diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json index 12bb0b721ae1..dd2a8ee2f725 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD.json @@ -38,7 +38,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -46,7 +46,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, @@ -98,7 +98,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -106,7 +106,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, @@ -167,7 +167,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -175,7 +175,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, @@ -236,7 +236,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -244,7 +244,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json new file mode 100644 index 000000000000..db1854d82014 --- /dev/null +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json @@ -0,0 +1,404 @@ +{ + "parameters": { + "subscriptionId": "{subscription-id}", + "resourceGroupName": "myResourceGroup", + "api-version": "2022-08-03", + "galleryName": "myGalleryName", + "galleryImageName": "myGalleryImageName", + "galleryImageVersionName": "1.0.0", + "galleryImageVersion": { + "location": "West US", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet", + "lun": 1 + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ] + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "kek": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "db": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "dbx": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "kek": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "db": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "dbx": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + }, + "provisioningState": "Updating" + }, + "location": "West US", + "name": "1.0.0" + } + }, + "201": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "kek": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "db": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "dbx": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + }, + "provisioningState": "Creating" + }, + "location": "West US", + "name": "1.0.0" + } + }, + "202": { + "body": { + "id": "/providers/Microsoft.Compute/locations/westus/Galleries/myGalleryName/Images/myGalleryImageName/Versions/1.0.0", + "properties": { + "publishingProfile": { + "targetRegions": [ + { + "name": "West US", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS", + "encryption": { + "osDiskImage": { + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myDiskEncryptionSet" + }, + "dataDiskImages": [ + { + "lun": 1, + "diskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSet/myOtherDiskEncryptionSet" + } + ] + }, + "excludeFromLatest": false + }, + { + "name": "East US", + "regionalReplicaCount": 2, + "storageAccountType": "Standard_ZRS", + "excludeFromLatest": false + } + ], + "replicaCount": 1, + "publishedDate": "2018-01-01T00:00:00Z", + "storageAccountType": "Standard_LRS" + }, + "storageProfile": { + "osDiskImage": { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "hostCaching": "ReadOnly" + }, + "dataDiskImages": [ + { + "source": { + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" + }, + "lun": 1, + "hostCaching": "None" + } + ] + }, + "safetyProfile": { + "allowDeletionOfReplicatedLocations": false, + "reportedForPolicyViolation": true, + "policyViolations": [ + { + "category": "ImageFlaggedUnsafe", + "details": "This is the policy violation details." + } + ] + }, + "securityProfile": { + "uefiSettings": { + "signatureTemplateNames": [ + "MicrosoftUefiCertificateAuthorityTemplate" + ], + "additionalSignatures": { + "kek": [ + { + "type": "sha256", + "value": [ + "" + ] + } + ], + "db": [ + { + "type": "x509", + "value": [ + "" + ] + } + ], + "dbx": [ + { + "type": "x509", + "value": [ + "" + ] + } + ] + } + } + }, + "provisioningState": "Updating" + }, + "location": "West US", + "name": "1.0.0" + } + } + } +} diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json index ae244872cb13..89c98c53469c 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/examples/galleryExamples/GalleryImageVersion_Get_WithVhdAsSource.json @@ -45,7 +45,7 @@ "storageProfile": { "osDiskImage": { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "hostCaching": "ReadOnly" @@ -53,7 +53,7 @@ "dataDiskImages": [ { "source": { - "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", + "storageAccountId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/{storageAccount}", "uri": "https://gallerysourcencus.blob.core.windows.net/myvhds/Windows-Server-2012-R2-20171216-en.us-128GB.vhd" }, "lun": 1, diff --git a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json index 45bc18f24be5..7b42b2865e51 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json +++ b/specification/compute/resource-manager/Microsoft.Compute/GalleryRP/stable/2022-08-03/gallery.json @@ -627,6 +627,9 @@ }, "Create or update a simple gallery image version with target extended locations specified.": { "$ref": "./examples/galleryExamples/GalleryImageVersion_Create_WithTargetExtendedLocations.json" + }, + "Create or update a simple Gallery Image Version using vhd as a source with custom UEFI keys.": { + "$ref": "./examples/galleryExamples/GalleryImageVersion_Create_WithVHD_UefiSettings.json" } } }, @@ -742,7 +745,8 @@ "type": "string", "description": "The expand expression to apply on the operation.", "enum": [ - "ReplicationStatus" + "ReplicationStatus", + "UefiSettings" ], "x-ms-enum": { "name": "ReplicationStatusTypes", @@ -1277,7 +1281,8 @@ "type": "string", "description": "The expand expression to apply on the operation.", "enum": [ - "ReplicationStatus" + "ReplicationStatus", + "UefiSettings" ], "x-ms-enum": { "name": "ReplicationStatusTypes", @@ -2427,6 +2432,9 @@ "replicationStatus": { "readOnly": true, "$ref": "#/definitions/ReplicationStatus" + }, + "securityProfile": { + "$ref": "#/definitions/ImageVersionSecurityProfile" } }, "required": [ @@ -2643,7 +2651,8 @@ "enum": [ "EncryptedVMGuestStateOnlyWithPmk", "EncryptedWithPmk", - "EncryptedWithCmk" + "EncryptedWithCmk", + "NonPersistedTPM" ], "x-ms-enum": { "name": "ConfidentialVMEncryptionType", @@ -2891,6 +2900,15 @@ }, "description": "A policy violation reported against a gallery artifact." }, + "ImageVersionSecurityProfile": { + "type": "object", + "description": "The security profile of a gallery image version", + "properties": { + "uefiSettings": { + "$ref": "#/definitions/GalleryImageVersionUefiSettings" + } + } + }, "ReplicationStatus": { "properties": { "aggregatedState": { @@ -3144,6 +3162,96 @@ "description": "region of the Gallery Image Version." } } + }, + "GalleryImageVersionUefiSettings": { + "type": "object", + "description": "Contains UEFI settings for the image version.", + "properties": { + "signatureTemplateNames": { + "type": "array", + "description": "The name of the template(s) that contains default UEFI key signatures that will be added to the image.", + "items": { + "$ref": "#/definitions/UefiSignatureTemplateName" + }, + "x-ms-identifiers": [] + }, + "additionalSignatures": { + "$ref": "#/definitions/UefiKeySignatures" + } + } + }, + "UefiSignatureTemplateName": { + "type": "string", + "description": "The name of the signature template that contains default UEFI keys.", + "enum": [ + "NoSignatureTemplate", + "MicrosoftUefiCertificateAuthorityTemplate", + "MicrosoftWindowsTemplate" + ], + "x-ms-enum": { + "name": "UefiSignatureTemplateName", + "modelAsString": true + } + }, + "UefiKeySignatures": { + "type": "object", + "description": "Additional UEFI key signatures that will be added to the image in addition to the signature templates", + "properties": { + "pk": { + "description": "The Platform Key of this image version.", + "$ref": "#/definitions/UefiKey" + }, + "kek": { + "type": "array", + "description": "The Key Encryption Keys of this image version.", + "items": { + "$ref": "#/definitions/UefiKey" + }, + "x-ms-identifiers": [] + }, + "db": { + "type": "array", + "description": "The database of UEFI keys for this image version.", + "items": { + "$ref": "#/definitions/UefiKey" + }, + "x-ms-identifiers": [] + }, + "dbx": { + "type": "array", + "description": "The database of revoked UEFI keys for this image version.", + "items": { + "$ref": "#/definitions/UefiKey" + }, + "x-ms-identifiers": [] + } + } + }, + "UefiKey": { + "type": "object", + "description": "A UEFI key signature.", + "properties": { + "type": { + "type": "string", + "description": "The type of key signature.", + "enum": [ + "sha256", + "x509" + ], + "x-ms-enum": { + "name": "UefiKeyType", + "modelAsString": true + } + }, + "value": { + "type": "array", + "description": "The value of the key signature.", + "items": { + "type": "string" + }, + "x-ms-identifiers": [] + } + } } }, "parameters": {