From 3a3268810a914fe59e56748c7d9ad88f6826a45d Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Mon, 3 Jul 2023 12:32:08 -0700 Subject: [PATCH 1/8] tdx and uefi updates --- .../GalleryImageVersion_Create_WithVHD.json | 16 +- ...geVersion_Create_WithVHD_UefiSettings.json | 404 ++++++++++++++++++ ...lleryImageVersion_Get_WithVhdAsSource.json | 4 +- .../GalleryRP/stable/2022-08-03/gallery.json | 110 ++++- 4 files changed, 522 insertions(+), 12 deletions(-) create mode 100644 specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json index 12bb0b721ae1..dd2a8ee2f725 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json @@ -38,7 +38,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -46,7 +46,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, @@ -98,7 +98,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -106,7 +106,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, @@ -167,7 +167,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -175,7 +175,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, @@ -236,7 +236,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -244,7 +244,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json new file mode 100644 index 000000000000..926cb3800eef --- /dev/null +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json @@ -0,0 +1,404 @@ +{ + "parameters": { + "subscriptionId": "{subscription-id}", + "resourceGroupName": "myResourceGroup", + "api-version": "2022-08-03", + "galleryName": "myGalleryName", + "galleryImageName": "myGalleryImageName", + "galleryImageVersionName": "1.0.0", + "galleryImageVersion": { + "location": "West US", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet", + "lun": 1 + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ] + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "KEK": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "DB": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "DBX": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "KEK": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "DB": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "DBX": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + }, + "provisioningState": "Updating" + }, + "location": "West US", + "name": "1.0.0" + } + }, + "201": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "KEK": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "DB": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "DBX": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + }, + "provisioningState": "Creating" + }, + "location": "West US", + "name": "1.0.0" + } + }, + "202": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "KEK": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "DB": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "DBX": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + }, + "provisioningState": "Updating" + }, + "location": "West US", + "name": "1.0.0" + } + } + } + } \ No newline at end of file diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json index ae244872cb13..89c98c53469c 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json @@ -45,7 +45,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -53,7 +53,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index 45bc18f24be5..296fb65827f6 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -627,6 +627,9 @@ }, "Create or update a simple gallery image version with target extended locations specified.": { "$ref": "./examples/galleryExamples/GalleryImageVersion_Create_WithTargetExtendedLocations.json" + }, + "Create or update a simple Gallery Image Version using vhd as a source with custom UEFI keys.": { + "$ref": "./examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json" } } }, @@ -742,7 +745,8 @@ "type": "string", "description": "The expand expression to apply on the operation.", "enum": [ - "ReplicationStatus" + "ReplicationStatus", + "UefiSettings" ], "x-ms-enum": { "name": "ReplicationStatusTypes", @@ -2424,6 +2428,9 @@ "safetyProfile": { "$ref": "#/definitions/GalleryImageVersionSafetyProfile" }, + "securityProfile": { + "$ref": "#/definitions/ImageVersionSecurityProfile" + }, "replicationStatus": { "readOnly": true, "$ref": "#/definitions/ReplicationStatus" @@ -2643,7 +2650,8 @@ "enum": [ "EncryptedVMGuestStateOnlyWithPmk", "EncryptedWithPmk", - "EncryptedWithCmk" + "EncryptedWithCmk", + "NonPersistedVMGuestState" ], "x-ms-enum": { "name": "ConfidentialVMEncryptionType", @@ -2891,6 +2899,15 @@ }, "description": "A policy violation reported against a gallery artifact." }, + "ImageVersionSecurityProfile": { + "type": "object", + "description": "The security profile of a gallery image version", + "properties": { + "uefiSettings": { + "$ref": "#/definitions/GalleryImageVersionUefiSettings" + } + } + }, "ReplicationStatus": { "properties": { "aggregatedState": { @@ -3146,6 +3163,95 @@ } } }, + "GalleryImageVersionUefiSettings": { + "type": "object", + "description": "", + "properties": { + "signatureTemplateNames": { + "type": "array", + "description": "The name of the template(s) that contains default UEFI key signatures that will be added to the image.", + "items": { + "$ref": "#/definitions/UefiSignatureTemplateName" + }, + "x-ms-identifiers": [] + }, + "additionalSignatures": { + "$ref": "#/definitions/uefiKeySignatures" + } + } + }, + "UefiSignatureTemplateName": { + "type": "string", + "description": "The name of the signature template that contains default UEFI keys.", + "enum": [ + "NoSignatureTemplate", + "MicrosoftUefiCertificateAuthorityTemplate", + "MicrosoftWindowsTemplate" + ], + "x-ms-enum": { + "name": "UefiSignatureTemplateName", + "modelAsString": true + } + }, + "uefiKeySignatures": { + "type": "object", + "description": "Additional UEFI key signatures that will be added to the image in addition to the signature templates", + "properties": { + "pk": { + "$ref": "#/definitions/uefiKey" + }, + "kek": { + "type": "array", + "description": "The Key Encryption Keys of this image version.", + "items": { + "$ref": "#/definitions/uefiKey" + }, + "x-ms-identifiers": [] + }, + "db": { + "type": "array", + "description": "The database of UEFI keys for this image version.", + "items": { + "$ref": "#/definitions/uefiKey" + }, + "x-ms-identifiers": [] + }, + "dbx": { + "type": "array", + "description": "The database of revoked UEFI keys for this image version.", + "items": { + "$ref": "#/definitions/uefiKey" + }, + "x-ms-identifiers": [] + } + } + }, + "uefiKey": { + "type": "object", + "description": "A UEFI key signature.", + "properties": { + "type": { + "type": "string", + "description": "The type of key signature.", + "enum": [ + "sha256", + "x509" + ], + "x-ms-enum": { + "name": "UefiKeyType", + "modelAsString": true + } + }, + "value": { + "type": "array", + "description": "The value of the key signature.", + "items": { + "type": "string" + }, + "x-ms-identifiers": [] + } + } + }, "parameters": { "ResourceGroupNameParameter": { "name": "resourceGroupName", From acdebac91896dd01c533dcd6764329591221a8c8 Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Mon, 3 Jul 2023 12:41:41 -0700 Subject: [PATCH 2/8] attempt to fix checks --- ...geVersion_Create_WithVHD_UefiSettings.json | 594 +++++++++--------- .../GalleryRP/stable/2022-08-03/gallery.json | 162 ++--- 2 files changed, 378 insertions(+), 378 deletions(-) diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json index 926cb3800eef..4d89f67874b4 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json @@ -1,27 +1,117 @@ { - "parameters": { - "subscriptionId": "{subscription-id}", - "resourceGroupName": "myResourceGroup", - "api-version": "2022-08-03", - "galleryName": "myGalleryName", - "galleryImageName": "myGalleryImageName", - "galleryImageVersionName": "1.0.0", - "galleryImageVersion": { - "location": "West US", + "parameters": { + "subscriptionId": "{subscription-id}", + "resourceGroupName": "myResourceGroup", + "api-version": "2022-08-03", + "galleryName": "myGalleryName", + "galleryImageName": "myGalleryImageName", + "galleryImageVersionName": "1.0.0", + "galleryImageVersion": { + "location": "West US", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet", + "lun": 1 + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ] + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "KEK": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "DB": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "DBX": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", "properties": { "publishingProfile": { "targetRegions": [ { "name": "West US", "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", "encryption": { "osDiskImage": { "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" }, "dataDiskImages": [ { - "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet", - "lun": 1 + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" } ] }, @@ -33,7 +123,10 @@ "storageAccountType": "Standard_ZRS", "excludeFromLatest": false } - ] + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" }, "storageProfile": { "osDiskImage": { @@ -55,7 +148,14 @@ ] }, "safetyProfile": { - "allowDeletionOfReplicatedLocations": false + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] }, "securityProfile": { "uefiSettings": { @@ -89,316 +189,216 @@ ] } } - } - } + }, + "provisioningState": "Updating" + }, + "location": "West US", + "name": "1.0.0" } }, - "responses": { - "200": { - "body": { - "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", - "properties": { - "publishingProfile": { - "targetRegions": [ - { - "name": "West US", - "regionalReplicaCount": 1, - "storageAccountType": "Standard_LRS", - "encryption": { - "osDiskImage": { - "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" - }, - "dataDiskImages": [ - { - "lun": 1, - "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" - } - ] - }, - "excludeFromLatest": false - }, - { - "name": "East US", - "regionalReplicaCount": 2, - "storageAccountType": "Standard_ZRS", - "excludeFromLatest": false - } - ], - "replicaCount": 1, - "publishedDate": "2018-01-01T00:00:00Z", - "storageAccountType": "Standard_LRS" - }, - "storageProfile": { - "osDiskImage": { - "source": { - "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", - "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" - }, - "hostCaching": "ReadOnly" - }, - "dataDiskImages": [ - { - "source": { - "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", - "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + "201": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" }, - "lun": 1, - "hostCaching": "None" - } - ] - }, - "safetyProfile": { - "allowDeletionOfReplicatedLocations": false, - "reportedForPolicyViolation": true, - "policyViolations": [ - { - "category": "ImageFlaggedUnsafe", - "details": "This is the policy violation details." - } - ] - }, - "securityProfile": { - "uefiSettings": { - "signatureTemplateNames": [ - "MicrosoftUefiCertificateAuthorityTemplate" - ], - "additionalSignatures": { - "KEK": [ - { - "type": "sha256", - "value": [ - "" - ] - } - ], - "DB": [ - { - "type": "x509", - "value": [ - "" - ] - } - ], - "DBX": [ + "dataDiskImages": [ { - "type": "x509", - "value": [ - "" - ] + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" } ] - } + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false } - }, - "provisioningState": "Updating" + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" }, - "location": "West US", - "name": "1.0.0" - } - }, - "201": { - "body": { - "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", - "properties": { - "publishingProfile": { - "targetRegions": [ - { - "name": "West US", - "regionalReplicaCount": 1, - "storageAccountType": "Standard_LRS", - "encryption": { - "osDiskImage": { - "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" - }, - "dataDiskImages": [ - { - "lun": 1, - "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" - } - ] - }, - "excludeFromLatest": false - }, - { - "name": "East US", - "regionalReplicaCount": 2, - "storageAccountType": "Standard_ZRS", - "excludeFromLatest": false - } - ], - "replicaCount": 1, - "publishedDate": "2018-01-01T00:00:00Z", - "storageAccountType": "Standard_LRS" + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" }, - "storageProfile": { - "osDiskImage": { + "dataDiskImages": [ + { "source": { "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, - "hostCaching": "ReadOnly" - }, - "dataDiskImages": [ - { - "source": { - "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", - "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" - }, - "lun": 1, - "hostCaching": "None" - } - ] - }, - "safetyProfile": { - "allowDeletionOfReplicatedLocations": false, - "reportedForPolicyViolation": true, - "policyViolations": [ - { - "category": "ImageFlaggedUnsafe", - "details": "This is the policy violation details." - } - ] - }, - "securityProfile": { - "uefiSettings": { - "signatureTemplateNames": [ - "MicrosoftUefiCertificateAuthorityTemplate" + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "KEK": [ + { + "type": "sha256", + "value": [ + "" + ] + } ], - "additionalSignatures": { - "KEK": [ - { - "type": "sha256", - "value": [ - "" - ] - } - ], - "DB": [ - { - "type": "x509", - "value": [ - "" - ] - } - ], - "DBX": [ + "DB": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "DBX": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + }, + "provisioningState": "Creating" + }, + "location": "West US", + "name": "1.0.0" + } + }, + "202": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ { - "type": "x509", - "value": [ - "" - ] + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" } ] - } + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false } - }, - "provisioningState": "Creating" + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" }, - "location": "West US", - "name": "1.0.0" - } - }, - "202": { - "body": { - "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", - "properties": { - "publishingProfile": { - "targetRegions": [ - { - "name": "West US", - "regionalReplicaCount": 1, - "storageAccountType": "Standard_LRS", - "encryption": { - "osDiskImage": { - "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" - }, - "dataDiskImages": [ - { - "lun": 1, - "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" - } - ] - }, - "excludeFromLatest": false - }, - { - "name": "East US", - "regionalReplicaCount": 2, - "storageAccountType": "Standard_ZRS", - "excludeFromLatest": false - } - ], - "replicaCount": 1, - "publishedDate": "2018-01-01T00:00:00Z", - "storageAccountType": "Standard_LRS" + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" }, - "storageProfile": { - "osDiskImage": { + "dataDiskImages": [ + { "source": { "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, - "hostCaching": "ReadOnly" - }, - "dataDiskImages": [ - { - "source": { - "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", - "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" - }, - "lun": 1, - "hostCaching": "None" - } - ] - }, - "safetyProfile": { - "allowDeletionOfReplicatedLocations": false, - "reportedForPolicyViolation": true, - "policyViolations": [ - { - "category": "ImageFlaggedUnsafe", - "details": "This is the policy violation details." - } - ] - }, - "securityProfile": { - "uefiSettings": { - "signatureTemplateNames": [ - "MicrosoftUefiCertificateAuthorityTemplate" + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "KEK": [ + { + "type": "sha256", + "value": [ + "" + ] + } ], - "additionalSignatures": { - "KEK": [ - { - "type": "sha256", - "value": [ - "" - ] - } - ], - "DB": [ - { - "type": "x509", - "value": [ - "" - ] - } - ], - "DBX": [ - { - "type": "x509", - "value": [ - "" - ] - } - ] - } + "DB": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "DBX": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] } - }, - "provisioningState": "Updating" + } }, - "location": "West US", - "name": "1.0.0" - } + "provisioningState": "Updating" + }, + "location": "West US", + "name": "1.0.0" } } - } \ No newline at end of file + } +} diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index 296fb65827f6..f24bc28ea7ab 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -3161,94 +3161,94 @@ "description": "region of the Gallery Image Version." } } - } - }, - "GalleryImageVersionUefiSettings": { - "type": "object", - "description": "", - "properties": { - "signatureTemplateNames": { - "type": "array", - "description": "The name of the template(s) that contains default UEFI key signatures that will be added to the image.", - "items": { - "$ref": "#/definitions/UefiSignatureTemplateName" - }, - "x-ms-identifiers": [] - }, - "additionalSignatures": { - "$ref": "#/definitions/uefiKeySignatures" + }, + "GalleryImageVersionUefiSettings": { + "type": "object", + "description": "", + "properties": { + "signatureTemplateNames": { + "type": "array", + "description": "The name of the template(s) that contains default UEFI key signatures that will be added to the image.", + "items": { + "$ref": "#/definitions/UefiSignatureTemplateName" + }, + "x-ms-identifiers": [] + }, + "additionalSignatures": { + "$ref": "#/definitions/uefiKeySignatures" + } } - } - }, - "UefiSignatureTemplateName": { - "type": "string", - "description": "The name of the signature template that contains default UEFI keys.", - "enum": [ - "NoSignatureTemplate", - "MicrosoftUefiCertificateAuthorityTemplate", - "MicrosoftWindowsTemplate" - ], - "x-ms-enum": { - "name": "UefiSignatureTemplateName", - "modelAsString": true - } - }, - "uefiKeySignatures": { - "type": "object", - "description": "Additional UEFI key signatures that will be added to the image in addition to the signature