Microsoft.VirtualMachineImages imageTemplates

2024-12-09

Bicep resource definition

The imageTemplates resource type can be deployed with operations that target:

Resource groups - See resource group deployment commands

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.VirtualMachineImages/imageTemplates resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.VirtualMachineImages/imageTemplates@2024-02-01' = {
  identity: {
    type: 'string'
    userAssignedIdentities: {
      {customized property}: {}
    }
  }
  location: 'string'
  name: 'string'
  properties: {
    autoRun: {
      state: 'string'
    }
    buildTimeoutInMinutes: int
    customize: [
      {
        name: 'string'
        type: 'string'
        // For remaining properties, see ImageTemplateCustomizer objects
      }
    ]
    distribute: [
      {
        artifactTags: {
          {customized property}: 'string'
        }
        runOutputName: 'string'
        type: 'string'
        // For remaining properties, see ImageTemplateDistributor objects
      }
    ]
    errorHandling: {
      onCustomizerError: 'string'
      onValidationError: 'string'
    }
    managedResourceTags: {
      {customized property}: 'string'
    }
    optimize: {
      vmBoot: {
        state: 'string'
      }
    }
    source: {
      type: 'string'
      // For remaining properties, see ImageTemplateSource objects
    }
    stagingResourceGroup: 'string'
    validate: {
      continueDistributeOnFailure: bool
      inVMValidations: [
        {
          name: 'string'
          type: 'string'
          // For remaining properties, see ImageTemplateInVMValidator objects
        }
      ]
      sourceValidationOnly: bool
    }
    vmProfile: {
      osDiskSizeGB: int
      userAssignedIdentities: [
        'string'
      ]
      vmSize: 'string'
      vnetConfig: {
        containerInstanceSubnetId: 'string'
        proxyVmSize: 'string'
        subnetId: 'string'
      }
    }
  }
  tags: {
    {customized property}: 'string'
  }
}

ImageTemplateSource objects

Set the type property to specify the type of object.

For ManagedImage, use:

{
  imageId: 'string'
  type: 'ManagedImage'
}

For PlatformImage, use:

{
  offer: 'string'
  planInfo: {
    planName: 'string'
    planProduct: 'string'
    planPublisher: 'string'
  }
  publisher: 'string'
  sku: 'string'
  type: 'PlatformImage'
  version: 'string'
}

For SharedImageVersion, use:

{
  imageVersionId: 'string'
  type: 'SharedImageVersion'
}

ImageTemplateInVMValidator objects

Set the type property to specify the type of object.

For File, use:

{
  destination: 'string'
  sha256Checksum: 'string'
  sourceUri: 'string'
  type: 'File'
}

For PowerShell, use:

{
  inline: [
    'string'
  ]
  runAsSystem: bool
  runElevated: bool
  scriptUri: 'string'
  sha256Checksum: 'string'
  type: 'PowerShell'
  validExitCodes: [
    int
  ]
}

For Shell, use:

{
  inline: [
    'string'
  ]
  scriptUri: 'string'
  sha256Checksum: 'string'
  type: 'Shell'
}

ImageTemplateCustomizer objects

Set the type property to specify the type of object.

For File, use:

{
  destination: 'string'
  sha256Checksum: 'string'
  sourceUri: 'string'
  type: 'File'
}

For PowerShell, use:

{
  inline: [
    'string'
  ]
  runAsSystem: bool
  runElevated: bool
  scriptUri: 'string'
  sha256Checksum: 'string'
  type: 'PowerShell'
  validExitCodes: [
    int
  ]
}

For Shell, use:

{
  inline: [
    'string'
  ]
  scriptUri: 'string'
  sha256Checksum: 'string'
  type: 'Shell'
}

For WindowsRestart, use:

{
  restartCheckCommand: 'string'
  restartCommand: 'string'
  restartTimeout: 'string'
  type: 'WindowsRestart'
}

For WindowsUpdate, use:

{
  filters: [
    'string'
  ]
  searchCriteria: 'string'
  type: 'WindowsUpdate'
  updateLimit: int
}

ImageTemplateDistributor objects

Set the type property to specify the type of object.

For ManagedImage, use:

{
  imageId: 'string'
  location: 'string'
  type: 'ManagedImage'
}

For SharedImage, use:

{
  excludeFromLatest: bool
  galleryImageId: 'string'
  replicationRegions: [
    'string'
  ]
  storageAccountType: 'string'
  targetRegions: [
    {
      name: 'string'
      replicaCount: int
      storageAccountType: 'string'
    }
  ]
  type: 'SharedImage'
  versioning: {
    scheme: 'string'
    // For remaining properties, see DistributeVersioner objects
  }
}

For VHD, use:

{
  type: 'VHD'
  uri: 'string'
}

DistributeVersioner objects

Set the scheme property to specify the type of object.

For Latest, use:

{
  major: int
  scheme: 'Latest'
}

For Source, use:

{
  scheme: 'Source'
}

Property Values

DistributeVersioner

Name	Description	Value
scheme	Set to 'Latest' for type DistributeVersionerLatest. Set to 'Source' for type DistributeVersionerSource.	'Latest' 'Source' (required)

DistributeVersionerLatest

Name	Description	Value
major	Major version for the generated version number. Determine what is "latest" based on versions with this value as the major version. -1 is equivalent to leaving it unset.	int Constraints: Min value = -1
scheme	Version numbering scheme to be used.	'Latest' (required)

DistributeVersionerSource

Name	Description	Value
scheme	Version numbering scheme to be used.	'Source' (required)

ImageTemplateAutoRun

Name	Description	Value
state	Enabling this field will trigger an automatic build on image template creation or update.	'Disabled' 'Enabled'

ImageTemplateCustomizer

Name	Description	Value
name	Friendly Name to provide context on what this customization step does	string
type	Set to 'File' for type ImageTemplateFileCustomizer. Set to 'PowerShell' for type ImageTemplatePowerShellCustomizer. Set to 'Shell' for type ImageTemplateShellCustomizer. Set to 'WindowsRestart' for type ImageTemplateRestartCustomizer. Set to 'WindowsUpdate' for type ImageTemplateWindowsUpdateCustomizer.	'File' 'PowerShell' 'Shell' 'WindowsRestart' 'WindowsUpdate' (required)

ImageTemplateDistributor

Name	Description	Value
artifactTags	Tags that will be applied to the artifact once it has been created/updated by the distributor.	ImageTemplateDistributorArtifactTags
runOutputName	The name to be used for the associated RunOutput.	string Constraints: Pattern = `^[A-Za-z0-9-_.]{1,64}$` (required)
type	Set to 'ManagedImage' for type ImageTemplateManagedImageDistributor. Set to 'SharedImage' for type ImageTemplateSharedImageDistributor. Set to 'VHD' for type ImageTemplateVhdDistributor.	'ManagedImage' 'SharedImage' 'VHD' (required)

ImageTemplateDistributorArtifactTags

Name	Description	Value

ImageTemplateFileCustomizer

Name	Description	Value
destination	The absolute path to a file (with nested directory structures already created) where the file (from sourceUri) will be uploaded to in the VM	string
sha256Checksum	SHA256 checksum of the file provided in the sourceUri field above	string
sourceUri	The URI of the file to be uploaded for customizing the VM. It can be a github link, SAS URI for Azure Storage, etc	string
type	The type of customization tool you want to use on the Image. For example, "Shell" can be shell customizer	'File' (required)

ImageTemplateFileValidator

Name	Description	Value
destination	The absolute path to a file (with nested directory structures already created) where the file (from sourceUri) will be uploaded to in the VM	string
sha256Checksum	SHA256 checksum of the file provided in the sourceUri field above	string
sourceUri	The URI of the file to be uploaded to the VM for validation. It can be a github link, Azure Storage URI (authorized or SAS), etc	string
type	The type of validation you want to use on the Image. For example, "Shell" can be shell validation	'File' (required)

ImageTemplateIdentity

Name	Description	Value
type	The type of identity used for the image template. The type 'None' will remove any identities from the image template.	'None' 'UserAssigned'
userAssignedIdentities	The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.	UserAssignedIdentities

ImageTemplateInVMValidator

Name	Description	Value
name	Friendly Name to provide context on what this validation step does	string
type	Set to 'File' for type ImageTemplateFileValidator. Set to 'PowerShell' for type ImageTemplatePowerShellValidator. Set to 'Shell' for type ImageTemplateShellValidator.	'File' 'PowerShell' 'Shell' (required)

ImageTemplateManagedImageDistributor

Name	Description	Value
imageId	Resource Id of the Managed Disk Image	string (required)
location	Azure location for the image, should match if image already exists	string (required)
type	Type of distribution.	'ManagedImage' (required)

ImageTemplateManagedImageSource

Name	Description	Value
imageId	ARM resource id of the managed image in customer subscription	string (required)
type	Specifies the type of source image you want to start with.	'ManagedImage' (required)

ImageTemplatePlatformImageSource

Name	Description	Value
offer	Image offer from the Azure Gallery Images.	string
planInfo	Optional configuration of purchase plan for platform image.	PlatformImagePurchasePlan
publisher	Image Publisher in Azure Gallery Images.	string
sku	Image sku from the Azure Gallery Images.	string
type	Specifies the type of source image you want to start with.	'PlatformImage' (required)
version	Image version from the Azure Gallery Images. If 'latest' is specified here, the version is evaluated when the image build takes place, not when the template is submitted.	string

