Dmitry Porotnikov / Deploy CSE (Custom Script Extension) using Managed Identity to authenticate against storage account where script is stored on existing running VM

Created Tue, 22 Aug 2023 15:48:56 +0000 Modified Tue, 22 Aug 2023 15:48:56 +0000
82 Words

Deploy CSE (Custom Script Extension) using Managed Identity to authenticate against storage account where script is stored on existing running VM

resource vm 'Microsoft.Compute/virtualMachines@2022-04-01' existing = {
  name: 'YOURVM'
}

@description('Location for all resources.')
param location string = resourceGroup().location

resource extension 'Microsoft.Compute/virtualMachines/extensions@2021-07-01' = {
  parent: vm
  name: 'CustomScriptExtension'
  location: location
  properties: {
    publisher: 'Microsoft.Compute'
    type: 'CustomScriptExtension'
    typeHandlerVersion: '1.10'
    autoUpgradeMinorVersion: true
    settings: {
    }
    protectedSettings: {
      commandToExecute: 'powershell -ExecutionPolicy Unrestricted -File testscript.ps1' 
      managedIdentity: { clientId: '0000-0000-0000-0000'}
      fileUris: [
        'https://YOURSA.blob.core.windows.net/scripts/testscript.ps1' 
      ]
    }
    
  }
}