 3 node MySQL high availability cluster on CentOS 6.5 or Ubuntu 12.04 | 
| Deploys a N-node CentOS Cluster | This template deploys a 2-10 node CentOS cluster with 2 networks. | 
| Deploys SQL Server 2014 AG on existing VNET & AD | This template creates three new Azure VMs on an existing VNET: Two VMs are configured as SQL Server 2014 availability group replica nodes and one VM is configured as a File Share Witness for automated cluster failover. In addition to these VMs, the following additional Azure resources are also configured: Internal load balancer, Storage accounts. To configure clustering, SQL Server, and an availability group within each VM, PowerShell DSC is leveraged. For Active Directory support, existing Active Directory ___domain controllers should already be deployed on the existing VNET. | 
| Dev Environment for AZ-400 Labs | VM with VS2017 Community, Docker-desktop, Git and VS Code for AZ-400 (Azure DevOps) Labs | 
| Diagnostics with Event Hub and ELK | This template deploys an Elasticsearch cluster and Kibana and Logstash VMs. Logstash is configured with an input plugin to pull diagnostics data from Event Hub. | 
| Disable data disk encryption on a Linux VM without AAD | This template disables data disk encryption on a running Linux which was encrypted without AAD | 
| Disable encryption on a running Linux VM | This template disables encryption on a running Linux vm | 
| Disable encryption on a running Windows VM | This template disables encryption on a running windows vm | 
| Disable encryption on Windows VM encrypted without AAD | This template disables encryption on a running windows VM which was encrypted without using AAD application | 
| Discover Private IP dynamically | This template allows you to discover a private IP for a NIC dynamically. It passes the private IP of NIC0 to VM1 using custom script extensions which writes it to a file on VM1. | 
| Django App with SQL Databases | This template uses the Azure Linux CustomScript extension to deploy an application. This example creates an Ubuntu VM, does a silent install of Python, Django and Apache, then creates a simple Django app. The template also creates a SQL Database, with a sample table with some sample data which displayed in the web browser using a query | 
| DLWorkspace Deployment | Deploy DLWorkspace cluster on Azure | 
| DNS Forwarder VM | This template shows how to create a DNS server that forwards queries to Azure's internal DNS servers. This is useful for setting up DNS resultion between virtual networks (as described in https://azure.microsoft.com/documentation/articles/virtual-networks-name-resolution-for-vms-and-role-instances/). | 
| Docker Swarm Cluster | This template creates a high-availability Docker Swarm cluster | 
| Dokku Instance | Dokku is a mini-heroku-style PaaS on a single VM. | 
| Drone on Ubuntu VM | This template provisions an instance of Ubuntu 14.04 LTS with the Docker Extension and Drone CI package. | 
| Elasticsearch cluster, Kibana and Logstash for Diagnostics | This template deploys an Elasticsearch cluster and Kibana and Logstash VMs. Logstash is configured with an input plugin to pull diagnostics data from existing Azure Storage Tables. | 
| Enable encryption on a running Linux VM | This template enables encryption on a running linux vm using AAD client secret. | 
| Enable encryption on a running Linux VM without AAD | This template enables encryption on a running Linux VM without needing AAD application details | 
| Enable encryption on a running Windows VM | This template enables encryption on a running windows vm. | 
| Enable encryption on a running Windows VM & AAD | This template enables encryption on a running windows vm using AAD client cert thumbprint. The certificate should have been deployed to the VM earlier | 
| Enable encryption on a running Windows VM without AAD | This template enables encryption on a running windows VM without needing AAD application details | 
| ESET VM Extension | Creates a VM with ESET extension | 
| Existing SQL Server Auto Backup setup | This template setup or update on an existing SQL Server Virtual Machine on Azure with the Auto Backup Configuration | 
| Existing SQL Server Auto Patching setup | This template setup or update on an existing SQL Server Virtual Machine on Azure with the Auto Patching Configuration | 
| Existing SQL Server credentials setup with Azure Key Vault | This template setup or update on an existing SQL Server Virtual Machine on Azure with the credentials secured by Azure Key Vault | 
| FreeBSD PHP based web site | This template will deploy four FreeBSD VMs for PHP based web site | 
| Front Door Premium with VM and Private Link service | This template creates a Front Door Premium and a virtual machine configured as a web server. Front Door uses a private endpoint with Private Link service to send traffic to the VM. | 
| Go Ethereum on Ubuntu | This template deploys a Go Ethereum client along with a genesis block on Ubuntu virtual machines | 
| Go Expanse on Ubuntu | This template deploys a Go Expanse client on Ubuntu virtual machines | 
| GPU Vm with OBS-Studio, Skype, MS-Teams for event streaming | This template creates a GPU Vm with OBS-Studio, Skype, MS-Teams for event streaming. It creates the VM in a new vnet, storage account, nic, and public ip with the new compute stack. All installation process based on Chocolately package manager | 
| Hazelcast Cluster | Hazelcast is an in-memory data platform that can be used for a variety of data applications. This template will deploy any number of Hazelcast nodes and they will automatically discover each other. | 
| High IOPS 32 Data Disk storage pool Standard D14 VM | This template creates a Standard D14 VM with 32 data disks attached. Using DSC they are automatically striped per best practices to get maximum IOPS and formatted into a single volume. | 
| Hyper-V Host Virtual Machine with nested VMs | Deploys a Virtual Machine to by a Hyper-V Host and all dependent resources including virtual network, public IP address and route tables. | 
| IBM Cloud Pak for Data on Azure | This template deploys an Openshift cluster on Azure with all the required resources, infrastructure and then deploys IBM Cloud Pak for Data along with the add-ons that user chooses. | 
| IIS Server using DSC extension on a Windows VM | This template creates a Windows VM and sets up an IIS server using the DSC extension. Note, the DSC configuration module needs a SAS token to be passed in if you are using Azure Storage. For DSC module link from GitHub (default in this template), this is not needed. | 
| IIS VMs & SQL Server 2014 VM | Create 1 or 2 IIS Windows 2012 R2 Web Servers and one back end SQL Server 2014 in VNET. | 
| Install a Minecraft Server on an Ubuntu VM | This template deploys and sets up a customized Minecraft server on an Ubuntu Virtual Machine. | 
| Install Configuration Manager Current Branch in Azure | This template creates new Azure VMs based on which configuration you choose. It configures a new AD ___domain controler, a new hierarchy/standalone bench with SQL Server, a remote site system server with Management Point and Distribution Point and clients. | 
| Install Configuration Manager Tech Preview Lab in Azure | This template creates new Azure VMs. It configures a new AD ___domain controler , a new standalone primary site with SQL Server, a remote site system server with Management Point and Distribution Point and client(options). | 
| Install MongoDB on an Ubuntu VM using Custom Script LinuxExt | This template deploys Mongo DB on an Ubuntu Virtual Machine. This template also deploys a Storage Account, Virtual Network, Public IP addresses and a Network Interface. | 
| Install MongoDB on CentOS with Custom Script Linux Extension | This template deploys Mongo DB on a CentOS Virtual Machine. This template also deploys a Storage Account, Virtual Network, Public IP addresses and a Network Interface. | 
| Install Phabricator on an Ubuntu VM | This template deploys Phabricator on an Ubuntu Virtual Machine. This template also deploys a Storage Account, Virtual Network, Public IP addresses and a Network Interface. | 
| Install Scrapy on Ubuntu using Custom Script Linux Extension | This template deploys Scrapy on an Ubuntu Virtual Machine. The user can upload a spider to start to crawl. This template also deploys a Storage Account, Virtual Network, Public IP addresses and a Network Interface. | 
| Intel Lustre clients using CentOS gallery image | This template creates multiple Intel Lustre 2.7 client virtual machines using Azure gallery OpenLogic CentOS 6.6 or 7.0 images and mounts an existing Intel Lustre filesystem | 
| JBoss EAP on RHEL (clustered, multi-VM) | This template allows you to create multiple RHEL 8.6 VMs running JBoss EAP 7.4 cluster and also deploys a web application called eap-session-replication, you can log into the admin console using the JBoss EAP username and password configured at the time of the deployment. | 
| JBoss EAP on RHEL (stand-alone VM) | This template allows you to create a RHEL 8.6 VM running JBoss EAP 7.4 and also deploys a web application called JBoss-EAP on Azure, you can log into the admin console using the JBoss EAP username and password configured at the time of the deployment. | 
| JBoss EAP server running a test application called dukes | This template allows you to create an Red Hat VM running JBoss EAP 7 and and also deploy a web application called dukes, you can login into the admin console using the user and password configured at the time of the deployment. | 
| Jenkins Cluster with Windows & Linux Worker | 1 Jenkins master with 1 Linux node and 1 windows node | 
| Join a VM to an existing ___domain | This template demonstrates ___domain join to a private AD ___domain up in cloud. | 
| Joins an existing Windows VM to AD Domain | This template allows you to join an already exitsing Windows virtual machine into an existing Active Directory Domain. For this template to work you need an existing virtual machine, an AD Domain and a Domain Controller that has communication with this virtual machine and DNS settings that will allow this virtual machine to resolve the Domain DNS name. | 
| Kubernetes cluster with VMSS Cluster Autoscaler | This template deploys a vanilla kubernetes cluster initialized using kubeadm. It deploys a configured master node with a cluster autoscaler. A pre-configured Virtual Machine Scale Set (VMSS) is also deployed and automatically attached to the cluster. The cluster autoscaler can then automatically scale up/down the cluster depending on the workload of the cluster. | 
| Linux VM with Gnome Desktop RDP VS Code and Azure CLI | This template deploys an Ubuntu Server VM, then uses the Linux CustomScript extension to install the Ubuntu Gnome Desktop and Remote Desktop support (via xrdp). The final provisioned Ubuntu VM support remote connections over RDP. | 
| Linux VM with MSI Accessing Storage | This template deploys a linux VM with a system assigned managed identity that has access to a storage account in a different resource group. | 
| Lustre HPC client and server nodes | This template creates Lustre client and server node VMs and related infrastructure such as VNETs | 
| McAfee Endpoint Security (trial license) on Windows VM | This template creates a Windows VM and sets up a trial version of McAfee Endpoint Security | 
| Memcached service cluster using multiple Ubuntu VMs | This template creates one or more memcached services on Ubuntu 14.04 VMs in a private subnet. It also creates one publicly accessible Apache VM with a PHP test page to confirm that memcached is installed and accessible. | 
| Multi-client VNS3 network appliance | VNS3 is a software only virtual appliance that provides the combined features and functions of a Security Appliance, Application Delivery Controller and Unified Threat Management device at the cloud application edge. Key benefits, On top of cloud networking, Always on end to end encryption, Federate data centres, cloud regions, cloud providers, and/or containers, creating one unified address space, Attestable control over encryption keys, Meshed network manageable at scale, Reliable HA in the Cloud, Isolate sensitive applications (fast low cost Network Segmentation), Segmentation within applications, Analysis of all data in motion in the cloud. Key network functions; virtual router, switch, firewall, vpn concentrator, multicast distributor, with plugins for WAF, NIDS, Caching, Proxy Load Balancers and other Layer 4 thru 7 network functions, VNS3 doesn't require new knowledge or training to implement, so you can integrate with existing network equipment. | 
| Multiple VM Template with Chef Extension | Deploys a specified number of Ubuntu VMs configured with Chef Client | 
| Multiple Windows-VM with custom-script | Multiple Windows VMs with custom-script of choice. | 
| Nagios Core on Ubuntu VMs | This template installs and configures Nagios Core, the industry standard, Open Source IT monitoring system that enables organizations to identify and resolve IT infrastructure problems before they affect critical business processes | 
| Nylas N1 email sync engine on Debian | This template installs and configures Nylas N1 open source sync engine on a Debian VM. | 
| OpenCanvas-LMS | This template deploys OpenCanvas on Ubuntu 16.04 | 
| OpenScholar | This template deploys a OpenScholar to the ubuntu VM 16.04 | 
| Openshift Container Platform 4.3 | Openshift Container Platform 4.3 | 
| OS Patching extension on a Ubuntu VM | This template creates a Ubuntu VM and installs the OSPatching extension | 
| Private Link service example | This template shows how to create a private link service | 
| Provisions a Kafka Cluster on Ubuntu Virtual Machines | This template creates a Kafka cluster on Ubuntu virtual machine image, enables persistence (by default) and applies all well-known optimizations and best practices | 
| Provisions a Spark Cluster on Ubuntu Virtual Machines | This template creates a Spark cluster on Ubuntu virtual machine image, enables persistence (by default) and applies all well-known optimizations and best practices | 
| Public Load Balancer chained to a Gateway Load Balancer | This template allows you to deploy a Public Standard Load Balancer chained to a Gateway Load Balancer. The traffic incoming from internet is routed to the Gateway Load Balancer with linux VMs (NVAs) in the backend pool. | 
| Puppet agent on Windows VM | Deploy a windows VM with Puppet Agent | 
| Push a certificate onto a Windows VM | Push a certificate onto a Windows VM. Create the Key Vault using the template at http://azure.microsoft.com/en-us/documentation/templates/101-create-key-vault | 
| Python Proxy on Ubuntu using Custom Script Linux Extension | This template deploys Python Proxy on an Ubuntu Virtual Machine. This template also deploys a Storage Account, Virtual Network, Public IP addresses and a Network Interface. | 
| RDS farm deployment using existing active directory | This template creates a RDS farm deployment using existing active directory in same resource group | 
| Red Hat Tomcat server for use with Team Services deployments | This template allows you to create an Red Hat VM running Apache2 and Tomcat7 and enabled to support Visual Studio Team Services Apache Tomcat Deployment task, the Copy Files over SSH task, and the FTP Upload task (using ftps) to enable deployment of web applications. | 
| Redundant haproxy with Azure load-balancer and floating IP | This template creates a redundant haproxy setup with 2 Ubuntu VMs configured behind Azure load balancer with floating IP enabled. Each of the Ubuntu VMs run haproxy to load balance requests to other application VMs (running Apache in this case). Keepalived enables redundancy for the haproxy VMs by assigning the floating IP to the MASTER and blocking the load-balancer probe on the BACKUP. This template also deploys a Storage Account, Virtual Network, Public IP address, Network Interfaces. | 
| SAP 2-tier S/4HANA Fully Activated Appliance | This template deploys an SAP S/4HANA Fully Activated Appliance system. | 
| SAP LaMa template for SAP NetWeaver application server | This template deploys a virtual machine and installs the required applications to use this virtual machine for SAP LaMa. The template also creates the required disk layout. For more information about managing Azure virtual machines with SAP LaMa, see /azure/virtual-machines/workloads/sap/lama-installation. | 
| SAP LaMa template for SAP NetWeaver ASCS | This template deploys a virtual machine and installs the required applications to use this virtual machine for SAP LaMa. The template also creates the required disk layout. For more information about managing Azure virtual machines with SAP LaMa, see /azure/virtual-machines/workloads/sap/lama-installation. | 
| SAP LaMa template for SAP NetWeaver database server | This template deploys a virtual machine and installs the required applications to use this virtual machine for SAP LaMa. The template also creates the required disk layout. For more information about managing Azure virtual machines with SAP LaMa, see /azure/virtual-machines/workloads/sap/lama-installation. | 
| SAP NetWeaver 2-tier (managed disk) | This template allows you to deploy a VM using a operating system that is supported by SAP and Managed Disks. | 
| SAP NetWeaver 3-tier (managed disk) | This template allows you to deploy a VM using a operating system that is supported by SAP and Managed Disks. | 
| SAP NetWeaver 3-tier multi SID AS (managed disks) | This template allows you to deploy a VM using a operating system that is supported by SAP. | 
| SAP NetWeaver 3-tier multi SID DB (managed disks) | This template allows you to deploy a VM using a operating system that is supported by SAP. | 
