az sf managed-node-type vm-secret

Managed vm secrets on a node type on managed clusters.

Commands

az sf managed-node-type vm-secret add

Add a secret to the node type.

az sf managed-node-type vm-secret add

Add a secret to the node type.

az sf managed-node-type vm-secret add --certificate-store
                                      --certificate-url
                                      --cluster-name
                                      --name
                                      --resource-group
                                      --source-vault-id
                                      [--subscription]

Examples

Add certificate to the node type as a secret.

az sf managed-node-type vm-secret add -g testRG -c testCluster -n snt --source-vault-id /subscriptions/XXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/testRG/providers/Microsoft.KeyVault/vaults/testkv --certificate-url https://testskv.vault.azure.net:443/secrets/TestCert/xxxxxxxxxxxxxxxxxxxxxxxx --certificate-store my

Required Parameters

--certificate-store

Specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account.

--certificate-url

This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see [Add a key or secret to the key vault](https://docs.microsoft.com/azure/key-vault/key-vault-get-started/#add). In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8:

{
"data":"",
"dataType":"pfx",
"password":""
}/.

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--name --node-type-name -n

Node type name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

--source-vault-id

Key Vault resource id containing the certificates.

Optional Parameters

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.