なお、Windows Server 2016 TP5を本テンプレートをデプロイしたら、AntiMalwareを組み込むところが競合したため、OSバージョンからWindows Server 2016 TP5をのぞいてみました。
※それ以外にもちょっと調整してます。
31c31 < "defaultValue": "Windows-Server-Technical-Preview", --- > "defaultValue": "2012-R2-Datacenter", 35,36c35 < "2012-R2-Datacenter", < "Windows-Server-Technical-Preview" --- > "2012-R2-Datacenter" 45a45 > "Standard_A1", 47a48 > "Standard_D2", 49c50,52 < "Standard_DS1" --- > "Standard_D2_v2", > "Standard_DS1", > "Standard_DS2" 62a66,69 > "vmExtensionName": { > "type": "string", > "defaultValue": "MicrosoftAntimalware" > }, 93,95c100,102 < "lbInboundNatRulesName": "[concat(parameters('vmName'),variables('lbName'),'-InboundNatRules01')]", < "lbFrontEndName": "[concat(parameters('vmName'),variables('lbName'),'-FrontEnd01')]", < "lbBackendAddressPoolName": "[concat(parameters('vmName'),variables('lbName'),'-BackendPool01')]", --- > "lbInboundNatRulesName": "[concat(variables('lbName'),'-InboundNatRules01')]", > "lbFrontEndName": "[concat(variables('lbName'),'-FrontEnd01')]", > "lbBackendAddressPoolName": "[concat(variables('lbName'),'-BackendPool01')]", 244a252,281 > } > }, > { > "type": "Microsoft.Compute/virtualMachines/extensions", > "name": "[concat(parameters('vmName'),'/',parameters('vmExtensionName'))]", > "apiVersion": "[variables('apiVersion')]", > "location": "[resourceGroup().location]", > "dependsOn": [ > "[concat('Microsoft.Compute/virtualMachines/', parameters('vmName'))]" > ], > "properties": { > "publisher": "Microsoft.Azure.Security", > "type": "IaaSAntimalware", > "typeHandlerVersion": "1.1", > "settings": { > "AntimalwareEnabled": "true", > "Exclusions": { > "Paths": "C:\\Users", > "Extensions": ".txt;.mdf;.ldf", > "Processes": "taskmgr.exe" > }, > "RealtimeProtectionEnabled": "true", > "ScheduledScanSettings": { > "isEnabled": "true", > "scanType": "Quick", > "day": "7", > "time": "120" > } > }, > "protectedSettings": null赤い部分がAntiMalwareを組み込むための定義です。
Azure Resource Manager Template Visualizerで読み込んでみると下記のような感じになります。
それでは、コード全体も貼り付けておきます。
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"type": "string",
"metadata": {
"description": "name for the Virtual Machine."
}
},
"dnsLabelPrefix": {
"type": "string",
"metadata": {
"description": "Unique DNS Name for the Public IP used to access the Virtual Machine."
}
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Username for the Virtual Machine."
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Password for the Virtual Machine."
}
},
"windowsOSVersion": {
"type": "string",
"defaultValue": "2012-R2-Datacenter",
"allowedValues": [
"2008-R2-SP1",
"2012-Datacenter",
"2012-R2-Datacenter"
],
"metadata": {
"description": "The Windows version for the VM. This will pick a fully patched image of this given Windows version. Allowed values: 2008-R2-SP1, 2012-Datacenter, 2012-R2-Datacenter."
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_A2",
"allowedValues": [
"Standard_A1",
"Standard_A2",
"Standard_D1",
"Standard_D2",
"Standard_D1_v2",
"Standard_D2_v2",
"Standard_DS1",
"Standard_DS2"
]
},
"vmDataDiskSize": {
"type": "int",
"defaultValue": "100"
},
"rdpFrontend": {
"type": "int",
"defaultValue": 50001,
"metadata": {
"description": "Public port number for RDP"
}
},
"vmExtensionName": {
"type": "string",
"defaultValue": "MicrosoftAntimalware"
},
"VNetName": {
"type": "string",
"defaultValue": "ArmVNet1"
},
"VSubnetName": {
"type": "string",
"defaultValue": "Subnet1"
},
"storageAccountName": {
"type": "string",
"defaultValue": "armstorageact01"
}
},
"variables": {
"sizeOfDiskInGB": "[parameters('vmDataDiskSize')]",
"imagePublisher": "MicrosoftWindowsServer",
"imageOffer": "WindowsServer",
"vmName": "[parameters('vmName')]",
"vmSize": "[parameters('vmSize')]",
"OSDiskName": "[concat(variables('vmName'),'-os')]",
"dataDisk1VhdName": "[concat(variables('vmName'),'-data1')]",
"nicName": "[concat(variables('vmName'),'-nic01')]",
"existingVNetName": "[parameters('VNetName')]",
"subnetName": "[parameters('VSubnetName')]",
"publicIPAddressName": "[concat(variables('vmName'),'-PublicIP01')]",
"publicIPAddressType": "Dynamic",
"vmStorageAccountContainerName": "[concat(variables('vmName'),'-vhds')]",
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('existingVNetName'))]",
"subnetRef": "[concat(variables('vnetID'),'/subnets/',variables('subnetName'))]",
"lbName": "[concat(parameters('vmName'),'-lb01')]",
"lbInboundNatRulesName": "[concat(variables('lbName'),'-InboundNatRules01')]",
"lbFrontEndName": "[concat(variables('lbName'),'-FrontEnd01')]",
"lbBackendAddressPoolName": "[concat(variables('lbName'),'-BackendPool01')]",
"publicIPAddressID": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]",
"lbID": "[resourceId('Microsoft.Network/loadBalancers',variables('lbName'))]",
"lbFrontEndIPConfigID": "[concat(variables('lbID'),'/frontendIPConfigurations/',variables('lbFrontEndName'))]",
"lbPoolID": "[concat(variables('lbID'),'/backendAddressPools/',variables('lbBackendAddressPoolName'))]",
"lbNatID": "[concat(variables('lbID'),'/inboundNatRules/',variables('lbInboundNatRulesName'))]",
"apiVersion": "2015-06-15"
},
"resources": [
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('publicIPAddressName')]",
"location": "[resourceGroup().location]",
"properties": {
"publicIPAllocationMethod": "[variables('publicIPAddressType')]",
"dnsSettings": {
"domainNameLabel": "[parameters('dnsLabelPrefix')]"
}
}
},
{
"apiVersion": "[variables('apiVersion')]",
"name": "[variables('lbName')]",
"type": "Microsoft.Network/loadBalancers",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]"
],
"properties": {
"frontendIPConfigurations": [
{
"name": "[variables('lbFrontEndName')]",
"properties": {
"publicIPAddress": {
"id": "[variables('publicIPAddressID')]"
}
}
}
],
"backendAddressPools": [
{
"name": "[variables('lbBackendAddressPoolName')]"
}
],
"inboundNatRules": [
{
"name": "[variables('lbInboundNatRulesName')]",
"properties": {
"frontendIPConfiguration": {
"id": "[variables('lbFrontEndIPConfigID')]"
},
"protocol": "tcp",
"frontendPort": "[parameters('rdpFrontend')]",
"backendPort": 3389,
"enableFloatingIP": false
}
}
]
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/networkInterfaces",
"name": "[variables('nicName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/loadBalancers/',variables('lbName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('subnetRef')]"
},
"loadBalancerBackendAddressPools": [
{
"id": "[variables('lbPoolID')]"
}
],
"loadBalancerInboundNatRules": [
{
"id": "[variables('lbNatID')]"
}
]
}
}
]
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Compute/virtualMachines",
"name": "[variables('vmName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[variables('vmSize')]"
},
"osProfile": {
"computerName": "[variables('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "[variables('imagePublisher')]",
"offer": "[variables('imageOffer')]",
"sku": "[parameters('windowsOSVersion')]",
"version": "latest"
},
"osDisk": {
"name": "[variables('OSDiskName')]",
"vhd": {
"uri": "[concat('http://',parameters('storageAccountName'),'.blob.core.windows.net/',variables('vmStorageAccountContainerName'),'/',variables('OSDiskName'),'.vhd')]"
},
"caching": "ReadWrite",
"createOption": "FromImage"
},
"dataDisks": [
{
"name": "[variables('dataDisk1VhdName')]",
"diskSizeGB": "[variables('sizeOfDiskInGB')]",
"lun": 0,
"vhd": {
"uri": "[concat('http://',parameters('storageAccountName'),'.blob.core.windows.net/',variables('vmStorageAccountContainerName'),'/',variables('dataDisk1VhdName'),'.vhd')]"
},
"createOption": "Empty"
}
]
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',variables('nicName'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": "true",
"storageUri": "[concat('http://',parameters('storageAccountName'),'.blob.core.windows.net')]"
}
}
}
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(parameters('vmName'),'/',parameters('vmExtensionName'))]",
"apiVersion": "[variables('apiVersion')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', parameters('vmName'))]"
],
"properties": {
"publisher": "Microsoft.Azure.Security",
"type": "IaaSAntimalware",
"typeHandlerVersion": "1.1",
"settings": {
"AntimalwareEnabled": "true",
"Exclusions": {
"Paths": "C:\\Users",
"Extensions": ".txt;.mdf;.ldf",
"Processes": "taskmgr.exe"
},
"RealtimeProtectionEnabled": "true",
"ScheduledScanSettings": {
"isEnabled": "true",
"scanType": "Quick",
"day": "7",
"time": "120"
}
},
"protectedSettings": null
}
}
]
}
0 件のコメント:
コメントを投稿