az sf managed-node-type vm-secret

Managed vm secrets on a node type on managed clusters.

Commands

Name	Description	Type	Status
az sf managed-node-type vm-secret add	Add a secret to the node type.	Core	GA

az sf managed-node-type vm-secret add

Add a secret to the node type.

az sf managed-node-type vm-secret add --certificate-store
                                      --certificate-url
                                      --cluster-name
                                      --name --node-type-name
                                      --resource-group
                                      --source-vault-id
                                      [--acquire-policy-token]
                                      [--change-reference]

Examples

Add certificate to the node type as a secret.

az sf managed-node-type vm-secret add -g testRG -c testCluster -n snt --source-vault-id /subscriptions/XXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/testRG/providers/Microsoft.KeyVault/vaults/testkv --certificate-url https://testskv.vault.azure.net:443/secrets/TestCert/xxxxxxxxxxxxxxxxxxxxxxxx --certificate-store my

Required Parameters

--certificate-store

Specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account.

--certificate-url

This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:  { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" }/.

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--name --node-type-name -n

Node type name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

--source-vault-id

Key Vault resource id containing the certificates.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property	Value
Parameter group:	Global Policy Arguments

--change-reference

The related change reference ID for this resource operation.

Property	Value
Parameter group:	Global Policy Arguments

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

Property	Value
Default value:	False

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property	Value
Default value:	False

--output -o

Output format.

Property	Value
Default value:	json
Accepted values:	json, jsonc, none, table, tsv, yaml, yamlc

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property	Value
Default value:	False

Feedback

Was this page helpful?