Protect-TemplateDisk
Prepares a signed template disk (.VHDX) which can be used to provision new shielded virtual machines.
Syntax
Protect-TemplateDisk
-Path <String>
-TemplateName <String>
-Version <Version>
-Certificate <X509Certificate2>
[-ProtectedTemplateTargetDiskType <ProtectedTemplateTargetDiskType>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Protect-TemplateDisk
-Path <String>
-PopulateFrom <String>
[-TemplateName <String>]
[-Version <Version>]
-Certificate <X509Certificate2>
[-ProtectedTemplateTargetDiskType <ProtectedTemplateTargetDiskType>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Protect-TemplateDisk
-Path <String>
[-DiskIsAlreadySpecialized]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Protect-TemplateDisk cmdlet prepares a virtual hard disk to be used for provisioning shielded virtual machines. The virtual hard disk must use the VHDX format and contain a generalized OS image. The VHDX will be modified in place, and can only be used with shielded virtual machines after the process is complete.
Examples
Example 1: Prepare a template disk by populating existing values
PS C:\>Protect-TemplateDisk -Certificate $certificate -PopulateFrom "ExistingPreparedTemplate.vhdx" -Path "NewTemplate.vhdx" -TemplateName "Windows Server 2016"This command prepares the .vhdx that the Path specifies. The command uses the version information from ExistingPreparedTemplate.vhdx. The command specifies the template name "Windows Server 2016".
Example 2: Prepare a template disk by specifying name and version
PS C:\>Protect-TemplateDisk -Certificate $certificate -Path "WindowsServer2016-ShieldedTemplate.vhdx" -TemplateName "Windows Server 2016" -Version 1.0.0.0This command prepares the .vhdx that the Path specifies. The command uses the name and version information specified by the TemplateName and Version parameters.
Parameters
-Certificate
Specifies the certificate used to sign metadata including the disk name, version, and hash calculated during the preparation process. The specified certificate must have a private key installed on the local machine.
| Type: | X509Certificate2 |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DiskIsAlreadySpecialized
Indicates the disk has already been prepared as a signed template disk, but its contents have since changed.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Path
Specifies the path to the template disk (.VHDX) to be prepared.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PopulateFrom
Specifies the path of a template disk that contains a previously published volume signature catalog. The disk name, version, and certificate will be used as defaults for the new template disk.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProtectedTemplateTargetDiskType
Specifies the type of OS installed on the VHDX.
| Type: | ProtectedTemplateTargetDiskType |
| Accepted values: | MicrosoftWindows, PreprocessedLinux |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TemplateName
Specifies the name of the template.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Version
Specifies a value that uniquely identifies this version of the template. The version value uses the form a.b.c.d, where each value is an integer less than 65536.
| Type: | Version |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |