Deploying a Virtual Machine in Azure Using an ARM Template
Azure Resource Manager (ARM) templates are a powerful way to deploy and manage resources in Microsoft Azure. This blog will walk you through the process of deploying a virtual machine (VM) in Azure using an ARM template directly from the Azure Portal. This approach simplifies the deployment of complex environments and ensures consistency.
Step 1: Prepare Your ARM Template
Before you start the deployment process, you need to have your ARM template ready. Here’s a basic example of an ARM template for deploying a Windows VM:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.16.2.56959",
"templateHash": "14427937023370378081"
}
},
"parameters": {
"adminUsername": {
"type": "string",
"metadata": {
"description": "Username for the Virtual Machine."
}
},
"adminPassword": {
"type": "securestring",
"minLength": 12,
"metadata": {
"description": "Password for the Virtual Machine."
}
},
"dnsLabelPrefix": {
"type": "string",
"defaultValue": "[toLower(format('{0}-{1}', parameters('vmName'), uniqueString(resourceGroup().id, parameters('vmName'))))]",
"metadata": {
"description": "Unique DNS Name for the Public IP used to access the Virtual Machine."
}
},
"publicIpName": {
"type": "string",
"defaultValue": "myPublicIP",
"metadata": {
"description": "Name for the Public IP used to access the Virtual Machine."
}
},
"publicIPAllocationMethod": {
"type": "string",
"defaultValue": "Dynamic",
"allowedValues": [
"Dynamic",
"Static"
],
"metadata": {
"description": "Allocation method for the Public IP used to access the Virtual Machine."
}
},
"publicIpSku": {
"type": "string",
"defaultValue": "Basic",
"allowedValues": [
"Basic",
"Standard"
],
"metadata": {
"description": "SKU for the Public IP used to access the Virtual Machine."
}
},
"OSVersion": {
"type": "string",
"defaultValue": "2022-datacenter-azure-edition",
"allowedValues": [
"2016-datacenter-gensecond",
"2016-datacenter-server-core-g2",
"2016-datacenter-server-core-smalldisk-g2",
"2016-datacenter-smalldisk-g2",
"2016-datacenter-with-containers-g2",
"2016-datacenter-zhcn-g2",
"2019-datacenter-core-g2",
"2019-datacenter-core-smalldisk-g2",
"2019-datacenter-core-with-containers-g2",
"2019-datacenter-core-with-containers-smalldisk-g2",
"2019-datacenter-gensecond",
"2019-datacenter-smalldisk-g2",
"2019-datacenter-with-containers-g2",
"2019-datacenter-with-containers-smalldisk-g2",
"2019-datacenter-zhcn-g2",
"2022-datacenter-azure-edition",
"2022-datacenter-azure-edition-core",
"2022-datacenter-azure-edition-core-smalldisk",
"2022-datacenter-azure-edition-smalldisk",
"2022-datacenter-core-g2",
"2022-datacenter-core-smalldisk-g2",
"2022-datacenter-g2",
"2022-datacenter-smalldisk-g2"
],
"metadata": {
"description": "The Windows version for the VM. This will pick a fully patched image of this given Windows version."
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_D2s_v5",
"metadata": {
"description": "Size of the virtual machine."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"vmName": {
"type": "string",
"defaultValue": "simple-vm",
"metadata": {
"description": "Name of the virtual machine."
}
},
"securityType": {
"type": "string",
"defaultValue": "TrustedLaunch",
"allowedValues": [
"Standard",
"TrustedLaunch"
],
"metadata": {
"description": "Security Type of the Virtual Machine."
}
}
},
"variables": {
"storageAccountName": "[format('bootdiags{0}', uniqueString(resourceGroup().id))]",
"nicName": "myVMNic",
"addressPrefix": "10.0.0.0/16",
"subnetName": "Subnet",
"subnetPrefix": "10.0.0.0/24",
"virtualNetworkName": "MyVNET",
"networkSecurityGroupName": "default-NSG",
"securityProfileJson": {
"uefiSettings": {
"secureBootEnabled": true,
"vTpmEnabled": true
},
"securityType": "[parameters('securityType')]"
},
"extensionName": "GuestAttestation",
"extensionPublisher": "Microsoft.Azure.Security.WindowsAttestation",
"extensionVersion": "1.0",
"maaTenantName": "GuestAttestation",
"maaEndpoint": "[substring('emptyString', 0, 0)]"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2022-05-01",
"name": "[variables('storageAccountName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage"
},
{
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2022-05-01",
"name": "[parameters('publicIpName')]",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('publicIpSku')]"
},
"properties": {
"publicIPAllocationMethod": "[parameters('publicIPAllocationMethod')]",
"dnsSettings": {
"domainNameLabel": "[parameters('dnsLabelPrefix')]"
}
}
},
{
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2022-05-01",
"name": "[variables('networkSecurityGroupName')]",
"location": "[parameters('location')]",
"properties": {
"securityRules": [
{
"name": "default-allow-3389",
"properties": {
"priority": 1000,
"access": "Allow",
"direction": "Inbound",
"destinationPortRange": "3389",
"protocol": "Tcp",
"sourcePortRange": "*",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*"
}
}
]
}
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2022-05-01",
"name": "[variables('virtualNetworkName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('addressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]",
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
}
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
]
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2022-05-01",
"name": "[variables('nicName')]",
"location": "[parameters('location')]",
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]"
},
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnetName'))]"
}
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]",
"[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]"
]
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2022-03-01",
"name": "[parameters('vmName')]",
"location": "[parameters('location')]",
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "[parameters('OSVersion')]",
"version": "latest"
},
"osDisk": {
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "StandardSSD_LRS"
}
},
"dataDisks": [
{
"diskSizeGB": 1023,
"lun": 0,
"createOption": "Empty"
}
]
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName')), '2022-05-01').primaryEndpoints.blob]"
}
},
"securityProfile": "[if(equals(parameters('securityType'), 'TrustedLaunch'), variables('securityProfileJson'), null())]"
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
]
},
{
"condition": "[and(equals(parameters('securityType'), 'TrustedLaunch'), and(equals(variables('securityProfileJson').uefiSettings.secureBootEnabled, true()), equals(variables('securityProfileJson').uefiSettings.vTpmEnabled, true())))]",
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2022-03-01",
"name": "[format('{0}/{1}', parameters('vmName'), variables('extensionName'))]",
"location": "[parameters('location')]",
"properties": {
"publisher": "[variables('extensionPublisher')]",
"type": "[variables('extensionName')]",
"typeHandlerVersion": "[variables('extensionVersion')]",
"autoUpgradeMinorVersion": true,
"enableAutomaticUpgrade": true,
"settings": {
"AttestationConfig": {
"MaaSettings": {
"maaEndpoint": "[variables('maaEndpoint')]",
"maaTenantName": "[variables('maaTenantName')]"
}
}
}
},
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', parameters('vmName'))]"
]
}
],
"outputs": {
"hostname": {
"type": "string",
"value": "[reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName')), '2022-05-01').dnsSettings.fqdn]"
}
}
}
Note: Customize the variables
section with your subscription ID, resource group name, and storage account details.
Step 2: Log in to Azure Portal
Go to the Azure Portal: Open portal.azure.com and log in with your Azure account credentials.
Step 3: Start the Deployment
Create a New Deployment:
- On the search bar,type Deploy a custom template.
- Click on "+ Create" (or "Add" in some versions).
Step 4: Build Your Own Template
- On the "Custom deployment" page, click on "Build your own template in the editor."
- In the template editor, either upload your template file or paste your ARM template JSON code directly.
- Click on "Save" to save your changes and return to the deployment page.
Step 5: Configure Deployment Parameters
-
Fill Out Parameters:
- On the "Custom deployment" page, you’ll need to enter the parameters for your template. This includes:
- Subscription: Select the Azure subscription you want to use.
- Resource group: Choose the existing resource group or create a new one.
- Region: Ensure the region is correct.
- Template Parameters: If your template includes parameters, provide the required values (e.g., VM name, admin username and password).
- On the "Custom deployment" page, you’ll need to enter the parameters for your template. This includes:
Review and Create:
- Click on "Review + create" to review your deployment settings.
- Verify that all details are correct.
Step 6: Deploy the Template
Initiate Deployment:
- Click on "Create" to start the deployment process.
- Once you submit, Azure will begin deploying the resources defined in your ARM template.
Step 7: Verify the Deployment
-
Check Resources:
- After the deployment is complete, go to the "Virtual machines" section in the Azure Portal.
- You should see your new VM listed there.
Step 8: Download RDP file
- Click on the VM to view its details.
-
Connect via Remote Desktop (for Windows).
- Fill in admin password that was created earlier
Step 9: Verify the Deployment
Conclusion
Deploying a VM using an ARM template through the Azure Portal provides a seamless way to automate and standardize your deployments. By following these steps, you can quickly spin up virtual machines with a consistent configuration, saving time and reducing the potential for errors. For more complex scenarios, you can enhance your ARM template with additional resources and configurations to fit your needs.