The Azure ARM system allows you to uploadssh public keys as a first-class object in ARM. This sample illustrates how to create such an SSH public key, and also how to dynamically use it.
During interactive VM creation in the portal, you can dynamically select an existing public key for your new VM. However, for template-based creation of a VM, you need to use the reference() ARM function to retrieve the value. The ARM schema for VMs doesn't currently allow you to refer to a key object, instead you must provide the literal SSH key value as a string to the VM, in the .osProfile.linuxConfiguration.ssh.publicKeys.keyData value.
The following little Bicep sample demonstrates these two concepts:
Creating the 'Microsoft.Compute/sshPublicKeys' ARM resource, as well as
dynamically retrieving it. For the sake of the example, I'm not really creating a VM, but just fetch the ssh public key and output it in the template.