CODEWITHSUNDEEP
azuressh
Roberto G.
Roberto G.

Reputation: 171

Azure ARM template - ssh public and private key

I am trying to create an azure ARM template that will spin up a multi VM cluster.

I can provide a SSH public key for all the machines but I would like that one machine, the master, can access trough a SSH private key to other machines.

How can I provide to the master machine the private key at template time? Is there a specific way to do that?

Thanks Rob

Upvotes: 1

Views: 4491

Answers (1)

4c74356b41
4c74356b41

Reputation: 72181

Yes, you should be using Azure Key Vault for that. You can provide secure parameter to a VM at deployment time, like so:

"osProfile": {
  "computerName": "[parameters('vmName')]",
  "adminUsername": "[parameters('adminUsername')]",
  "adminPassword": "[parameters('adminPassword')]",
  "secrets": [
    {
      "sourceVault": {
        "id": "[resourceId(parameters('vaultResourceGroup'), 'Microsoft.KeyVault/vaults', parameters('vaultName'))]"
      },
      "vaultCertificates": [
        {
          "certificateUrl": "[parameters('certificateUrl')]",
          "certificateStore": "My"
        }
      ]
    }
  ],

but for Linux you should use something like this:

"osProfile": {
                "linuxOperatingSystemProfile": {
                  "username": "[parameters('sshUserName')]",
                  "sshProfile": {
                    "publicKeys": [
                      {
                        "certificateData": "[parameters('sshPublicKey')]"
                      }
                    ]
                  }
                }
              }

but, obviously substitute certificateData with ssh key in your key vault.

Upvotes: 3

Related Questions