-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Trusted launch VMs] Gen1 VM to Trusted launch upgrade support #29007
Comments
Thank you for opening this issue, we will look into it. |
@AjKundnani Sorry, as this sprint is already fully planned, could we schedule it in the next sprint? The estimated release time is |
@zhoxing-ms - That works, thanks. |
Preconditions
Related command
az vm update --security-type
Resource Provider
Microsoft.Compute/virtualMachines
Description of Feature or Work Requested
Azure Gen1 VM to Trusted launch Upgrade
Virtual machine API now supports upgrade of existing Azure Gen1 VMs to Trusted launch in private preview (AFEC Name:
Gen1ToTLMigrationPreview
).ASK: Request to unblock
az vm update
command to set--security-type
toTrustedLaunch
if VM is Gen1 VM. This will allow customers to upgrade their Gen1 VMs to Trusted launch using CLI.az vm update
az vm update -n win2019vm01 -g testrg --security-type TrustedLaunch
User receives following error
Trusted Launch security configuration can be enabled only with Azure Gen2 VMs. Please visit https://learn.microsoft.com/en-us/azure/virtual-machines/trusted-launch for more details
az vm update -n win2019vm01 -g testrg --security-type TrustedLaunch
--enable-secure-boot
and--enable-vtpm
totrue
by default unless specified by user.Gen1ToTLMigrationPreview
is registered for subscription, API will execute control plane operation and update following VM properties:
Else API returns error response as operation not supported for given subscription.HyperVGeneration
:v2
securityType
:TrustedLaunch
secureBoot
: as per default/user valuevTPM
: as per default/user valueNOTE
Gen1ToTLMigrationPreview
is currently set to private, i.e., engineering team needs to on-board subscription manually. This AFEC will be made public during public preview release.--enable-secure-boot
and--enable-vtpm
should be set totrue
by default. User provided values take precedence over defaults.Minimum API Version Required
2023-07-01
Swagger PR link / SDK link
NA
Request Example
NA
Target Date
2024-06-30
PM Contact
ajkundna
Engineer Contact
poaggar
Additional context
Gen1 to Trusted launch upgrade support is currently in private preview.
Public preview is tentatively targeted for July 2024 release.
The text was updated successfully, but these errors were encountered: