github
/
azure-quickstart-templates
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Added windows vm push certificate template

This commit is contained in:
Kay 2015-04-27 18:36:02 -07:00
Родитель 095c4f7102
Коммит 4bb8445453
4 изменённых файлов: 361 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

46
windows-vm-push-certificate/README.md Normal file
Просмотреть файл

@ -0,0 +1,46 @@
# Push a certificate onto a VM
<a href="https://azuredeploy.net" target="_blank">
<img src="http://azuredeploy.net/deploybutton.png"/>
</a>
Push a certificate onto a VM. Pass in the URL of the secret in KeyVault.
Pre-Requisistes - You need a certificate
These are the steps that need to be followed to upload the certificate into the KeyVault as a secret
1. base64 encode the cert file
2. Paste the base64 value into data field in this JSON object
{
“data”:”<Base64-encoded-file>”,
“dataType” :”<file-format: pfx or cer>”,
“password”:”<pfx-file-password>
}
3. base64 the above JSON object
4. Convert the base64 value into a secure string
$secret = ConvertTo-SecureString -String 'password' -AsPlainText –Force
5. Then use the secure string value for the SecretValue in this cmdlet
Set-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'ITSecret' –SecretValue $secret
The following PowerShell script can make these steps easy
$fileName = "C:\Users\kasing\Desktop\KayTest.pfx"
$fileContentBytes = get-content $fileName -Encoding Byte
$fileContentEncoded = [System.Convert]::ToBase64String($fileContentBytes)
$jsonObject = @"
{
"data": "$filecontentencoded",
"dataType" :"pfx",
"password": "<fill-in>"
}
"@
$jsonObjectBytes = [System.Text.Encoding]::UTF8.GetBytes($jsonObject)
$jsonEncoded = [System.Convert]::ToBase64String($jsonObjectBytes)
$secret = ConvertTo-SecureString -String $jsonEncoded -AsPlainText –Force
Set-AzureKeyVaultSecret -VaultName kayvault -Name testkay -SecretValue $secret

263
windows-vm-push-certificate/azuredeploy.json Normal file
Просмотреть файл

@ -0,0 +1,263 @@
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"allowedValues": [
"West US",
"East US",
"West Europe",
"East Asia",
"Southeast Asia"
],
"metadata": {
"description": "Location where resources will be deployed"
}
},
"newStorageAccountName": {
"type": "string",
"metadata": {
"description": "Name of the storage account"
}
},
"storageAccountType": {
"type": "string",
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Type of the storage account"
}
},
"publicIPName": {
"type": "string",
"metadata": {
"description": "Name of Public IP"
}
},
"publicIPAddressType": {
"type": "string",
"defaultValue": "Dynamic",
"allowedValues": [
"Dynamic"
],
"metadata": {
"description": "Type of Public IP"
}
},
"vmStorageAccountContainerName": {
"type": "string",
"defaultValue": "vhds",
"metadata": {
"description": "name of Storage Account container for the VHDs"
}
},
"vmName": {
"type": "string",
"metadata": {
"description": "Name of the VM"
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_A2",
"metadata": {
"description": "Size of the VM"
}
},
"imagePublisher": {
"type": "string",
"defaultValue": "MicrosoftWindowsServer",
"metadata": {
"description": "Image Publisher"
}
},
"imageOffer": {
"type": "string",
"defaultValue": "WindowsServer",
"metadata": {
"description": "Image Offer"
}
},
"imageSKU": {
"type": "string",
"defaultValue": "2012-R2-Datacenter",
"metadata": {
"description": "Image SKU"
}
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Admin Username"
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Admin Password"
}
},
"virtualNetworkName": {
"type": "string",
"metadata": {
"description": "TName of Virtual Network"
}
},
"addressPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16",
"metadata": {
"description": "VNET address prefix in CIDR format"
}
},
"subnet1Name": {
"type": "string",
"defaultValue": "Subnet-1",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet1Prefix": {
"type": "string",
"defaultValue": "10.0.0.0/24",
"metadata": {
"description": "Subnet 1 address prefix in CIDR format"
}
},
"nicName": {
"type": "string",
"metadata": {
"description": "Network Interface name"
}
},
"vaultName": {
"type": "string",
"metadata": {
"description": "Name of Key Vault that has a secret"
}
},
"vaultResourceGroup": {
"type": "string",
"metadata": {
"description": "Resource Group of Key Vault that has a secret"
}
},
"secretUrlWithVersion": {
"type": "string",
"metadata": {
"description": "Url of the certificate in Key Vault"
}
}
},
"variables": {
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',parameters('virtualNetworkName'))]",
"subnet1Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet1Name'))]"
},
"resources": [{
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('newStorageAccountName')]",
"apiVersion": "2015-05-01-preview",
"location": "[parameters('location')]",
"properties": {
"accountType": "[parameters('storageAccountType')]"
}
}, {
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[parameters('publicIPName')]",
"location": "[parameters('location')]",
"properties": {
"publicIPAllocationMethod": "[parameters('publicIPAddressType')]"
}
}, {
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('virtualNetworkName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('addressPrefix')]"
]
},
"subnets": [{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
}]
}
}, {
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/networkInterfaces",
"name": "[parameters('nicName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', parameters('publicIPName'))]",
"[concat('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]"
],
"properties": {
"ipConfigurations": [{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',parameters('publicIPName'))]"
},
"subnet": {
"id": "[variables('subnet1Ref')]"
}
}
}]
}
}, {
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('newStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', parameters('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computername": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]",
"secrets": [{
"sourceVault": {
"id": "[resourceId('vaultrg', 'Microsoft.KeyVault/vaults', 'kayvault')]"
},
"vaultCertificates": [{
"certificateUrl": "[parameters('secretUrlWithVersion')]",
"certificateStore": "My"
}]
}],
},
"storageProfile": {
"imageReference": {
"publisher": "[parameters('imagePublisher')]",
"offer": "[parameters('imageOffer')]",
"sku" : "[parameters('imageSKU')]",
"version":"latest"
},
"osDisk" : {
"name": "osdisk",
"vhd": {
"uri": "[concat('http://',parameters('newStorageAccountName'),'.blob.core.windows.net/vhds/','osdisk.vhd')]"
},
"caching": "ReadWrite",
"createOption": "FromImage"
}
},
"networkProfile": {
"networkInterfaces": [{
"id": "[resourceId('Microsoft.Network/networkInterfaces',parameters('nicName'))]"
}]
}
}
}]
}

45
windows-vm-push-certificate/azuredeploy.parameters.json Normal file
Просмотреть файл

@ -0,0 +1,45 @@
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"newStorageAccountName": {
"value": ""
},
"location": {
"value": "East US"
},
"publicIPName": {
"value": ""
},
"publicIPAddressType": {
"value": "Dynamic"
},
"vmName": {
"value": ""
},
"vmSize": {
"value": "Standard_A2"
},
"adminUserName": {
"value": ""
},
"adminPassword": {
"value": ""
},
"virtualNetworkName": {
"value": ""
},
"nicName": {
"value": ""
},
"vaultName": {
"value": ""
},
"vaultResourceGroup": {
"value": ""
},
"secretUrlWithVersion": {
"value": ""
}
}
}

7
windows-vm-push-certificate/metadata.json Normal file
Просмотреть файл

@ -0,0 +1,7 @@
{
"itemDisplayName": "Push a certificate onto a Windows VM",
"description": "Push a certificate onto a Windows VM",
"summary": "Push a certificate onto a Windows VM",
"githubUsername": "singhkay",
"dateUpdated": "2015-04-27"
}