az sf managed-node-type vm-secret

  • Reference

Managed vm secrets on a node type on managed clusters.

Commands

Name Description Type Status
az sf managed-node-type vm-secret add

Add a secret to the node type.

 Core GA

az sf managed-node-type vm-secret add

Add a secret to the node type.

az sf managed-node-type vm-secret add --certificate-store
                                      --certificate-url
                                      --cluster-name
                                      --name
                                      --resource-group
                                      --source-vault-id

Examples

Add certificate to the node type as a secret.

az sf managed-node-type vm-secret add -g testRG -c testCluster -n snt --source-vault-id /subscriptions/XXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/testRG/providers/Microsoft.KeyVault/vaults/testkv --certificate-url https://testskv.vault.azure.net:443/secrets/TestCert/xxxxxxxxxxxxxxxxxxxxxxxx --certificate-store my

Required Parameters

--certificate-store

Specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account.

--certificate-url

This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see Add a key or secret to the key vault. In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

{
"data":"",
"dataType":"pfx",
"password":""
}/.

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--name --node-type-name -n

Node type name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

--source-vault-id

Key Vault resource id containing the certificates.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc
default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.