Azure ARM - SSH public key error during incremental redeployment

Question

Title is not super clear, but basically, I'm getting the Changing property 'linuxConfiguration.ssh.publicKeys' is not allowed when redeploying an ARM template in incremental mode.

The admin user has changed the SSH key in ~/.ssh/authorized_keys since the initial deployment, which makes sense. So I went in the file, reset it to the same public key that is in the ARM template, re-ran the whole thing: Still failed.

Tried to reset the value using Azure Portal, did both a Reset SSH public key and Reset configuration only, and the template still fails.

I'm literally copying the SSH key, as it is declared in the ARM template's parameters, and applying it to the same user, and it still fails. Is there something I'm missing, or as soon as the file is changed in any way whatsoever the template becomes basically useless without a full redeployment in Complete mode ?

Thanks!

Answer 1

As the error displayed, directly change the property 'osProfile' is not allowed. That means your VM is already created but you try to update it with a different publicKey(even you copy the same content of authorized_keys file), which is not supported with the ARM template. You may have a look at this1 and this2.

If you want to update the ssh public key, you can use this az cli commands:

az vm extension set -n VMAccessForLinux --publisher Microsoft.OSTCExtensions --version 1.4 \
    --vm-name MyVm --resource-group MyResourceGroup \
    --protected-settings '{"username":"user1", "ssh_key":"ssh_rsa ..."}'