| SAP NetWeaver file server (managed disk) | This template allows you to deploy a file server that can be used as shared storage for SAP NetWeaver. | 
| SAP NW 2-tier compatible Marketplace image | This template allows you to deploy a VM using a operating system that is supported by SAP. | 
| Secure Ubuntu by Trailbot | This template provides a Ubuntu VM which comes with a special demon called Trailbot Watcher that monitors system files and logs, triggers Smart Policies upon modification and generates a blockchain-anchored, immutable audit trail of everything happening to them. | 
| Self-host Integration Runtime on Azure VMs | This template creates a selfhost integration runtime and registers it on Azure virtual machines | 
| Spin up a Torque cluster | Template spins up a Torque cluster. | 
| SQL Server 2014 SP1 Enterprise all SQL VM features enabled | This template will create a SQL Server 2014 SP1 Enterprise edition with Auto Patching, Auto Backup and Azure Key Vault Integration features enabled. | 
| SQL Server 2014 SP1 Enterprise with Auto Patching | This template will create a SQL Server 2014 SP1 Enterprise edition with Auto Patching feature enabled. | 
| SQL Server 2014 SP1 Enterprise with Azure Key Vault | This template will create a SQL Server 2014 SP1 Enterprise edition with Azure Key Vault Integration feature enabled. | 
| SQL Server 2014 SP2 Enterprise with Auto Backup | This template will create a SQL Server 2014 SP2 Enterprise edition with Auto Backup feature enabled | 
| SQL Server VM with performance optimized storage settings | Create a SQL Server Virtual Machine with performance optimized storage settings on PremiumSSD | 
| Standalone Ethereum Studio | This template deploys a docker with standalone version of Ethereum Studio on Ubuntu. | 
| Standard Load Balancer with Backend Pool by IP Addresses | This template is used to demonstrate how ARM Templates can be used to configure the Backend Pool of a Load Balancer by IP Address as outlined in the Backend Pool management document. | 
| Symantec Endpoint Protection extension trial on Windows VM | This template creates a Windows VM and sets up a trial version of Symantec Endpoint Protection | 
| Terraform on Azure | This template allows you to deploy a Terraform workstation as a Linux VM with MSI. | 
| Testing environment for Azure Firewall Premium | This template creates an Azure Firewall Premium and Firewall Policy with premium features such as Intrusion Inspection Detection (IDPS), TLS inspection and Web Category filtering | 
| TFS Basic Domain Deployment | This template creates a self-contained single VM TFS deployment, including TFS, SQL Express, and a Domain Controller. It is meant to be used to evaluate TFS in Azure, not as a production deployment. | 
| TFS Workgroup Deployment | This template creates a self-contained single VM TFS workgroup deployment, including TFS and SQL Express. It is meant to be used to evaluate TFS in Azure, not as a production deployment. | 
| Ubuntu full cross-platform dev box with Team Services agent | This template allows you to create an Ubuntu VM with a full set of cross-platform SDKs and Visual Studio Team Services Linux build agent. Once the VM is successfully provisioned, Team Services build agent installation can be verified by looking under your Team Services account settings under Agent pools. Languages/Tools supported: OpenJDK Java 7 and 8; Ant, Maven and Gradle; npm and nodeJS; groovy and gulp; Gnu C and C++ along with make; Perl, Python, Ruby and Ruby on Rails; .NET; and go | 
| Ubuntu Mate Desktop VM with VS Code | This template allows you to deploy a simple Linux VM using a few different options for the Ubuntu version, using the latest patched version. This will deploy a A1 size VM in the resource group ___location and return the FQDN of the VM. | 
| Ubuntu Tomcat server for use with Team Services deployments | This template allows you to create an Ubuntu VM running Apache2 and Tomcat7 and enabled to support Visual Studio Team Services Apache Tomcat Deployment task, the Copy Files over SSH task, and the FTP Upload task (using ftps) to enable deployment of web applications. | 
| Ubuntu VM with OpenJDK 7/8, Maven and Team Services agent | This template allows you to create an Ubuntu VM software build machine with OpenJDK 7 and 8, Maven (and thus Ant) and Visual Studio Team Services Linux build agent. Once the VM is successfully provisioned, Team Services build agent installation can be verified by looking under your Team Services account settings under Agent pools | 
