cookbook.geuer-pollmann.de
  • Introduction
  • Command line utilities
    • bash scripting
    • cURL command line utility
    • ffmpeg - Processing Media
    • JOSE from the command line
    • jq
    • Misc. command line tools
    • Zettelkasten / Markdown
  • Azure
    • Logging in to Azure
    • Working with the REST API
    • Tracing HTTP requests with Fiddler
    • Upload a file from bash
    • Azure CLI
    • terraform
    • Azure Logic Apps
    • Azure Web Apps
    • Azure Python code snippets
    • SSH keys in ARM
    • Minimal "Azure AD Workload identity federation"
    • Federated credentials from GitHub and GitLab pipelines to Azure
    • Azure Marketplace Metered Billing- Picking the correct ID when submitting usage events
    • Manually submitting values to the Azure Metering API
    • How can a publisher/ISV access the data plane of an Azure managed application?
    • The checkZonePeers API: Is your availability zone "1" equal to my "1"?
    • Token authentication with "Azure Verizon Premium CDN"
    • Getting the right storage container name in a Bicep template
    • Event-sourcing into working memory to improve data access latency
    • Postgrex on Azure - Connecting to Azure PostgreSQL from Elixir
  • Productivity
    • Excel
    • Desktop Setup
    • Time handling and Scheduling
    • Elgato from the shell
    • Typora
Powered by GitBook
On this page
Edit on GitHub
  1. Azure

SSH keys in ARM

PreviousAzure Python code snippetsNextMinimal "Azure AD Workload identity federation"

Last updated 3 years ago

The Azure ARM system allows you to as a first-class object in ARM. This sample illustrates how to create such an SSH public key, and also how to dynamically use it.

During interactive VM creation in the portal, you can for your new VM. However, for template-based creation of a VM, you need to use the reference() ARM function to retrieve the value. The ARM schema for VMs doesn't currently allow you to refer to a key object, instead you must provide the literal SSH key value as a string to the VM, in the .osProfile.linuxConfiguration.ssh.publicKeys[0].keyData value.

The following little Bicep sample demonstrates these two concepts:

  1. Creating the 'Microsoft.Compute/sshPublicKeys' ARM resource, as well as

  2. dynamically retrieving it. For the sake of the example, I'm not really creating a VM, but just fetch the ssh public key and output it in the template.

param keyName string = 'chgeuer'
param sshPublicKey string = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChtYrL..... chgeuer@beam'

resource mySshkey 'Microsoft.Compute/sshPublicKeys@2020-12-01' = {
  name: keyName
  location: resourceGroup().location
  properties: {
    publicKey: sshPublicKey
  }
}

var sshkeyId = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.Compute/sshPublicKeys/${keyName}'

var sshkeyId2 = mySshkey.id

var apiversion = '2020-12-01'

output key string = reference(sshkeyId, apiversion).publicKey
output key2 string = reference(mySshkey.id, apiversion).publicKey
upload
ssh public keys
dynamically select an existing public key