ShridharParameshwarBhat · October 20, 2021 08:32
diff --git a/clientcertusekek.json b/clientcertusekek.json
 {
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "vmName": {
      "type": "string",
      "metadata": {
        "description": "Name of the Virtual Machine"
      }
    },
    "keyVaultResourceID": {
      "type": "string",
      "metadata": {
        "description": "KeyVault resource id. Ex: /subscriptions/9135e259-1f76-4dbd-a5c8-bc4fcdf3cf1c/resourceGroups/DiskEncryptionTest/providers/Microsoft.KeyVault/vaults/DiskEncryptionTestAus"
      }
    },
    "keyVaultSecretUrl": {
      "type": "string",
      "metadata": {
        "description": "KeyVault secret Url. Ex: https://diskencryptiontestaus.vault.azure.net/secrets/BitLockerEncryptionSecretWithKek/e088818e865e48488cf363af16dea596"
      }
    },
    "keyEncryptionKeyURL": {
      "type": "string",
      "defaultValue": "",
      "metadata": {
        "description": "KeyVault key encryption key Url. Ex: https://diskencryptiontestaus.vault.azure.net/keys/DiskEncryptionKek/562a4bb76b524a1493a6afe8e536ee78"
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Location for all resources."
      }
    }
  },
  "resources": [
    {
      "apiVersion": "2016-04-30-preview",
      "type": "Microsoft.Compute/virtualMachines",
      "name": "[parameters('vmName')]",
      "location": "[parameters('location')]",
      "properties": {
        "storageProfile": {
          "osDisk": {
            "encryptionSettings": {
              "diskEncryptionKey": {
                "sourceVault": {
                  "id": "[parameters('keyVaultResourceID')]"
                },
                "secretUrl": "[parameters('keyVaultSecretUrl')]"
              },
              "keyEncryptionKey": {
                "sourceVault": {
                  "id": "[parameters('keyVaultResourceID')]"
                },
                "keyUrl": "[parameters('keyEncryptionKeyURL')]"
              }
            }
          }
        }
      }
    }
  ]
 }
	{
	"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
	"contentVersion": "1.0.0.0",
	"parameters": {
	"vmName": {
	"type": "string",
	"metadata": {
	"description": "Name of the Virtual Machine"
	}
	},
	"keyVaultResourceID": {
	"type": "string",
	"metadata": {
	"description": "KeyVault resource id. Ex: /subscriptions/9135e259-1f76-4dbd-a5c8-bc4fcdf3cf1c/resourceGroups/DiskEncryptionTest/providers/Microsoft.KeyVault/vaults/DiskEncryptionTestAus"
	}
	},
	"keyVaultSecretUrl": {
	"type": "string",
	"metadata": {
	"description": "KeyVault secret Url. Ex: https://diskencryptiontestaus.vault.azure.net/secrets/BitLockerEncryptionSecretWithKek/e088818e865e48488cf363af16dea596"
	}
	},
	"keyEncryptionKeyURL": {
	"type": "string",
	"defaultValue": "",
	"metadata": {
	"description": "KeyVault key encryption key Url. Ex: https://diskencryptiontestaus.vault.azure.net/keys/DiskEncryptionKek/562a4bb76b524a1493a6afe8e536ee78"
	}
	},
	"location": {
	"type": "string",
	"defaultValue": "[resourceGroup().location]",
	"metadata": {
	"description": "Location for all resources."
	}
	}
	},
	"resources": [
	{
	"apiVersion": "2016-04-30-preview",
	"type": "Microsoft.Compute/virtualMachines",
	"name": "[parameters('vmName')]",
	"location": "[parameters('location')]",
	"properties": {
	"storageProfile": {
	"osDisk": {
	"encryptionSettings": {
	"diskEncryptionKey": {
	"sourceVault": {
	"id": "[parameters('keyVaultResourceID')]"
	},
	"secretUrl": "[parameters('keyVaultSecretUrl')]"
	},
	"keyEncryptionKey": {
	"sourceVault": {
	"id": "[parameters('keyVaultResourceID')]"
	},
	"keyUrl": "[parameters('keyEncryptionKeyURL')]"
	}
	}
	}
	}
	}
	}
	]
	}