templates", - "properties": { - "pk": { - "$ref": "#/definitions/uefiKey" - }, - "kek": { - "type": "array", - "description": "The Key Encryption Keys of this image version.", - "items": { + }, + "UefiSignatureTemplateName": { + "type": "string", + "description": "The name of the signature template that contains default UEFI keys.", + "enum": [ + "NoSignatureTemplate", + "MicrosoftUefiCertificateAuthorityTemplate", + "MicrosoftWindowsTemplate" + ], + "x-ms-enum": { + "name": "UefiSignatureTemplateName", + "modelAsString": true + } + }, + "uefiKeySignatures": { + "type": "object", + "description": "Additional UEFI key signatures that will be added to the image in addition to the signature templates", + "properties": { + "pk": { "$ref": "#/definitions/uefiKey" }, - "x-ms-identifiers": [] - }, - "db": { - "type": "array", - "description": "The database of UEFI keys for this image version.", - "items": { - "$ref": "#/definitions/uefiKey" + "kek": { + "type": "array", + "description": "The Key Encryption Keys of this image version.", + "items": { + "$ref": "#/definitions/uefiKey" + }, + "x-ms-identifiers": [] }, - "x-ms-identifiers": [] - }, - "dbx": { - "type": "array", - "description": "The database of revoked UEFI keys for this image version.", - "items": { - "$ref": "#/definitions/uefiKey" + "db": { + "type": "array", + "description": "The database of UEFI keys for this image version.", + "items": { + "$ref": "#/definitions/uefiKey" + }, + "x-ms-identifiers": [] }, - "x-ms-identifiers": [] - } - } - }, - "uefiKey": { - "type": "object", - "description": "A UEFI key signature.", - "properties": { - "type": { - "type": "string", - "description": "The type of key signature.", - "enum": [ - "sha256", - "x509" - ], - "x-ms-enum": { - "name": "UefiKeyType", - "modelAsString": true + "dbx": { + "type": "array", + "description": "The database of revoked UEFI keys for this image version.", + "items": { + "$ref": "#/definitions/uefiKey" + }, + "x-ms-identifiers": [] } - }, - "value": { - "type": "array", - "description": "The value of the key signature.", - "items": { - "type": "string" + } + }, + "uefiKey": { + "type": "object", + "description": "A UEFI key signature.", + "properties": { + "type": { + "type": "string", + "description": "The type of key signature.", + "enum": [ + "sha256", + "x509" + ], + "x-ms-enum": { + "name": "UefiKeyType", + "modelAsString": true + } }, - "x-ms-identifiers": [] + "value": { + "type": "array", + "description": "The value of the key signature.", + "items": { + "type": "string" + }, + "x-ms-identifiers": [] + } } } }, From 00563240d4769bbcd6b2f85a1bbe6518d191e87a Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Mon, 3 Jul 2023 13:04:40 -0700 Subject: [PATCH 3/8] fix expand --- .../Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index f24bc28ea7ab..fecba5bda076 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -1281,7 +1281,8 @@ "type": "string", "description": "The expand expression to apply on the operation.", "enum": [ - "ReplicationStatus" + "ReplicationStatus", + "UefiSettings" ], "x-ms-enum": { "name": "ReplicationStatusTypes", From 7cebbc0d72871c5589284fb125d42a9d9dfd3d69 Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Mon, 3 Jul 2023 13:09:15 -0700 Subject: [PATCH 4/8] fix example uefi settings --- ...geVersion_Create_WithVHD_UefiSettings.json | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json index 4d89f67874b4..db1854d82014 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json @@ -63,7 +63,7 @@ "MicrosoftUefiCertificateAuthorityTemplate" ], "additionalSignatures": { - "KEK": [ + "kek": [ { "type": "sha256", "value": [ @@ -71,7 +71,7 @@ ] } ], - "DB": [ + "db": [ { "type": "x509", "value": [ @@ -79,7 +79,7 @@ ] } ], - "DBX": [ + "dbx": [ { "type": "x509", "value": [ @@ -163,7 +163,7 @@ "MicrosoftUefiCertificateAuthorityTemplate" ], "additionalSignatures": { - "KEK": [ + "kek": [ { "type": "sha256", "value": [ @@ -171,7 +171,7 @@ ] } ], - "DB": [ + "db": [ { "type": "x509", "value": [ @@ -179,7 +179,7 @@ ] } ], - "DBX": [ + "dbx": [ { "type": "x509", "value": [ @@ -265,7 +265,7 @@ "MicrosoftUefiCertificateAuthorityTemplate" ], "additionalSignatures": { - "KEK": [ + "kek": [ { "type": "sha256", "value": [ @@ -273,7 +273,7 @@ ] } ], - "DB": [ + "db": [ { "type": "x509", "value": [ @@ -281,7 +281,7 @@ ] } ], - "DBX": [ + "dbx": [ { "type": "x509", "value": [ @@ -367,7 +367,7 @@ "MicrosoftUefiCertificateAuthorityTemplate" ], "additionalSignatures": { - "KEK": [ + "kek": [ { "type": "sha256", "value": [ @@ -375,7 +375,7 @@ ] } ], - "DB": [ + "db": [ { "type": "x509", "value": [ @@ -383,7 +383,7 @@ ] } ], - "DBX": [ + "dbx": [ { "type": "x509", "value": [ From 8831954e77ede13a6b56d3df34ed7db5130b7ba1 Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Mon, 3 Jul 2023 13:15:50 -0700 Subject: [PATCH 5/8] remove uefi settings where it's not functional --- .../Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index fecba5bda076..f24bc28ea7ab 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -1281,8 +1281,7 @@ "type": "string", "description": "The expand expression to apply on the operation.", "enum": [ - "ReplicationStatus", - "UefiSettings" + "ReplicationStatus" ], "x-ms-enum": { "name": "ReplicationStatusTypes", From ba41536489ada64ae51ee22498c897d64a33fe92 Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Tue, 1 Aug 2023 11:05:55 -0700 Subject: [PATCH 6/8] update name --- .../GalleryRP/stable/2022-08-03/gallery.json | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index f24bc28ea7ab..be46dfc8a652 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -1281,7 +1281,8 @@ "type": "string", "description": "The expand expression to apply on the operation.", "enum": [ - "ReplicationStatus" + "ReplicationStatus", + "UefiSettings" ], "x-ms-enum": { "name": "ReplicationStatusTypes", @@ -2651,7 +2652,7 @@ "EncryptedVMGuestStateOnlyWithPmk", "EncryptedWithPmk", "EncryptedWithCmk", - "NonPersistedVMGuestState" + "NonPersistedTPM" ], "x-ms-enum": { "name": "ConfidentialVMEncryptionType", From e3aeea2daba9a338f17e2365f48724ba98097b2e Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Tue, 15 Aug 2023 14:08:16 -0700 Subject: [PATCH 7/8] add descriptions, casing fixed --- .../GalleryRP/stable/2022-08-03/gallery.json | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index be46dfc8a652..23fe974d5620 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -2429,12 +2429,12 @@ "safetyProfile": { "$ref": "#/definitions/GalleryImageVersionSafetyProfile" }, - "securityProfile": { - "$ref": "#/definitions/ImageVersionSecurityProfile" - }, "replicationStatus": { "readOnly": true, "$ref": "#/definitions/ReplicationStatus" + }, + "securityProfile": { + "$ref": "#/definitions/ImageVersionSecurityProfile" } }, "required": [ @@ -3165,7 +3165,7 @@ }, "GalleryImageVersionUefiSettings": { "type": "object", - "description": "", + "description": "Contains UEFI settings for the image version.", "properties": { "signatureTemplateNames": { "type": "array", @@ -3193,11 +3193,12 @@ "modelAsString": true } }, - "uefiKeySignatures": { + "UefiKeySignatures": { "type": "object", "description": "Additional UEFI key signatures that will be added to the image in addition to the signature templates", "properties": { "pk": { + "description": "The Platform Key of this image version.", "$ref": "#/definitions/uefiKey" }, "kek": { @@ -3226,7 +3227,7 @@ } } }, - "uefiKey": { + "UefiKey": { "type": "object", "description": "A UEFI key signature.", "properties": { From fa4f54f6f50fd7cb4dbfa75abcfc5baf7eb65cf9 Mon Sep 17 00:00:00 2001 From: Tim Regan Date: Tue, 15 Aug 2023 16:48:23 -0700 Subject: [PATCH 8/8] some changes didnt get committed --- .../GalleryRP/stable/2022-08-03/gallery.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index 23fe974d5620..7b42b2865e51 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -3176,7 +3176,7 @@ "x-ms-identifiers": [] }, "additionalSignatures": { - "$ref": "#/definitions/uefiKeySignatures" + "$ref": "#/definitions/UefiKeySignatures" } } }, @@ -3199,13 +3199,13 @@ "properties": { "pk": { "description": "The Platform Key of this image version.", - "$ref": "#/definitions/uefiKey" + "$ref": "#/definitions/UefiKey" }, "kek": { "type": "array", "description": "The Key Encryption Keys of this image version.", "items": { - "$ref": "#/definitions/uefiKey" + "$ref": "#/definitions/UefiKey" }, "x-ms-identifiers": [] }, @@ -3213,7 +3213,7 @@ "type": "array", "description": "The database of UEFI keys for this image version.", "items": { - "$ref": "#/definitions/uefiKey" + "$ref": "#/definitions/UefiKey" }, "x-ms-identifiers": [] }, @@ -3221,7 +3221,7 @@ "type": "array", "description": "The database of revoked UEFI keys for this image version.", "items": { - "$ref": "#/definitions/uefiKey" + "$ref": "#/definitions/UefiKey" }, "x-ms-identifiers": [] }