| Update RDS certificates template | This template configures certificates in RDS deployment | 
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology | This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. | 
| Use script extensions to install Mongo DB on Ubuntu VM | This template deploys Configures and Installs Mongo DB on a Ubuntu Virtual Machine in two separate scripts. This template is a good example that showcases how to express dependencies between two scripts running on the same virtual machine. This template also deploys a Storage Account, Virtual Network, Public IP addresses and a Network Interface. | 
| Vert.x, OpenJDK, Apache, and MySQL Server on Ubuntu VM | This template uses the Azure Linux CustomScript extension to deploy Vert.x, OpenJDK, Apache, and MySQL Server on Ubuntu 14.04 LTS. | 
| Virtual machine with an RDP port | Creates a virtual machine and creates a NAT rule for RDP to the VM in load balancer | 
| Virtual Machine with Conditional Resources | This template allows deploying a linux VM using new or existing resources for the Virtual Network, Storage and Public IP Address. It also allows for choosing between SSH and Password authenticate. The templates uses conditions and logic functions to remove the need for nested deployments. | 
| Virus attack on Virtual Machines Scenario | This will deploy 2 virtual machines, OMS and other network resources. One virtual machine without endpoint protection and other with enpoint protection installed. Perform the virus attack by following the guidlines and execute the scenario for mitigation and prevention of a virus attack. | 
| Visual Studio 2019 CE with Docker Desktop | Container Development with Visual Studio 2019 CE with Docker Desktop | 
| VM bootstorm workload template | This template creates requested number of VMs and boot them simultaneously to calculate average VM boot time | 
| VM Using Managed Identity for Artifact Download | This template shows how to use a managed identity to download artifacts for the virtual machine's custom script extension. | 
| VMAccess extension on a Ubuntu VM | This template creates a Ubuntu VM and installs the VMAccess extension | 
| VMs in Availability Zones with a Load Balancer and NAT | This template allows you to create Virtual Machines distributed across Availability Zones with a Load Balancer and configure NAT rules through the load balancer. This template also deploys a Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines | 
| VNS3 network appliance for cloud connectivity and security | VNS3 is a software only virtual appliance that provides the combined features and functions of a security appliance, application delivery controller and unified threat management device at the cloud application edge. Key benefits, on top of cloud networking, always on end to end encryption, federate data centres, cloud regions, cloud providers, and/or containers, creating one unified address space, attestable control over encryption keys, meshed network manageable at scale, reliable HA in the cloud, isolate sensitive applications (fast low cost Network Segmentation), segmentation within applications, Analysis of all data in motion in the cloud. Key network functions; virtual router, switch, firewall, vpn concentrator, multicast distributor, with plugins for WAF, NIDS, caching, proxy, load balancers and other layer 4 thru 7 network functions, VNS3 doesn't require new knowledge or training to implement, so you can integrate with existing network equipment. | 
| WildFly 18 on CentOS 8 (stand-alone VM) | This template allows you to create a CentOS 8 VM running WildFly 18.0.1.Final and also deploy a web application called JBoss-EAP on Azure, you can login into the Admin Console using the Wildfly username and password configured at the time of the deployment. | 
| Windows Docker Host with Portainer and Traefik pre-installed | Windows Docker Host with Portainer and Traefik pre-installed | 
| Windows Server VM with SSH | Deploy a single Windows VM with Open SSH enabled so that you can connect through SSH using key-based authentication. | 
| Windows VM with Azure secure baseline | The template creates a virtual machine running Windows Server in a new virtual network, with a public IP address. Once the machine has deployed, the guest configuration extension is installed and the Azure secure baseline for Windows Server is applied. If the configuration of the machines drifts, you can re-apply the settings by deploying the template again. | 
| Windows VM with O365 Pre-installed | This template creates a Windows based VM. It creates the VM in a new vnet, storage account, nic, and public ip with the new compute stack. | 
| Zookeeper cluster on Ubuntu VMs | This template creates a 'n' node Zookeper cluster on Ubuntu VMs. Use the scaleNumber parameter to specify the number of nodes in this cluster | 
Terraform (AzAPI provider) resource definition
The virtualMachines/extensions resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Compute/virtualMachines/extensions resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Compute/virtualMachines/extensions@2021-07-01"
  name = "string"
  parent_id = "string"
  ___location = "string"
  tags = {
    {customized property} = "string"
  }
  body = {
    properties = {
      autoUpgradeMinorVersion = bool
      enableAutomaticUpgrade = bool
      forceUpdateTag = "string"
      instanceView = {
        name = "string"
        statuses = [
          {
            code = "string"
            displayStatus = "string"
            level = "string"
            message = "string"
            time = "string"
          }
        ]
        substatuses = [
          {
            code = "string"
            displayStatus = "string"
            level = "string"
            message = "string"
            time = "string"
          }
        ]
        type = "string"
        typeHandlerVersion = "string"
      }
      protectedSettings = ?
      publisher = "string"
      settings = ?
      suppressFailures = bool
      type = "string"
      typeHandlerVersion = "string"
    }
  }
}
Property Values
Microsoft.Compute/virtualMachines/extensions
| Name | Description | Value | 
|---|---|---|
| ___location | Resource ___location | string (required) | 
| name | The resource name | string (required) | 
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: virtualMachines | 
| properties | Describes the properties of a Virtual Machine Extension. | VirtualMachineExtensionProperties | 
| tags | Resource tags | Dictionary of tag names and values. | 
| type | The resource type | "Microsoft.Compute/virtualMachines/extensions@2021-07-01" | 
InstanceViewStatus
| Name | Description | Value | 
|---|---|---|
| code | The status code. | string | 
| displayStatus | The short localizable label for the status. | string | 
| level | The level code. | 'Error' 'Info' 'Warning' | 
| message | The detailed status message, including for alerts and error messages. | string | 
| time | The time of the status. | string | 
ResourceTags
| Name | Description | Value | 
|---|
VirtualMachineExtensionInstanceView
| Name | Description | Value | 
|---|---|---|
| name | The virtual machine extension name. | string | 
| statuses | The resource status information. | InstanceViewStatus[] | 
| substatuses | The resource status information. | InstanceViewStatus[] | 
| type | Specifies the type of the extension; an example is "CustomScriptExtension". | string | 
| typeHandlerVersion | Specifies the version of the script handler. | string | 
VirtualMachineExtensionProperties
| Name | Description | Value | 
|---|---|---|
| autoUpgradeMinorVersion | Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true. | bool | 
| enableAutomaticUpgrade | Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available. | bool | 
| forceUpdateTag | How the extension handler should be forced to update even if the extension configuration has not changed. | string | 
| instanceView | The virtual machine extension instance view. | VirtualMachineExtensionInstanceView | 
| protectedSettings | The extension can contain either protectedSettings or protectedSettingsFromKeyVault or no protected settings at all. | any | 
| publisher | The name of the extension handler publisher. | string | 
| settings | Json formatted public settings for the extension. | any | 
| suppressFailures | Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false. | bool | 
| type | Specifies the type of the extension; an example is "CustomScriptExtension". | string | 
| typeHandlerVersion | Specifies the version of the script handler. | string | 
Usage Examples
Terraform Samples
A basic example of deploying Virtual Machine Extension to provide post deployment.