ImageTemplatePowerShellCustomizer

Name	Description	Value
inline	Array of PowerShell commands to execute	string[]
runAsSystem	If specified, the PowerShell script will be run with elevated privileges using the Local System user. Can only be true when the runElevated field above is set to true.	bool
runElevated	If specified, the PowerShell script will be run with elevated privileges	bool
scriptUri	URI of the PowerShell script to be run for customizing. It can be a github link, SAS URI for Azure Storage, etc	string
sha256Checksum	SHA256 checksum of the power shell script provided in the scriptUri field above	string
type	The type of customization tool you want to use on the Image. For example, "Shell" can be shell customizer	'PowerShell' (required)
validExitCodes	Valid exit codes for the PowerShell script. [Default: 0]	int[]

ImageTemplatePowerShellValidator

Name	Description	Value
inline	Array of PowerShell commands to execute	string[]
runAsSystem	If specified, the PowerShell script will be run with elevated privileges using the Local System user. Can only be true when the runElevated field above is set to true.	bool
runElevated	If specified, the PowerShell script will be run with elevated privileges	bool
scriptUri	URI of the PowerShell script to be run for validation. It can be a github link, Azure Storage URI, etc	string
sha256Checksum	SHA256 checksum of the power shell script provided in the scriptUri field above	string
type	The type of validation you want to use on the Image. For example, "Shell" can be shell validation	'PowerShell' (required)
validExitCodes	Valid exit codes for the PowerShell script. [Default: 0]	int[]

ImageTemplateProperties

Name	Description	Value
autoRun	Indicates whether or not to automatically run the image template build on template creation or update.	ImageTemplateAutoRun
buildTimeoutInMinutes	Maximum duration to wait while building the image template (includes all customizations, optimization, validations, and distributions). Omit or specify 0 to use the default (4 hours).	int Constraints: Min value = 0 Max value = 960
customize	Specifies the properties used to describe the customization steps of the image, like Image source etc	ImageTemplateCustomizer[]
distribute	The distribution targets where the image output needs to go to.	ImageTemplateDistributor[] (required)
errorHandling	Error handling options upon a build failure	ImageTemplatePropertiesErrorHandling
managedResourceTags	Tags that will be applied to the resource group and/or resources created by the service.	ImageTemplatePropertiesManagedResourceTags
optimize	Specifies optimization to be performed on image.	ImageTemplatePropertiesOptimize
source	Specifies the properties used to describe the source image.	ImageTemplateSource (required)
stagingResourceGroup	The staging resource group id in the same subscription as the image template that will be used to build the image. If this field is empty, a resource group with a random name will be created. If the resource group specified in this field doesn't exist, it will be created with the same name. If the resource group specified exists, it must be empty and in the same region as the image template. The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn't exist, but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain.	string
validate	Configuration options and list of validations to be performed on the resulting image.	ImageTemplatePropertiesValidate
vmProfile	Describes how virtual machine is set up to build images	ImageTemplateVmProfile

ImageTemplatePropertiesErrorHandling

Name	Description	Value
onCustomizerError	If there is a customizer error and this field is set to 'cleanup', the build VM and associated network resources will be cleaned up. This is the default behavior. If there is a customizer error and this field is set to 'abort', the build VM will be preserved.	'abort' 'cleanup'
onValidationError	If there is a validation error and this field is set to 'cleanup', the build VM and associated network resources will be cleaned up. This is the default behavior. If there is a validation error and this field is set to 'abort', the build VM will be preserved.	'abort' 'cleanup'

ImageTemplatePropertiesManagedResourceTags

Name	Description	Value

ImageTemplatePropertiesOptimize

Name	Description	Value
vmBoot	Optimization is applied on the image for a faster VM boot.	ImageTemplatePropertiesOptimizeVmBoot

ImageTemplatePropertiesOptimizeVmBoot

Name	Description	Value
state	Enabling this field will improve VM boot time by optimizing the final customized image output.	'Disabled' 'Enabled'

ImageTemplatePropertiesValidate

Name	Description	Value
continueDistributeOnFailure	If validation fails and this field is set to false, output image(s) will not be distributed. This is the default behavior. If validation fails and this field is set to true, output image(s) will still be distributed. Please use this option with caution as it may result in bad images being distributed for use. In either case (true or false), the end to end image run will be reported as having failed in case of a validation failure. [Note: This field has no effect if validation succeeds.]	bool
inVMValidations	List of validations to be performed.	ImageTemplateInVMValidator[]
sourceValidationOnly	If this field is set to true, the image specified in the 'source' section will directly be validated. No separate build will be run to generate and then validate a customized image.	bool

ImageTemplateRestartCustomizer

Name	Description	Value
restartCheckCommand	Command to check if restart succeeded [Default: '']	string
restartCommand	Command to execute the restart [Default: 'shutdown /r /f /t 0 /c "packer restart"']	string
restartTimeout	Restart timeout specified as a string of magnitude and unit, e.g. '5m' (5 minutes) or '2h' (2 hours) [Default: '5m']	string
type	The type of customization tool you want to use on the Image. For example, "Shell" can be shell customizer	'WindowsRestart' (required)

ImageTemplateSharedImageDistributor

Name	Description	Value
excludeFromLatest	Flag that indicates whether created image version should be excluded from latest. Omit to use the default (false).	bool
galleryImageId	Resource Id of the Azure Compute Gallery image	string (required)
replicationRegions	[Deprecated] A list of regions that the image will be replicated to. This list can be specified only if targetRegions is not specified. This field is deprecated - use targetRegions instead.	string[]
storageAccountType	[Deprecated] Storage account type to be used to store the shared image. Omit to use the default (Standard_LRS). This field can be specified only if replicationRegions is specified. This field is deprecated - use targetRegions instead.	'Premium_LRS' 'Standard_LRS' 'Standard_ZRS'
targetRegions	The target regions where the distributed Image Version is going to be replicated to. This object supersedes replicationRegions and can be specified only if replicationRegions is not specified.	TargetRegion[]
type	Type of distribution.	'SharedImage' (required)
versioning	Describes how to generate new x.y.z version number for distribution.	DistributeVersioner

ImageTemplateSharedImageVersionSource

Name	Description	Value
imageVersionId	ARM resource id of the image version. When image version name is 'latest', the version is evaluated when the image build takes place.	string (required)
type	Specifies the type of source image you want to start with.	'SharedImageVersion' (required)

ImageTemplateShellCustomizer

Name	Description	Value
inline	Array of shell commands to execute	string[]
scriptUri	URI of the shell script to be run for customizing. It can be a github link, SAS URI for Azure Storage, etc	string
sha256Checksum	SHA256 checksum of the shell script provided in the scriptUri field	string
type	The type of customization tool you want to use on the Image. For example, "Shell" can be shell customizer	'Shell' (required)

ImageTemplateShellValidator

Name	Description	Value
inline	Array of shell commands to execute	string[]
scriptUri	URI of the shell script to be run for validation. It can be a github link, Azure Storage URI, etc	string
sha256Checksum	SHA256 checksum of the shell script provided in the scriptUri field	string
type	The type of validation you want to use on the Image. For example, "Shell" can be shell validation	'Shell' (required)

ImageTemplateSource

Name	Description	Value
type	Set to 'ManagedImage' for type ImageTemplateManagedImageSource. Set to 'PlatformImage' for type ImageTemplatePlatformImageSource. Set to 'SharedImageVersion' for type ImageTemplateSharedImageVersionSource.	'ManagedImage' 'PlatformImage' 'SharedImageVersion' (required)

ImageTemplateVhdDistributor

Name	Description	Value
type	Type of distribution.	'VHD' (required)
uri	Optional Azure Storage URI for the distributed VHD blob. Omit to use the default (empty string) in which case VHD would be published to the storage account in the staging resource group.	string

ImageTemplateVmProfile

Name	Description	Value
osDiskSizeGB	Size of the OS disk in GB. Omit or specify 0 to use Azure's default OS disk size.	int Constraints: Min value = 0
userAssignedIdentities	Optional array of resource IDs of user assigned managed identities to be configured on the build VM and validation VM. This may include the identity of the image template.	string[]
vmSize	Size of the virtual machine used to build, customize and capture images. Omit or specify empty string to use the default (Standard_D1_v2 for Gen1 images and Standard_D2ds_v4 for Gen2 images).	string
vnetConfig	Optional configuration of the virtual network to use to deploy the build VM and validation VM in. Omit if no specific virtual network needs to be used.	VirtualNetworkConfig

ImageTemplateWindowsUpdateCustomizer

Name	Description	Value
filters	Array of filters to select updates to apply. Omit or specify empty array to use the default (no filter). Refer to above link for examples and detailed description of this field.	string[]
searchCriteria	Criteria to search updates. Omit or specify empty string to use the default (search all). Refer to above link for examples and detailed description of this field.	string
type	The type of customization tool you want to use on the Image. For example, "Shell" can be shell customizer	'WindowsUpdate' (required)
updateLimit	Maximum number of updates to apply at a time. Omit or specify 0 to use the default (1000)	int Constraints: Min value = 0