terraform {
  required_providers {
    azapi = {
      source = "Azure/azapi"
    }
  }
}
provider "azapi" {
  skip_provider_registration = false
}
variable "resource_name" {
  type    = string
  default = "acctest0001"
}
variable "___location" {
  type    = string
  default = "westeurope"
}
variable "vm_admin_password" {
  type        = string
  description = "The administrator password for the virtual machine"
  sensitive   = true
}
resource "azapi_resource" "resourceGroup" {
  type     = "Microsoft.Resources/resourceGroups@2020-06-01"
  name     = var.resource_name
  ___location = var.___location
}
resource "azapi_resource" "virtualNetwork" {
  type      = "Microsoft.Network/virtualNetworks@2022-07-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  ___location  = var.___location
  body = {
    properties = {
      addressSpace = {
        addressPrefixes = [
          "10.0.0.0/16",
        ]
      }
      dhcpOptions = {
        dnsServers = [
        ]
      }
      subnets = [
      ]
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
  lifecycle {
    ignore_changes = [body.properties.subnets]
  }
}
resource "azapi_resource" "subnet" {
  type      = "Microsoft.Network/virtualNetworks/subnets@2022-07-01"
  parent_id = azapi_resource.virtualNetwork.id
  name      = var.resource_name
  body = {
    properties = {
      addressPrefix = "10.0.2.0/24"
      delegations = [
      ]
      privateEndpointNetworkPolicies    = "Enabled"
      privateLinkServiceNetworkPolicies = "Enabled"
      serviceEndpointPolicies = [
      ]
      serviceEndpoints = [
      ]
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}
resource "azapi_resource" "networkInterface" {
  type      = "Microsoft.Network/networkInterfaces@2022-07-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  ___location  = var.___location
  body = {
    properties = {
      enableAcceleratedNetworking = false
      enableIPForwarding          = false
      ipConfigurations = [
        {
          name = "testconfiguration1"
          properties = {
            primary                   = true
            privateIPAddressVersion   = "IPv4"
            privateIPAllocationMethod = "Dynamic"
            subnet = {
              id = azapi_resource.subnet.id
            }
          }
        },
      ]
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}
resource "azapi_resource" "virtualMachine" {
  type      = "Microsoft.Compute/virtualMachines@2023-03-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  ___location  = var.___location
  body = {
    properties = {
      hardwareProfile = {
        vmSize = "Standard_F2"
      }
      networkProfile = {
        networkInterfaces = [
          {
            id = azapi_resource.networkInterface.id
            properties = {
              primary = false
            }
          },
        ]
      }
      osProfile = {
        adminPassword = var.vm_admin_password
        adminUsername = "testadmin"
        computerName  = "hostname230630032848831819"
        linuxConfiguration = {
          disablePasswordAuthentication = false
        }
      }
      storageProfile = {
        imageReference = {
          offer     = "UbuntuServer"
          publisher = "Canonical"
          sku       = "16.04-LTS"
          version   = "latest"
        }
        osDisk = {
          caching                 = "ReadWrite"
          createOption            = "FromImage"
          name                    = "myosdisk1"
          writeAcceleratorEnabled = false
        }
      }
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}
resource "azapi_resource" "extension" {
  type      = "Microsoft.Compute/virtualMachines/extensions@2023-03-01"
  parent_id = azapi_resource.virtualMachine.id
  name      = var.resource_name
  ___location  = var.___location
  body = {
    properties = {
      autoUpgradeMinorVersion = false
      enableAutomaticUpgrade  = false
      publisher               = "Microsoft.Azure.Extensions"
      settings = {
        commandToExecute = "hostname"
      }
      suppressFailures   = false
      type               = "CustomScript"
      typeHandlerVersion = "2.0"
    }
    tags = {
      environment = "Production"
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}